Not connected, Your IP: 216.73.216.140
Online: 41008 users - 484200 Mbit/s total BWAll Activity
This stream auto-updates
- Past hour
-
-
-
-
-
- Today
-
-
-
-
-
-
- Yesterday
-
Youtube is asking for login now over all new UK servers.. What a pain in the arse Youtube is. Any ideas? I hate creating a google account only for that
-
I need more features but I do stick with AirVPN! Please give us dark mode, an easy way of doing split tunneling as well and maybe sort out something so tailscale can work side by side so we can have our computer meshes working outside the tunnel!
-
-
-
yes that would be amazing actually So maybe an Eddie feature that completely leaves the Tailscale adapter off the equation?
-
Hello! The idea is correct, but you must omit --interface option for the previously explained reasons. However this is a necessary but not sufficient condition to prevent traffic leaks. Binding qBittorrent to the VPN interface is a perfect solution. Our software Network Lock feature is another one. You may apply both settings for additional safety. Please note that some qBittorrent versions could handle only IPv6 or only IPv4 traffic, but we think that qBittorrent devs resolved this limitation recently. Kind regards
-
Hi Staff! Thanks for the reply; as another user posted, I also missed the update on the Announcements topic. However, one thing I'd like to ask regarding these numbers: do they represent a switch from OpenVPN to Wireguard by already existing users, or is this due to the fact that a big number of new users joined the service and started with WG by default for their connections? Not to make a counter argument, it's just that it could be a combination of causes for the % decline of active OpenVPN users. Anyway, it's always good to have both options available, so we'll patiently wait for 2027 hoping to get the new shiny OpenVPN. Thanks again for the replies!
-
ANSWERED Configuring White listed servers and traffic splitting
0bacon replied to 0bacon's topic in AirVPN Suite
Ok, my bluetit logs are attached. /etc/airvpn/bluetit.rc has all the default settings. I've only been working with ~/.goldcrest.rc. While goldcrest -O connects to the best performing vpn server, I still don't have a connection. I suspect that it has something to do with the push dns rejected message, could you explain to me in simplest terms what that is? I see the option to ignore the dns push but I don't actually know what it does, or if its even safe. Thanks in advance. (I should also mention that in my firewalld.conf, I have NftablesTableOwner=no.) bluetit -
-
Not going to add any technical input to this convo but as a former hardline openvpn user on a pfsense box the speed difference was night and day when i made the switch. I also think that we have to give them credit for keeping Openvpn as an option since the numbers are low they are putting technical effort on a very low percentage of users. That's why i love airvpn they choose provide for any both services and not make it a financial or technical issue. If they are not the latest is for a reason, if that is not good for you, there's always a choice to leave.
-
Thanks for your replies. We're reaching the limits of my networking knowledge, so I hope what I say is not too much nonsense. > You must not specify the VPN interface: the interface must manage an IPv4 tunnel. I use wireguard to create a new network interface which is not the default one. This way, I can choose to use this interface in qbittorrent and nicotine+ (both p2p file sharing clients). If I curl without specifying the network interface, it defaults to my enp12s0 interface, and fetching ip.network yields my ISP-given public IPv4 with -4 and my ISP-given public IPv6 with -6. nicoco@tour ~> curl ip.network -4 82.66.XX.XX nicoco@tour ~> curl ip.network -6 2a01:e0a:f09:XX:XX:XX:XX:XX Specifying the interface with the wireguard one works as (I) expected for IPv4 nicoco@tour ~> curl ip.network --interface airvpn -4 185.156.XX.XX But fails for IPv6: nicoco@tour ~> curl ip.network --interface airvpn -6 curl: (7) Failed to connect to ip.network port 80 after 25 ms: Could not connect to server Now, I don't really care about curl, the reason I investigated this was that I noticed that a torrent tracker I use reported my ISP-provided IPv6, despite specifying in qbittorrent settings that I want qbittorrent to only use the airvpn interface. I worked around the issue by forcing qbittorrent to use the airvpn interface AND to bind to the airvpn (local) IPv4 (10.169.139.176) only. But ideally, I would love to be able to use both IPv4 and IPv6 in qbittorrent, through airvpn. My idea was that getting curl -6 --interface airvpn ip.network to yield airvpn's public IPv6 was the first step to verify that my setup is working correctly. But maybe this does not work the way I thought it did, and it's more complicated than that? ^^
-
Hello! Well, the problem seems different though... the OP should be able to enjoy IPv6 over an IPv4 tunnel with the published configuration file. @nicoco First of all, there is an error in how you use curl. You must not specify the VPN interface: the interface must manage an IPv4 tunnel. IPv6 must be wrapped over it. If you bind curl to the VPN interface, you bypass the routing table and you prevent the system from picking the correct source IPv6 address. You don't see this problem with curl -4 --interface <VPN interface> probably because there is no ambiguity in selecting IPv4 source address when curl binds to the VPN interface, in spite of the routing table bypass (i.e. lucky case). Just omit this option and you should be fine (alternative: follow @Tech Jedi Alex solution, you will have an IPv6 tunnel over which you can tunnel IPv4 too and the problem could be "specular" with v4 when you use curl). Side note: the option --interface is not supported in Windows. If the problem persists: are you sure that your curl -6 tests are directed toward an IPv6 HTTP supporting service? Try https://ipv6.google.com for a cross-check, and ping6 too. If the problem still persists, please make sure that IPv6 support is enabled on your system and your network interfaces. Kind regards
-
Hello! Well, not totally true thanks to SIMD, especially AVX and AVX-512. AVX is commonly available on CPUs since 2011, while AVX-512 came out around 2016. By the way: WireGuard already saturates our servers (2.6 Gbit/s per client on the server, recently...) so the physical limit of our lines is reached before kernel performance becomes a problem. We would also like to see how the new DCO beats properly configured WireGuard on real life usage, not from a paper written by the same DCO developer. But anyway DCO changed incarnations and compatibilities many times. Having followed each iteration at the beginning, we wasted a significant amount of time and this situation had to be ended. No more, thank you... we are inclined to use the NEW DCO only when we have our infrastructure running on a mainline kernel that includes the module (in other words, starting from Debian 14, which is due to be released in 2027). On the other hand we also acknowledge the decision of important competitors to drop OpenVPN completely in the recent past. It's a delicate matter that we must take into consideration. Additionally, OpenVPN keeps a relevant superiority over WireGuard with some important features: DHCP enabled, ability to connect over SSH and TLS additional tunnels, and over socks and http proxies. But we do not need DCO for such strategic options (which by themselves hit performance heavily) so its adoption is not compelling. Our customers' choice is clear: OpenVPN usage dropped from 80% to 23% in just a year and a half. Note that just two weeks ago we had 24%, now it's 23%, the decline is fast. So what? DCO is not a replacement for blocks circumvention and does not feature AmneziaWG abilities, including CPS, handshake and payload packets padding, junk packets. We see DCO as a WireGuard competitor, but not at all as an AmneziaWG alternative, which in turn is aimed at lower performance for better blocks circumvention. Kind regards
-
OpenVPN DCO, plans to update?
oassQ9w4cbl4AySZhhth%p36x replied to pHxaq's topic in General & Suggestions
thank you, yes i missed that update the forums do not notify when you modify the thread. disappointing decision though. AES-NI support and using AES-GCM is better for computer to computer communication and openvpn DCO outperforms wireguard by quite some margin, especially when tuned properly. AmneziaWG is good but also most things do not support it. For most people they just want the best throughput for the lowest overhead which up until openvpn DCO was wireguard. now it is not. -
-
Hello! We're not ignoring it, did you read the update on the first message of this thread? Kind regards
-
.thumb.png.8be84fd39f94c1640ac8c5456fbf3449.png)
ANSWERED Configuring White listed servers and traffic splitting
Staff replied to 0bacon's topic in AirVPN Suite
Hello! Note: we asked for the Bluetit log and you never sent it. In this case it's no more necessary because there is no problem at all, but in the future you should reply to requests, otherwise you prevent us from supporting you properly. This is expected and correct. air-server option requires a server name, not a list. If you want to define a list of servers you need air-server-white-list option, which expects a list of server names separated by a comma. When you define a white list of server, leave air-server commented out and do not specify it in the command line. The software will pick the "best" server among the white listed ones. As a peculiar case, when you invoke Goldcrest you can still specify --air-server <server name> just in case you want a connection to a specific server included in the white list. However, you can not force a server that's not in the white list. Nothing in /etc/airvpn/bluetit.rc must contradict goldcrest.rc as Bluetit directives and policy, that can be enforced only by root, take precedence. Kind regards -
OpenVPN DCO, plans to update?
oassQ9w4cbl4AySZhhth%p36x replied to pHxaq's topic in General & Suggestions
https://netdevconf.info/0x16/papers/27/ovpn-dco.pdf yep some pretty interesting results, praying @Staff stop ignoring it. - Last week
-
-
Hello Staff team, as OpenVPN 2.7 and the latest Linux Kernel 6.16 have now streamlined the integration of the ovpn driver, DCO has become the new performance standard. OpenVPN Data Channel Offload (DCO): The Definitive Guide to the Performance Boost Making OpenVPN The Fastest VPN Protocol Other companies such as ExpressVPN and Norton VPN have already integrated DCO to offer their users these performance gains. Implementing this would keep your service competitive and provide a much smoother experience for those of us who prefer the OpenVPN protocol for its maturity and security. Do you have OpenVPN DCO on your current technical roadmap? I look forward to hearing your thoughts on this. Kind regards.
-
ANSWERED Wireguard for ipv6
Tech Jedi Alex replied to nicoco's topic in Troubleshooting and Problems
Please refer to the FAQ. ch.vpn.airdns.org only resolves to v4. Use ch.ipv6.vpn.airdns.org for v6. -
ANSWERED Configuring White listed servers and traffic splitting
0bacon replied to 0bacon's topic in AirVPN Suite
hello, I'm giving this another try. I am working with the .goldcrest.rc to choose the air-server of my choice. I want to connect to chicago servers. I have air-server Fang,Kruger,Meridiana,Praecipua,Sadalsuud,Sneden,Superba goldcrest -O gives ERROR: AirVPN Server "Fang,Kruger,Meridiana,Praecipua,Sadalsuud,Sneden,Superba" does not exist. -
I have both set up on my dd-wrt router. Wireguard is way faster, and its connections are more stable. With OpenVPN I end up changing servers due to performance issues multiple times per week, but that's really rare with wireguard. Seems to handle a loaded server better.
-
Hi! Is wireguard supposed to work for IPv6? If yes, what is wrong with my config? [Interface] Address = 10.169.139.176/32, fd7d:76ee:e68f:a993:743d:617f:b79:27d7/128 PrivateKey = XXX MTU = 1320 Table = off [Peer] PublicKey = XXX PresharedKey = XXX Endpoint = ch.vpn.airdns.org:1637 AllowedIPs = 0.0.0.0/0, ::/0 PersistentKeepalive = 15 This works fine for IPv4, I can curl --interface airvpn ip.network and it returns the airvpn IP. But if try curl -6 I get curl: (7) Failed to connect to ip.network port 80 after 25 ms: Could not connect to serv er. Is this a config issue on my side, or doesn't airvpn work for ipv6 via wireguard? Thanks.
-
Wireguard is faster than OpenVPN less overhead, really depends on you openwrt hardware
-
-
Hi, I’m setting up AirVPN on a router (OpenWrt) and trying to decide between WireGuard and OpenVPN. I’m mainly looking for the best performance and stable connection. What are your experiences with both on routers?
-
Close Eddie, reopen, try a connection once, then provide a system report instead of the logs only..
-
Eddie Android edition 4.0.0 preview available
37kay042 replied to Staff's topic in News and Announcement
They said earlier that it is coming to other platforms, but can't help but wish for it to come soon. SSH>TCP and SSL>TCP works so far, but some servers are weird in terms of speed and being able to connect on some days. Hopefully amnezia support for pc comes soon. -
-
-
-
-
RTFM
-
Are you saing that "goldcrest --disconnect" or "goldcrest --pause" plus "sudo systemctl stop bluetit" will give me Internet without VPN? If confirmed I'll tray Suite again. Q, "This is not true, and anyway it's not buggy" - so why I had to remove modified /etc/resolv.conf file? Shouldn't uninstall do that? Q, "Probably you have not understood the "issue" so far" - please elaborate! I love learning.
