Leaderboard

Hello! We are very pleased to inform you that we are taking the necessary steps to completely renovate our infrastructure in the United Kingdom. The current servers will be dismissed and replaced by six 10 Gbit/s servers with newer and much more powerful hardware. Each 10 Gbit/s server will be connected to a full duplex 10 Gbit/s dedicated line and port. Each new server replaces 2.5 current 1 Gbit/s servers in order to increase remarkably the available bandwidth per connected client. At the end of the upgrade, UK will offer a theoretical peak of 60 Gbit/s (full duplex) instead of the current 15 Gbit/s, through adequately powerful servers. According to our plan, three servers will be located in London and three in Manchester. The new servers will start operations around 19-22 February 2026. Current 1 Gbit/s servers will cease operations on the night between 28 February and 01 March (UTC). Any plan changes and/or delays will be communicated promptly. Kind regards & datalove AirVPN Staff

@thetechnerd @MikeHawkener Hello! Some additional related information that may be valuable for you both. When you run OpenVPN: the assigned VPN IP address depends on the daemon of the VPN server you connect to. Each one lives in a separated /24 subnet somewhere inside 10.0.0.0/10 When you run WireGuard: WireGuard lacks any DHCP feature it lives in a unique, gigantic 10.128.0.0/10 subnet throughout the whole AirVPN infrastructure the VPN IP address of each node is linked permanently to the node's key and it is unique in the whole WireGuard address space thus you will have always the same VPN IP address when you use the same key and you don't renew it, no matter which VPN server you connect to Kind regards

https://www.phoronix.com/news/OpenVPN-2.7-Released Quick snippet from the article: "The OpenVPN 2.7 user-space can also work with the OpenVPN DCO kernel module for data channel offload that was upstreamed into the Linux 6.16 kernel in enhancing the OpenVPN performance. The OpenVPN DCO kernel driver performance yields some nice gains as the project recently showcased."

Hello! Starting from February 1st, 2026, Debian (e.g. Trixie) enforces stricter OpenPGP policies and no longer accepts repository signatures involving SHA1-based certifications. As a result, users may see errors such as: Get:4 http://eddie.website/repository/apt stable InRelease [3,954 B] Err:4 http://eddie.website/repository/apt stable InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on C181AC89FA667E317F423998513EFC94400D7698 is not bound: No binding signature at time 2025-01-14T13:07:46Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Warning: OpenPGP signature verification failed: http://eddie.website/repository/apt stable InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on C181AC89FA667E317F423998513EFC94400D7698 is not bound: No binding signature at time 2025-01-14T13:07:46Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Error: The repository 'http://eddie.website/repository/apt stable InRelease' is not signed. Notice: Updating from such a repository can't be done securely, and is therefore disabled by default. Notice: See apt-secure(8) manpage for repository creation and user configuration details. This was caused by an outdated signing key certification used by the repository. Solution The repository signing key has been regenerated and the repository is now correctly signed again. To restore updates, please re-import the updated maintainer key: curl -fsSL https://eddie.website/repository/keys/eddie_maintainer_gpg.key | sudo tee /usr/share/keyrings/eddie.website-keyring.asc > /dev/null Then run: sudo apt update Sorry for the inconvenience, and thanks for your patience. Kind regards

Hello! Please see here: https://airvpn.org/forums/topic/79065-eddie-desktop-apt-repository-signing-key-update/ Kind regards

Hello! No need for MSS clamping when using WireGuard, just modify the MTU if necessary. Since MSS clamping 1. becomes necessary only when you can't modify MTU, 2. needs packet mangling (WireGuard does not expose any option for it) and 3. requires anyway a server side modification, just operate through MTU. (*) In OpenVPN (only when working over UDP), where networking management is a bit different, you can seriously consider the mssfix directive if you have any "fragmentation" problem that causes packet loss and poor performance. mssfix announces to TCP sessions running over the tunnel that they should limit their send packet sizes such that after OpenVPN has encapsulated them, the resulting UDP packet size that OpenVPN sends to its peer will not exceed max bytes. See also OpenVPN manual: https://openvpn.net/community-docs/community-articles/openvpn-2-6-manual.html In Eddie you can add custom directives for OpenVPN in "Preferences" > "OVPN Directives" window. (*) EDIT: there is a special case where MSS clamping becomes necessary with WireGuard too, although it is a consequence of bad PMTUD handling. If an intermediate link doesn’t correctly handle PMTUD (Path MTU Discovery), TCP packets larger than the tunnel MTU may be dropped, and the client will observe hanging connections or stalled downloads, possibly only for certain destination. In this case MSS clamping helps for sure. Kind regards

Singapore needs a 10G server. All the servers are very congested and are super slow. Thank you.

Other VPN clients support this functionality. I don't know how it's done on the technical side. But Eddie's development on PC seems to have been abandoned. Last update is from almost a year ago. So I guess the chances for new modern features is basically 0.

I agree with your sentiment - it takes a lot of time when you're unfamiliar with this stuff and are already busy doing something else. But it is easier than it seems. To renew the certificate: - Go to https://airvpn.org/ - Sign in - Select the "Client Area" tab - Under "VPN Devices" click the "Manage" button - Click the "Details" button - Click the "Renew" button Then do what Staff says in the above post: - run Eddie - on Eddie's main window uncheck "Remember me" - log your account out - log your account in (you'll need to re-enter your AirVPN credentials) - try again a connection

I have been working with AirVPN support to solve this problem. I know they have just acquired a Pi5 for testing and hopefully there will be a patch for Eddie In the meantime they suggested I try AirVPN suite which is the Command Line version of their VPN client. I had problems getting it to run on the Pi5 too but they worked with me to solve the problems and now it works a charm, if you are comfortable with Command Line (I’m middling myself and I muddled through) I prepared for my own reference the following summary of the tweaks required in my instance: Running AirVPN Suite on Pi5 Install AirVPN Suite Please avoid the 32 bit version. You need the 64 bit version (NOT the legacy version), direct link: https://eddie.website/repository/AirVPN-Suite/1.3.0/AirVPN-Suite-aarch64-1.3.0.tar.gz If AirVPN Suite Fails to Resolve DNS Requests DNS requests should not affect system ability to resolve names. Test for successful resolutions. Example from a terminal: dig airvpn.org If the result is a failure then produce the Bluetit log taken while the problem is ongoing. From a terminal: sudo journalctl | grep bluetit > bluetit.log Send to AirVPN support Check if systemd-resolved is running From a terminal: sudo systemctl status systemd-resolved For me this showed that systemd-resolved was not installed on my system. I installed it with: apt install systemd-resolved Reboot and run sudo systemctl status systemd-resolved again This solved my DNS resolution problems

Probably because they decided not to use women and children as suicide bombers, or fire rockets indiscriminately into civilian areas. But this isn't really the place to discuss it.