Leaderboard

Hello! We inform you that the following servers in Latvia: Meissa Phact Schedir Shaula have become suddenly nonoperational because the upstream of our provider blocked all traffic. They should come back online within a couple of days, due to new deals with a new transit provider. However, all IP addresses will change. We have decided that this is a good moment to switch to new lines and servers: we are changing the previous 100 Mbit/s lines with 1 Gbit/s lines and ports, and replacing the hardware with more powerful CPU. The four 100 Mbit/s servers will be replaced by three 1 Gbit/s servers. Location will not change, the new servers will be in Riga. We should be able to announce the new servers in the next days. EDIT 2022/02/02: replacement has been completed. Kind regards and datalove AirVPN Staff

Is it normal that the Windows is sending a lot of junk packets into the Wireguard network interface? I checked with Wireshark and I was seeing NetBIOS, LLMR, LDP etc. IGMPv6 etc. packets being sent into the tunnel. Not sure any of these have privacy implications but I don't think they should be sent into the tunnel, they don't really make sense when the interface is really just Point to Point. I did the two following things manually which actually stopped all the weird/junk traffic: 1. disable all superfluous Microsoft "items" on the tunnel interface "Client for Microsoft Networks" -> local broadcast discovery packets (?), there are no devices to discover "File and Printer Sharing" -> obviously useless junk, there are no printers in the tunnel link-local network LLDP-related options -> probably pointless in a point-to-point interface too 2. explicitly disable NetBIOS on the interface (from Administrator prompt) wmic nicconfig get caption,index,tcpipnetbiosoptions wmic nicconfig where index=<WireGuard NIC index> call settcpipnetbios 2 However, because this interface is ephemeral, changes do not stick Could these settings be performed by Eddie or WireGuard-NT in some automated way when creating the tunnel interface, at least optionally? Otherwise the only option is to go back to using the WinTun userspace version again (which does not seem possible in "Preferences"), or to OpenVPN, because those interfaces are not recreated on every reconnect. In general, I see no reason not to disable all of these "extra" things that Windows sends into the tunnel by default. Maybe NetBIOS could stay as something that can be disabled optionally (though I think 99% of windows users don't need NetBIOS on their Internet-facing adapter in any case). These current settings allow lot of junk packet traffic (5-10 packets per second), but it might also be concerning from a privacy point of view (though I don't know enough about these protocols to say for sure). Also, on a laptop, it doesn't seem good for battery life that all these junk packets are constantly saturating the wireguard interface (they keep WiFi/5G awake).

@r34lity23 Hello! Please make sure to accept packets to and from the bootstrap servers. You can find their IP addresses in /etc/airvpn/bluetit.rc file - bootserver directives. Kind regards