ms2738 5 Posted ... On 12/5/2018 at 11:57 AM, benfitita said: `remote-random` config generator allows you to have one .ovpn profile that can connect to a random server in one/multiple countries. Awesome thanks for this! I tried to use it only to realize it's for OpenVPN not Wireguard. Why does anyone still use OpenVPN anyway? Can you make a Wireguard version or explain how to use? Also, the button for max bandwidth doesn't seem to work. When I clicked 20000 I should get everything under that right? Instead it gives me noting, probably because there ARE none in my area? Quote Share this post Link to post
benfitita 39 Posted ... You're welcome. There're some use cases for OpenVPN, like better privacy. It takes some effort to achieve the same with vanilla Wireguard (which is what AirVPN serves). Unfortunately Wireguard doesn't have a mechanism similar to OpenVPN `remote-random` directive. I was thinking one day that probably you could achieve the same for Wireguard by creating your own `A` DNS record with all IPs of servers that interest you (aka domain or subdomain). DNS should serve these records in a random order, so Wireguard peer will be random as well. But that could be a privacy issue, because you need to control this domain and I'm not sure it's possible to have an anonymous domain these days. Maybe other folks have some ideas how to overcome that problem. AirVPN has country-level DNS entries, but these I think give you only their "top" server, so it's semi-random. There's a small quirk with Wireguard. If VPN connection fails, it doesn't attempt to resolve the peer hostname again, but keeps trying the same IP only. There're some wireguard_watchdog scripts included in OpenWRT and perhaps elsewhere that mitigate this by tracking VPN connection status and, when down, forcing Wireguard to resolve the peer hostname again, which eventually could switch you a working server. Currently there's only a bunch of 20 Gb/s servers: * Bulgaria/Sofia/Wazn * Canada/Toronto, Ontario/Wurren * Netherlands/Alblasserdam/Dalim * Sweden/Stockholm/Ain * Switzerland/Zurich/Xuange * United States/New York City/Haedus Quote Share this post Link to post
Staff 9971 Posted ... @benfitita Hello! You might check what happens with WireGuard when you have multiple addresses for a single host in the hosts file. gethostbyname or getaddrinfo will return all the addresses, same identical effect as multiple A records in DNS for a qualified domain name. So if you think that DNS resolution can be good for this use case, then you don't need DNS and FQDN, but you can just edit the hosts file. It remains to be seen which address WireGuard picks when the resolution returns an array or a linked list of addresses. Kind regards 1 benfitita reacted to this Quote Share this post Link to post