Leaderboard

Silly to apologize for not doing a thing you're not obligated to do. Take your time.

Hello! We're very glad to inform you that four new 10 Gbit/s full duplex servers located in New York City are available: Muliphein, Paikauhale, Terebellum, Unukalhai. They have replaced Haedus, Iklil and Lich with more powerful hardware and higher overall bandwidth. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 UDP for WireGuard. Haedus and Iklil support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor by clicking the names of the servers. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

This is fine. Thanks for the info. This is what was confusing me and I suppose the timing was just coincidental, rather than M247 having for instance better DDoS mitigation.

I understand this may be out of your hands but from my perspective I miss Haedus dearly at the moment 😥

@Staff - Is there a specific reason for why these attacks are only impacting the Tzulo New York servers, for example, if it is a DDoS, someone chose to only DDoS those? What is confusing me is the possible motive behind this attack and reasons for it to occur. I see two possibilities, either: (a) an attacker for some reason, now exactly when the servers were changed over, is targeting the new infrastructure, and no other servers that I am aware of, or (b) the same attacks were ongoing to target the old M247 New York servers but were unsuccessful. I would appreciate more transparency into what is going on given these issues. I have especially noticed there is usually at least 1 working server out of the 4, but which one is working seems to change, so I am unsure if that is staff temporarily mitigating the issue, or the attacker (in the case of DDoS) having limited resources and switching around the targets. If these attacks remain ongoing I may switch to another datacenter/city server entirely but am trying to avoid that for now because I would incur a latency and perhaps bandwidth penalty compared to the New York servers, when those are at normal performance. I understand the option to use country/continent configs (currently I use ones set to a specific server), but that does not fix the issue if a server goes down due to an attack for an extended period of time, and would require still manual intervention on my part. EDIT: Of course just a few minutes after posting this the only working server now has high packet loss, and operations that were going on on one of my clients connected to it have now failed. The point still remains: the ongoing attacks make the servers unusable.

Same - capacity in the northeast US is currently in really bad shape. Seems like all servers in new york are showing reoccurring hours-long outage and PA has one server that is taking a huge bandwidth hit. I'm not sure there is any diversity in providers in this region or what that looks like as a whole. The PA server is a different upstream company than the new york servers, i do know that.

It shows these 4 servers are having High packet Loss right now. Is there another thread on resolution for these or an ETA? I used to use Lich which was solid but i've been noticing problems on these 4. Only Paikauhale and Unukalhai were resolving DNS yesterday while the other two weren't. Today all 4 are having issues. Not sure if this is a step up or step down.

I am noticing the same performance issues. As a quick real-world test, I set up a torrent between a torrent client connected to 1 of the 4 servers and another torrent client connected to one of the other 4 servers. The speeds as indicated in the screenshot below (this is from the uploading client) barely got above 3 MB/s. In previous tests that I did following this same methodology using the M247 servers when they were active, I was able to see speeds of usually 8-10 MB/s. I also downloaded an Ubuntu ISO via BitTorrent on one of the clients. Using this as a test I was able to see download speeds above 25 MB/s for the torrent as a whole, and for a single peer, up to 13 MB/s. Possibly as @ScanFarer stated, this could be worse routing from my ISP to Tzulo, whereas the route from Tzulo to my ISP seems to be fine based on the download speed observed for the Ubuntu torrent.

Looking for the same in CHICAGO area always busy! around 70-90% nowadays!

These replacement servers are extremely slow and only appear to have only 20% the speed of the previous NYC servers (Haeduis, Ikill, etc). What gives????

Hello! We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Los Angeles, California, are available: Maia, Sarin, Xamidimura. They have replaced Groombridge, Saclateni and Teegarden with more powerful hardware and higher overall bandwidth. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 UDP for WireGuard. Haedus and Iklil support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor by clicking the names of the servers. Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Team

Hello! Some customers have contacted the support team asking for a comment on the port shadow attack described in CVE-2021-3773 and brought into the spotlight for the umpteenth time during the Privacy Enhancing Technologies Symposium 2024: https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/ To explain why, unlike many other VPN services, AirVPN is not vulnerable to various attacks under the generic port shadow umbrella, please download the new paper and read below while watching table 2 on page 121: in our infrastructure public entry-IP addresses and public exit-IP addresses are not the same (M6). This is an absolute protection against ATIP, connection inference, and port forwarding overwrite and also makes port scan impossible (another reason for which port scan is impossible is given by additional isolation, see the end of the message) per-host connection limit is enforced (M3) making eviction re-route extremely difficult if not impossible static private IP address is implemented (M2) with WireGuard (it can be changed by explicit key renewal user's action) and highly likely with OpenVPN as long as the user connects to the same server with the same key, another (redundant) protection against port scan In our infrastructure additional protections are in place. We prefer not to disclose them all at the moment, we will just mention the block of any communication between nodes in the same virtual network either through private or public addresses. That's why, unlike any corporate VPN with shared resources, you can't contact any service inside the VPN (except the DNS), not even your own, from a machine connected to the same VPN in our infrastructure. Decapsulation as described on the paper is doomed to fail for this isolation/compartmentalization and this is also another reason for which port scans are not possible. TL;DR AirVPN infrastructure, according to the current state of the art in remediation and mitigation by security researchers as well as paper authors, is not vulnerable to the attacks described under the port shadow umbrella in this new paper. Kind regards & datalove AirVPN Staff