Jump to content
Not connected, Your IP: 18.206.238.176
twelvesky

Slow Torrent speed and weird connection drops

Recommended Posts

Posted ... (edited)
On 1/11/2020 at 5:47 AM, giganerd said:


There is one thing you absolutely need to do: Bind qBittorrent to your TAP adapter! In Advanced section, look for a "Bind to interface" setting and select the TAP adapter from the drop-down menu when you're connected.
This causes qBittorrent to only use the TAP adapter when talking to the outside world, and if that adapter is not in a connected state it won't be able to talk. Easy. It's like a kill switch: If the connection dies, all connections of qB die. If you reconnect, qB will reconnect to peers.
 
In Speed section, set your max upload to whatever your uplink is you're subscribed to, -10%. The "problem" you might be facing is that a connection between computers is a two-way street. When you're downloading packets, you're also sending packets back which ACKnowledge that you received the package. As your download throughput increases, so does the amount of ACKs sent back. Plus, if other clients download from you, the bottleneck is perfected.
If you carelessly ignore the max upload setting, you allow the torrent client to fill your uplink with packets.


Hi, hope you don't mind me tagging you - you seem very knowledgeable and generous in responding.

I have read quite a few of the threads on torrenting, however some appear quite old and am not sure of their relevance today.

New to vpn and torrenting. Not very computer literate.

Using w10 and qbittorent and eddie client.

 

Regarding the one thing you absolutely need to do - binding the network interface.

At ipleak.net, the only ip and dns address shown are the airvpn server address (exit address?), webrtc shows no leak (disabled in browser), layeripv6 blocked in eddie 'networking menu', network lock set to automatic and padlock in locked position on eddie ui (although allow lan/private, ping - default setting?) and in qbittorrent tools>options>advanced, network interface 'bind' set to what appears to be the network that is the tap network, as opposed to the physical network card that came with the comp.

For a day or so the qbittorrent network interface 'bind' was only set to 'any interface'.

Then and now the torrent detection test at ipleak.net only showed the respective airvpn server address and the port forwarded through airvpn. During the day or so there did not appear to be vpn disconnections. Does this mean that for the day or so it was set to 'any interface', it would likely only be showing the airvpn server and forwarded port as appeared during the ipleak.net test (done when set to both the any interface option and the tap network option)?

Further, is the above sufficient, broadly speaking, to restrict real ip address appearing during torrenting.

I hope the above is set out in a clearly understandable way and would appreciate your response.

thankx.

Edited ... by zeedatrup
added text

Share this post


Link to post
7 hours ago, zeedatrup said:

Does this mean that for the day or so it was set to 'any interface', it would likely only be showing the airvpn server and forwarded port as appeared during the ipleak.net test (done when set to both the any interface option and the tap network option)?


If you were connected the whole time, yes. All traffic is routed through the AirVPN server regardless according to the kernel routing table (in a command prompt or PowerShell, enter route print to see what I mean).
 
7 hours ago, zeedatrup said:

Further, is the above sufficient, broadly speaking, to restrict real ip address appearing during torrenting.


For torrenting it's even sufficient to connect to AirVPN and bind to the VPN interface in the torrent client. NetLock is for those who don't want any app to access the internet outside the tunnel.

By the way, they're not the same features: One tells the client which interface is to be used explicitly (so it's only for the torrent client), the other adds firewall rules to actively block outgoing connections to the world if not going through the tunnel (so it's for all apps on the PC, including the torrent client). I think they're not standing in each other's way if you want to use both, it's more like a redundancy.

» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post
Don't use Deluge. For whatever reason which I have not had time to properly investigate it gives you away and you get replay attacks.
The following torrent clients run fine for me:
Also change the TCP port you have mapped quite frequently.

And check you're not getting DNS leaks:

sudo tcpdump -i tun0 -n "port 53"

 


If you see any other IP address than the AirVPN DNS server you have leaks

Share this post


Link to post
@wintermute1912

If traffic passes through the tun interface it's in the tunnel, so even if you want to reach 3rd parties DNS servers, the queries and their replies are tunneled, it's not a DNS leak. Even worse: in this way you will never find DNS leaks, even if they are really occurring.

To verify effectively you need to check traffic from the physical network interface. Unencrypted DNS queries from the physical network interface, if not blocked by the firewall, hint to DNS leaks for real.

Kind regards
 

Share this post


Link to post
On 3/5/2020 at 1:11 AM, Staff said:
@wintermute1912

If traffic passes through the tun interface it's in the tunnel, so even if you want to reach 3rd parties DNS servers, the queries and their replies are tunneled, it's not a DNS leak. Even worse: in this way you will never find DNS leaks, even if they are really occurring.

To verify effectively you need to check traffic from the physical network interface. Unencrypted DNS queries from the physical network interface, if not blocked by the firewall, hint to DNS leaks for real.

Kind regards
 

Perhaps not but if you have connected to a VPN server using its hostname you've told your ISP which VPN provider you use and it's not entirely inconceiveable traffic pattern analysis could correlate DNS queries originating from known VPN public IP addresses to your account.

Not sure about the second part. update-resolv-config ensures DNS resolution through the VPN's DNS server only on tun0 interface. The only traffic originating from my physical adapter is directly to the OpenVPN server and back again. There's nothing else.

Share this post


Link to post

If you're using Windows 10 run netstat the next time Eddie is connected and you'll see an established connection between the internal LAN IP address of your PC and the Microsoft telemetry server. #yikes

Haven't tried on macOS but doubtless it does the same.

I really don't believe it's possible to be 100% certain all your traffic is being routed through the VPN on Windows or macOS. They're just too sneaky.

Share this post


Link to post
1 hour ago, wintermute1912 said:

If you're using Windows 10 run netstat the next time Eddie is connected and you'll see an established connection between the internal LAN IP address of your PC and the Microsoft telemetry server. #yikes


Hello!

Yes, already checked in another thread months ago, no traffic leaks. Remember that Windows does not reset sockets when routing table and default gateway change but Network Lock prevents leaks. Specifically tested for telemetry service.
 
1 hour ago, wintermute1912 said:

I really don't believe it's possible to be 100% certain all your traffic is being routed through the VPN on Windows or macOS. They're just too sneaky.


Firewall rules ensure no traffic leaks but then again you might have processes from the manufacturer that secretly modify the system packet filtering table and then restore them without leaving traces. It's not rational running a closed source Operating System nowadays but that's what most people prefer (at least in the Desktop market), so we provide solutions to minimize risks.

Kind regards
 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...