Leaderboard

Hello! We're very glad to inform you that a new 10 Gbit/s server located in Zurich (CH) is available: Xuange. It's the first server we propose with a dedicated 10 Gbit/s line and port. As we have now circumvented several computing limits through load balancing and improved optimization, it's time to gradually test larger bandwidth. The AirVPN client will show automatically the new server. If you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other Air server, Xuange supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Xuange Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! We're very glad to inform you that a server located in Stockholm (SE) has been upgraded: Ain. Server is now connected to a 10 Gbit/s line and port, while the motherboard has been replaced with a more powerful CPU. IP addresses remain the same. You don't need to re-generate configuration files, even if you don't run our software. As usual the server includes load balancing between daemons to squeeze as much bandwidth as possible from the 10 Gbit/s line. The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other Air server, Ain supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Ain Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! We're very glad to inform you that a new stable release of Eddie is now available for Linux (various ARM based architectures included), Mac, Windows. Eddie is a free and open source (GPLv3) OpenVPN GUI and CLI by AirVPN with many additional features such as: traffic leaks prevention via packet filtering rules DNS handling optional connections over Tor or a generic proxy customizable events traffic splitting on a destination IP address or host name basis complete and swift integration with AirVPN infrastructure white and black lists of VPN servers ability to support IPv4, IPv6 and IPv6 over IPv4 What's new in Eddie 2.19.7 enhanced wintun support in Windows, resolving TAP driver adapter issues and boosting performance Hummingbird 1.1.1 support in Linux and macOS for increased performance (up to 100% boost in macOS i7 systems when compared against OpenVPN 2) portable version for macOS which does not require Mono package installation nftables support by Network Lock in Linux via nft new aarch64 support through a Raspberry OS 64 bit beta specific build improved IPv6 support many bug fixes Eddie GUI and CLI now run with normal user privileges, while only a "backend" binary, which communicates with the user interface with authentication, gains root/administrator privileges, with important security safeguards in place: stricter parsing is enforced before passing a profile to OpenVPN in order to block insecure OpenVPN directives external system binaries which need superuser privileges (examples: openvpn, iptables, hummingbird) will not be launched if they do not belong to a superuser Eddie events are no more run with superuser privileges: instead of trusting blindly user's responsibility and care when dealing with events, now the user is required to explicitly operate to run something with high privileges, if necessary Backend binary is written in C++ on all systems (Windows included), making the whole application faster. Settings, certificates and keys of your account stored on your mass storage can optionally be encrypted on all systems either with a Master Password or in a system key-chain if available. Eddie 2.19.7 can be downloaded here: https://airvpn.org/linux - Linux version https://airvpn.org/macos - Mac version https://airvpn.org/windows - Windows version Eddie is free and open source software released under GPLv3. Source code is available on GitHub: https://github.com/AirVPN/Eddie Complete changelog can be found here. Kind regards & datalove AirVPN Staff

Hello! Sure, porting our software to ARM based Mac machines is an option we are seriously considering because during 2021 (and maybe 2022) Mac Apple will abandon development of x86-64 based computers completely. Stay tuned. Kind regards

I have a reason to believe that M247 is falsifying a few of its server locations which it sells to VPN companies such as AirVPN. Disclaimer: I am not accusing AirVPN of participating in this falsification, I believe that AirVPN staff has the integrity and honesty to only purchase servers in locations they know are correct as advertised. My hypothesis is that AirVPN was merely duped into buying thse falsified locations because M247 claimed that they were real locations and AirVPN did not have any reason to suspect anything to the contrary. I noticed recently that the M247 "Phoenix" location seems to really be located in Los Angeles, M247 "Barcelona" location seems to really be in Madrid, and the M247 "Berlin" location seems to really be in Frankfurt. Traceroute shows identical routes between each of these false locations and the real location they are in, not to mention that neither Phoenix, Barcelona, or Berlin appear on M247's list of locations on their website Disclaimer 2: All of the data below is shown as it was generated, with the only thing being edited is the redaction of my ISP's traceroute hops for protection of my privacy. Exhibit A: "Phoenix" is really Los Angeles. Traceroute and ping to Indus , allegedly in M247 Phoenix Traceroute to Indus server traceroute to indus.airservers.org (193.37.254.26), 30 hops max, 38 byte packets [Redacted my ISP's traceroute hops] 8 * * * 9 ae-5.r01.lsanca20.us.bb.gin.ntt.net (129.250.6.49) 73.593 ms 68.449 ms 69.689 ms 10 ce-0-1-0-0.r01.lsanca20.us.ce.gin.ntt.net (128.241.6.1) 66.818 ms 71.847 ms 72.087 ms 11 * irb-0.agg1.lax1.us.m247.com (77.243.185.149) 89.481 ms et-0-0-49-0.agg1.lax1.us.m247.com (77.243.185.145) 79.797 ms 12 vlan2921.as09.lax1.us.m247.com (193.9.115.167) 123.200 ms 71.520 ms vlan2909.as09.lax1.us.m247.com (193.9.115.169) 74.228 ms 13 * * * 14 * * * Traceroute from Indus to Google traceroute to google.com (172.217.5.110), 30 hops max, 60 byte packets 1 10.32.6.1 (10.32.6.1) 69.597 ms 69.603 ms 69.595 ms 2 vlan177.as09.lax1.us.m247.com (193.37.254.1) 69.687 ms 69.711 ms 69.778 ms 3 irb-0.agg1.lax1.us.m247.com (193.9.115.168) 633.031 ms 633.038 ms 633.034 ms 4 37.120.220.170 (37.120.220.170) 69.490 ms 69.452 ms 69.546 ms 5 72.14.204.180 (72.14.204.180) 69.661 ms te-4-3-0.bb1.lax1.us.m247.com (82.102.29.110) 69.769 ms 69.821 ms 6 10.252.217.158 (10.252.217.158) 69.615 ms 72.14.204.180 (72.14.204.180) 67.888 ms 10.23.211.158 (10.23.211.158) 68.754 ms 7 10.252.234.254 (10.252.234.254) 67.871 ms 142.250.228.74 (142.250.228.74) 68.216 ms 10.252.234.254 (10.252.234.254) 68.221 ms 8 108.170.247.244 (108.170.247.244) 68.254 ms 108.170.237.114 (108.170.237.114) 68.228 ms 108.170.247.244 (108.170.247.244) 68.243 ms 9 108.170.247.211 (108.170.247.211) 68.818 ms 108.170.247.148 (108.170.247.148) 68.598 ms 68.843 ms 10 108.170.230.123 (108.170.230.123) 68.806 ms 108.170.230.133 (108.170.230.133) 69.010 ms 172.253.75.217 (172.253.75.217) 76.905 ms 11 172.253.75.217 (172.253.75.217) 76.921 ms 172.253.70.153 (172.253.70.153) 80.406 ms 74.125.253.148 (74.125.253.148) 75.588 ms 12 142.250.234.59 (142.250.234.59) 81.965 ms 108.170.243.1 (108.170.243.1) 78.518 ms 80.377 ms 13 108.170.236.61 (108.170.236.61) 75.650 ms 75.356 ms 108.170.243.1 (108.170.243.1) 77.960 ms 14 sfo03s07-in-f14.1e100.net (172.217.5.110) 82.906 ms 108.170.236.63 (108.170.236.63) 77.106 ms sfo03s07-in-f110.1e100.net (172.217.5.110) 103.936 ms Ping to Indus PING 193.37.254.26 (193.37.254.26) 56(84) bytes of data. 64 bytes from 193.37.254.26: icmp_seq=1 ttl=57 time=69.5 ms 64 bytes from 193.37.254.26: icmp_seq=2 ttl=57 time=68.8 ms 64 bytes from 193.37.254.26: icmp_seq=3 ttl=57 time=69.1 ms 64 bytes from 193.37.254.26: icmp_seq=4 ttl=57 time=68.0 ms 64 bytes from 193.37.254.26: icmp_seq=5 ttl=57 time=69.3 ms 64 bytes from 193.37.254.26: icmp_seq=6 ttl=57 time=68.5 ms 64 bytes from 193.37.254.26: icmp_seq=7 ttl=57 time=70.0 ms 64 bytes from 193.37.254.26: icmp_seq=8 ttl=57 time=69.2 ms 64 bytes from 193.37.254.26: icmp_seq=9 ttl=57 time=69.7 ms 64 bytes from 193.37.254.26: icmp_seq=10 ttl=57 time=68.1 ms Hmm, I wonder why all the M247 router hops are all labelled as "LAX1" for a "Phoenix" location??? Now we will compare this to Groombridge, a server in M247 Los Angeles Traceroute to Groombridge traceroute to groombridge.airservers.org (37.120.132.82), 30 hops max, 38 byte packets [Redacted my ISP's traceroute hops] 7 * * * 8 ae-2.r25.lsanca07.us.bb.gin.ntt.net (129.250.3.189) 74.561 ms 97.764 ms * 9 ae-5.r01.lsanca20.us.bb.gin.ntt.net (129.250.6.49) 73.048 ms 70.967 ms 73.707 ms 10 ce-0-1-0-0.r01.lsanca20.us.ce.gin.ntt.net (128.241.6.1) 65.112 ms 73.968 ms 71.939 ms 11 irb-0.agg1.lax1.us.m247.com (77.243.185.149) 77.359 ms * * 12 vlan2926.as15.lax1.us.m247.com (89.44.212.37) 75.003 ms 73.769 ms 217.138.223.35 (217.138.223.35) 67.763 ms 13 * * * 14 * * * Traceroute from Groombridge to YouTube traceroute to youtube.com (216.58.195.78), 30 hops max, 60 byte packets 1 10.15.134.1 (10.15.134.1) 71.514 ms 71.502 ms 71.493 ms 2 vlan170.as15.lax1.us.m247.com (37.120.132.81) 71.810 ms 71.986 ms 72.005 ms 3 * * * 4 37.120.220.198 (37.120.220.198) 75.969 ms te-1-2-0.bb1.nyc1.us.m247.com (77.243.185.18) 76.140 ms 37.120.220.198 (37.120.220.198) 75.971 ms 5 72.14.204.180 (72.14.204.180) 76.149 ms 76.154 ms te-4-3-0.bb1.lax1.us.m247.com (82.102.29.110) 75.138 ms 6 10.252.173.62 (10.252.173.62) 78.254 ms 72.14.204.180 (72.14.204.180) 73.797 ms 73.781 ms 7 209.85.254.86 (209.85.254.86) 73.773 ms 10.252.50.62 (10.252.50.62) 73.975 ms 108.170.247.193 (108.170.247.193) 74.551 ms 8 108.170.237.114 (108.170.237.114) 73.937 ms 108.170.247.193 (108.170.247.193) 74.759 ms 108.170.247.243 (108.170.247.243) 74.214 ms 9 * 108.170.247.244 (108.170.247.244) 74.196 ms 108.170.234.124 (108.170.234.124) 74.648 ms 10 209.85.254.229 (209.85.254.229) 86.701 ms * 108.170.234.27 (108.170.234.27) 72.588 ms 11 216.239.58.214 (216.239.58.214) 80.460 ms 142.250.234.56 (142.250.234.56) 81.648 ms 172.253.70.155 (172.253.70.155) 83.700 ms 12 108.170.242.241 (108.170.242.241) 80.580 ms 66.249.94.28 (66.249.94.28) 79.787 ms 108.170.242.241 (108.170.242.241) 81.349 ms 13 72.14.239.97 (72.14.239.97) 80.326 ms 108.170.242.241 (108.170.242.241) 81.308 ms 72.14.239.43 (72.14.239.43) 84.462 ms 14 72.14.239.43 (72.14.239.43) 82.598 ms sfo07s16-in-f78.1e100.net (216.58.195.78) 80.463 ms 81.950 ms Ping to Groombridge PING groombridge.airservers.org (37.120.132.82) 56(84) bytes of data. 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=1 ttl=57 time=68.8 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=2 ttl=57 time=68.8 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=3 ttl=57 time=68.9 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=4 ttl=57 time=68.0 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=5 ttl=57 time=70.4 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=6 ttl=57 time=69.0 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=7 ttl=57 time=70.4 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=8 ttl=57 time=67.6 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=9 ttl=57 time=68.3 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=10 ttl=57 time=68.0 ms Hmm, looks suspiciously similar to me... Routes are both the same, ping is near-equal Exhibit B: "Barcelona" is really Madrid Traceroute and ping to Eridanus, allegedly in Barcelona Traceroute to Eridanus traceroute to eridanus.airservers.org (185.183.106.2), 30 hops max, 38 byte packets [Redacted my ISP's traceroute hops] 7 * * * 8 be2332.ccr32.bio02.atlas.cogentco.com (154.54.85.246) 83.833 ms 82.655 ms 83.244 ms 9 be2325.ccr32.mad05.atlas.cogentco.com (154.54.61.134) 86.389 ms 85.839 ms 86.422 ms 10 quantum-sistemas.demarc.cogentco.com (149.6.150.130) 110.559 ms 171.268 ms 118.386 ms 11 * * * 12 * * * Traceroute from Eridanus to YouTube traceroute to youtube.com (216.58.211.46), 30 hops max, 60 byte packets 1 10.16.134.1 (10.16.134.1) 89.066 ms 89.077 ms 89.072 ms 2 * * * 3 xe-1-2-3-0.bb1.mad1.es.m247.com (212.103.51.62) 89.002 ms 88.997 ms 88.992 ms 4 mad-b1-link.telia.net (213.248.95.33) 89.157 ms 89.176 ms 89.172 ms 5 google-ic-314668-mad-b1.c.telia.net (62.115.61.14) 89.168 ms 89.324 ms 89.328 ms 6 * * * 7 142.250.239.26 (142.250.239.26) 92.637 ms 72.14.233.124 (72.14.233.124) 91.657 ms 142.250.62.202 (142.250.62.202) 91.548 ms 8 108.170.234.221 (108.170.234.221) 92.059 ms 74.125.242.178 (74.125.242.178) 91.787 ms 144.397 ms 9 108.170.253.225 (108.170.253.225) 91.930 ms muc03s14-in-f14.1e100.net (216.58.211.46) 91.631 ms 108.170.253.225 (108.170.253.225) 91.934 ms Hmm, I wonder why M247's router hops in the "Barcelona" location are all labelled as "MAD1" Ping to Eridanus PING 185.183.106.2 (185.183.106.2) 56(84) bytes of data. 64 bytes from 185.183.106.2: icmp_seq=1 ttl=56 time=89.4 ms 64 bytes from 185.183.106.2: icmp_seq=2 ttl=56 time=85.9 ms 64 bytes from 185.183.106.2: icmp_seq=3 ttl=56 time=84.9 ms 64 bytes from 185.183.106.2: icmp_seq=4 ttl=56 time=85.5 ms 64 bytes from 185.183.106.2: icmp_seq=5 ttl=56 time=86.4 ms 64 bytes from 185.183.106.2: icmp_seq=6 ttl=56 time=85.0 ms 64 bytes from 185.183.106.2: icmp_seq=7 ttl=56 time=85.3 ms 64 bytes from 185.183.106.2: icmp_seq=8 ttl=56 time=87.1 ms 64 bytes from 185.183.106.2: icmp_seq=9 ttl=56 time=85.8 ms 64 bytes from 185.183.106.2: icmp_seq=10 ttl=56 time=85.3 ms Comparing this to Mekbuda, a server in Madrid M247 Traceroute to Mekbuda [Redacted my ISP's traceroute hops] 7 * * * 8 be2332.ccr32.bio02.atlas.cogentco.com (154.54.85.246) 83.761 ms 82.333 ms 82.102 ms 9 be2325.ccr32.mad05.atlas.cogentco.com (154.54.61.134) 86.121 ms 85.032 ms 86.308 ms 10 quantum-sistemas.demarc.cogentco.com (149.6.150.130) 94.879 ms 87.337 ms 88.230 ms 11 * * * 12 * * * Route from Mekbuda to Youtube traceroute to youtube.com (216.58.215.142), 30 hops max, 60 byte packets 1 10.21.198.1 (10.21.198.1) 87.692 ms 87.693 ms 87.686 ms 2 vlan29.bb2.mad1.es.m247.com (185.93.182.161) 87.696 ms 87.690 ms 87.750 ms 3 xe-1-1-0-0.bb1.mad1.es.m247.com (82.102.29.25) 87.762 ms 87.758 ms 87.753 ms 4 mad-b1-link.telia.net (213.248.95.33) 87.956 ms 88.558 ms 87.931 ms 5 google-ic-314668-mad-b1.c.telia.net (62.115.61.14) 87.836 ms 87.992 ms 87.988 ms 6 * * * 7 mad41s04-in-f14.1e100.net (216.58.215.142) 86.846 ms 74.125.242.177 (74.125.242.177) 98.934 ms 98.992 ms Ping to Mekbuda PING mekbuda.airservers.org (185.93.182.170) 56(84) bytes of data. 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=1 ttl=56 time=87.0 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=2 ttl=56 time=88.4 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=3 ttl=56 time=86.2 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=4 ttl=56 time=88.4 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=5 ttl=56 time=86.7 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=6 ttl=56 time=85.7 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=7 ttl=56 time=85.7 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=8 ttl=56 time=87.1 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=9 ttl=56 time=88.3 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=10 ttl=56 time=88.2 ms Once again, everything is near-identical, with only a slight difference in Youtube traceroute. Exhibit C: "Berlin" is really in Frankfurt First we will test ping and traceroute to Cujam, a Berlin M247 server Traceroute to Cujam [Redacted my ISP's traceroute hops] 6 * * * 7 ae-9.r20.londen12.uk.bb.gin.ntt.net (129.250.6.146) 73.904 ms ae-11.r20.parsfr04.fr.bb.gin.ntt.net (129.250.4.195) 78.812 ms 75.580 ms 8 ae-1.r21.londen12.uk.bb.gin.ntt.net (129.250.2.183) 79.099 ms ae-2.r21.parsfr04.fr.bb.gin.ntt.net (129.250.3.46) 85.715 ms ae-1.r21.londen12.uk.bb.gin.ntt.net (129.250.2.183) 78.384 ms 9 ae-16.r20.frnkge13.de.bb.gin.ntt.net (129.250.3.13) 91.553 ms ae-11.r21.frnkge13.de.bb.gin.ntt.net (129.250.5.26) 91.521 ms ae-16.r20.frnkge13.de.bb.gin.ntt.net (129.250.3.13) 94.728 ms 10 ae-0.a00.frnkge13.de.bb.gin.ntt.net (129.250.2.25) 92.855 ms 89.619 ms 90.740 ms 11 ae-8-501.a00.frnkge13.de.ce.gin.ntt.net (213.198.52.62) 91.869 ms 92.824 ms 93.136 ms 12 37.120.220.131 (37.120.220.131) 90.856 ms vlan2945.agg2.fra4.de.m247.com (193.27.15.241) 92.015 ms 37.120.220.116 (37.120.220.116) 89.007 ms 13 vlan2925.as03.fra4.de.m247.com (83.97.21.17) 88.304 ms vlan2901.as03.fra4.de.m247.com (82.102.29.155) 93.828 ms vlan2925.as03.fra4.de.m247.com (83.97.21.17) 89.713 ms 14 * * * 15 * * * Traceroute from Cujam to YouTube 1 10.11.102.1 (10.11.102.1) 89.968 ms 89.978 ms 89.972 ms 2 37.120.217.241 (37.120.217.241) 90.041 ms 90.036 ms 90.134 ms 3 vlan2925.agg2.fra4.de.m247.com (83.97.21.16) 89.915 ms 89.910 ms 89.905 ms 4 37.120.220.130 (37.120.220.130) 90.078 ms 193.27.15.240 (193.27.15.240) 89.956 ms 37.120.220.130 (37.120.220.130) 90.199 ms 5 vlan2906.bb1.ams1.nl.m247.com (37.120.128.248) 90.252 ms 90.009 ms 37.120.128.253 (37.120.128.253) 90.176 ms 6 37.120.128.253 (37.120.128.253) 90.171 ms no-mans-land.m247.com (185.206.226.71) 89.888 ms 37.120.128.253 (37.120.128.253) 89.597 ms 7 no-mans-land.m247.com (185.206.226.71) 89.851 ms 10.252.43.30 (10.252.43.30) 89.962 ms 10.252.45.126 (10.252.45.126) 89.649 ms 8 108.170.252.1 (108.170.252.1) 90.496 ms 108.170.235.248 (108.170.235.248) 89.578 ms 10.252.73.190 (10.252.73.190) 89.598 ms 9 108.170.252.83 (108.170.252.83) 90.067 ms 108.170.252.18 (108.170.252.18) 90.020 ms 108.170.252.65 (108.170.252.65) 90.430 ms 10 * * 209.85.252.77 (209.85.252.77) 90.872 ms 11 216.239.50.187 (216.239.50.187) 99.430 ms * 209.85.252.149 (209.85.252.149) 97.794 ms 12 108.170.230.210 (108.170.230.210) 98.329 ms 72.14.238.52 (72.14.238.52) 97.997 ms 97.910 ms 13 108.170.244.161 (108.170.244.161) 97.921 ms 108.170.235.98 (108.170.235.98) 98.316 ms 108.170.244.225 (108.170.244.225) 98.802 ms 14 108.170.232.125 (108.170.232.125) 97.839 ms 98.060 ms 98.173 ms 15 108.170.234.51 (108.170.234.51) 98.067 ms par10s27-in-f206.1e100.net (216.58.198.206) 97.811 ms 98.150 ms Ping to Cujam PING cujam.airservers.org (37.120.217.242) 56(84) bytes of data. 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=1 ttl=53 time=90.3 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=2 ttl=53 time=91.8 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=3 ttl=53 time=91.7 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=4 ttl=53 time=92.5 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=5 ttl=53 time=91.3 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=6 ttl=53 time=92.1 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=7 ttl=53 time=90.5 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=8 ttl=53 time=91.3 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=9 ttl=53 time=90.0 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=10 ttl=53 time=92.1 ms I wonder why there's no mention of "Berlin" in the traceroute hops, instead says FRA4 for Frankfurt.... Next we will compare this to Mirfak, a M247 Frankfurt server Traceroute to Mirfak [Redacted my ISP's traceroute hops] 5 * * * 6 if-ae-66-8.tcore1.l78-london.as6453.net (80.231.130.194) 93.049 ms if-ae-66-9.tcore1.l78-london.as6453.net (80.231.130.21) 92.427 ms if-ae-66-8.tcore1.l78-london.as6453.net (80.231.130.194) 92.662 ms 7 * if-ae-3-2.tcore1.pye-paris.as6453.net (80.231.154.142) 94.296 ms * 8 * * if-ae-11-2.tcore1.pvu-paris.as6453.net (80.231.153.49) 92.280 ms 9 * if-ae-49-2.tcore2.pvu-paris.as6453.net (80.231.153.21) 91.508 ms * 10 if-ae-55-2.tcore1.fr0-frankfurt.as6453.net (80.231.245.7) 100.752 ms 91.321 ms 92.308 ms 11 if-ae-55-2.tcore1.fr0-frankfurt.as6453.net (80.231.245.7) 88.325 ms 195.219.50.23 (195.219.50.23) 96.137 ms 94.877 ms 12 vlan2946.agg1.fra4.de.m247.com (193.27.15.243) 94.155 ms 37.120.220.116 (37.120.220.116) 93.367 ms 37.120.220.118 (37.120.220.118) 91.790 ms 13 vlan2917.as11.fra4.de.m247.com (212.103.51.191) 101.641 ms vlan2945.agg2.fra4.de.m247.com (193.27.15.241) 90.441 ms vlan2917.as11.fra4.de.m247.com (212.103.51.191) 93.836 ms 14 * vlan2917.as11.fra4.de.m247.com (212.103.51.191) 94.359 ms vlan2919.as11.fra4.de.m247.com (212.103.51.151) 96.080 ms 15 * * * 16 * * * The only difference in this traceroute is that the traffic goes through TATA instead of NTT which the Cujam server goes through, but the destination for both is the same: M247 in Frankfurt Traceroute to YouTube from Mirfak traceroute to youtube.com (172.217.17.46), 30 hops max, 60 byte packets 1 10.27.230.1 (10.27.230.1) 96.778 ms 96.764 ms 96.774 ms 2 vlan27.as11.fra4.de.m247.com (141.98.102.177) 97.067 ms 97.135 ms 97.329 ms 3 vlan2917.agg1.fra4.de.m247.com (212.103.51.190) 96.705 ms 96.704 ms 96.699 ms 4 37.120.128.148 (37.120.128.148) 97.120 ms 193.27.15.242 (193.27.15.242) 97.724 ms 37.120.128.148 (37.120.128.148) 97.107 ms 5 37.120.128.253 (37.120.128.253) 96.833 ms 96.835 ms vlan2906.bb1.ams1.nl.m247.com (37.120.128.248) 96.894 ms 6 no-mans-land.m247.com (185.206.226.71) 97.037 ms 37.120.128.253 (37.120.128.253) 95.349 ms 95.494 ms 7 no-mans-land.m247.com (185.206.226.71) 95.615 ms 10.252.45.190 (10.252.45.190) 98.342 ms 10.252.45.158 (10.252.45.158) 96.818 ms 8 216.239.47.244 (216.239.47.244) 96.897 ms 108.170.252.65 (108.170.252.65) 97.534 ms 142.250.46.244 (142.250.46.244) 96.712 ms 9 108.170.252.18 (108.170.252.18) 97.041 ms 108.170.251.144 (108.170.251.144) 97.279 ms 108.170.252.18 (108.170.252.18) 96.977 ms 10 * * * 11 209.85.244.158 (209.85.244.158) 104.649 ms * * 12 216.239.42.171 (216.239.42.171) 104.672 ms 216.239.42.102 (216.239.42.102) 116.455 ms 216.239.43.37 (216.239.43.37) 104.324 ms 13 216.239.42.171 (216.239.42.171) 104.748 ms 104.733 ms 216.239.43.37 (216.239.43.37) 115.898 ms 14 108.170.236.135 (108.170.236.135) 104.245 ms 104.183 ms 108.170.236.137 (108.170.236.137) 104.074 ms 15 ams16s29-in-f46.1e100.net (172.217.17.46) 103.791 ms 103.813 ms 102.372 ms Ping to Mirfak PING mirfak.airservers.org (141.98.102.234) 56(84) bytes of data. 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=1 ttl=53 time=89.3 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=2 ttl=53 time=89.8 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=3 ttl=53 time=89.1 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=4 ttl=53 time=90.6 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=5 ttl=53 time=89.6 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=6 ttl=53 time=89.2 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=7 ttl=53 time=90.0 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=8 ttl=53 time=90.0 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=9 ttl=53 time=87.6 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=10 ttl=53 time=88.9 ms Again, everything is near-identical, suggesting that these Berlin, Phoenix, and Barcelona locations are just falsified geolocation information and nothing more. With near-identical traceroutes, and ping values that don't differ by more than 1-2ms , it is extremely unrealistic that these servers are in the locations they claim to be. If you think my data is wrong/inaccurate, then feel free to repeat my experiment yourself, you will find the same thing. I would like to reiterate that I believe that AirVPN has no part in this falsification and that they have no ill will, I think they were duped/deceived by M247 to believe that the Phoenix, Berlin and Barcelona locations are actually real physical locations M247 has their servers located in. I think after these findings, AirVPN should have a long discussion with M247 staff about this falsification that took place.

Hello! We're very glad to introduce a new software suite for Linux. The suite includes the well known Hummingbird software, updated to the latest OpenVPN AirVPN library, and introduces for the first time a D-Bus controlled, real daemon, Bluetit, as well as a command line client, Goldcrest, to interact with Bluetit. New architecture The client-daemon architecture we introduce for the first time in our software offers a more robust security model and provides system administrators with a fine-grained, very flexible access control. Bluetit is fully integrated with AirVPN. The daemon is accessed through a D-Bus interface by providing specific methods and interface in order to give full support to OpenVPN connection and AirVPN functionality, including - but not limited to - quick automatic connection to the best AirVPN server for any specific location as well as any AirVPN server or country. Connection during system bootstrap is fully supported as well. New OpenVPN 3 library features Hummingbird and Bluetit are linked against a new version of our OpenVPN 3 library which supports directive data-ciphers: it can be used consistently with OpenVPN 2.5 syntax in OpenVPN profiles. The directive allows OpenVPN 3 based software to negotiate a common Data Channel cipher with the OpenVPN server,, updating therefore our library to ncp-like negotiation with OpenVPN 2 branch. Hummingbird and Bluetit are already linked against the new library version, while Eddie Android edition will be updated in the near future. The new library also includes a different handling of IV_CIPHERS variable, fixing OpenVPN main branch issues which caused a plethora of problems with OpenVPN 2.5. The implementation, at the same time, takes care of full backward compatibility with OpenVPN versions older than 2.5. ncp-disable directive, which to date has never been implemented in the main branch, is still supported, in order to further enhance backward compatibility with both OpenVPN profiles and servers, as well as connection flexibility with servers running older than 2.5 OpenVPN versions. Please note that if you enforce a specific Data Channel cipher by means of Bluetit configuration file, Hummingbird line option, or Goldcrest configuration file and/or line option, the enforced Data Channel cipher will override data-ciphers profile directive. Changelog 3.6.6 AirVPN by ProMIND - [ProMIND] [2020/11/02] openvpn/ssl/proto.hpp: IV_CIPHERS is set to the overridden cipher only (both from client and/or OpenVPN profile) in order to properly work with OpenVPN 2.5 IV_CIPHERS specifications. The old method of cipher overriding by means of negotiable crypto parameters is still supported in order to maintain compatibility with OpenVPN < 2.5.0 - [ProMIND] [2020/11/24] added "data-ciphers" directive to profile config .ovpn files in order to comply to OpenVPN 2.5 negotiable data cipher specifications. In case "data-ciphers" is found in the .ovpn files IV_CIPHERS is assigned to the algorithms found in "data-ciphers". In this specific case, "cipher" directive is used as a fallback cipher and, if not already specified in "data-ciphers", is appended to IV_CIPHERS Notes on systemd-resolved In Fedora 33 systemd-resolved comes pre-configured to work in "on-link" mode and network-manager works together with it. This very peculiar, Windows-like setup kills Linux global DNS handling, causing those DNS leaks which previously occurred only on Windows. Hummingbird and Bluetit take care of preventing the brand new DNS leaks caused by such a setup. Also note that systemd-resolved comes pre-configured with fallback DNS (Google DNS is a systemd-resolved default fallback DNS, smart choices pile up!) which will be queried if each interface DNS server fails some resolution. In such a case, if and only if you have Network Lock enabled will DNS leaks be prevented. Supported systems The suite is currently available for Linux x86-64, i686 (32 bit distributions), arm7l (for example Raspbian and other ARM 32 bit based systems) and aarch64 (ARM 64 bit). AirVPN Suite is free and open source software licensed under GPLv3. Overview and main features AirVPN’s free and open source OpenVPN 3 suite based on AirVPN’s OpenVPN 3 library fork Version 1.0.0 - Relase date 7 January 2021 Bluetit: lightweight D-Bus controlled system daemon providing full connectivity to AirVPN servers and generic OpenVPN servers. Ability to connect the system to AirVPN during the bootstrap. Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN servers Hummingbird: lightweight and standalone client for generic OpenVPN server connection Linux i686, x86-64, arm7l and arm64 (Raspberry) support Full integration with systemd, SysVStyle-init and chkconfig No heavy framework required, no GUI Tiny RAM footprint Lightning fast Based on OpenVPN 3 library fork by AirVPN version 3.6.6 with tons of critical bug fixes from the main branch, new cipher support and never seen before features ChaCha20-Poly1305 cipher support on both Control and Data Channel providing great performance boost on ARM, Raspberry PI and any Linux based platform not supporting AES-NI. Note: ChaCha20 support for Android had been already implemented in our free and open source Eddie Android edition Robust leaks prevention through Network Lock based either on iptables, nftables or pf through automatic detection Proper handling of DNS push by VPN servers, working with resolv.conf as well as any operational mode of systemd-resolved additional features User documentation (*) and source code: https://gitlab.com/AirVPN/AirVPN-Suite (*) Developer documentation to create custom software clients for Bluetit will be published in the near future. Download links: Linux x86-64: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-x86_64-1.0.0.tar.gz Linux x-86-64 sha512 check file: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-aarch64-1.0.0.tar.gz.sha512 Linux i686: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-i686-1.0.0.tar.gz Linux i686 sha512 check file: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-i686-1.0.0.tar.gz.sha512 Linux arm7l: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-armv7l-1.0.0.tar.gz Linux arm7l sha512 check file: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-armv7l-1.0.0.tar.gz.sha512 Linux aarch64: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-aarch64-1.0.0.tar.gz Linux aarch64 sha512 check file: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-aarch64-1.0.0.tar.gz.sha512 Kind regards AirVPN Staff

Hello! We're very glad to inform you that we have just released Hummingbird 1.1.1 for macOS (High Sierra or higher version required). Main features Lightweight and stand alone binary No heavy framework required, no GUI Small RAM footprint Lightning fast Up to 100% higher throughput than OpenVPN 2.5 Based on OpenVPN 3 library fork by AirVPN Robust leaks prevention through Network Lock based on pf - working perfectly on Big Sur too Proper handling of DNS push by VPN servers What's new Remarkably higher performance Hummingbird 1.1.1 is based on the latest OpenVPN AirVPN library version 3.6.6 linked against OpenSSL, and not mbedTLS anymore. OpenSSL latest versions in macOS have reached higher performance than mbedTLS both in encryption and decryption based on AES and CHACHA20-POLY1305 ciphers. By relying on OpenSSL and thanks to highly optimized compilation as usual, Hummingbird on macOS is now able to beat OpenVPN 2 performance as well as previous Hummingbird 1.1.0 performance. According to our tests performed on macOS Catalina and Mojave, and keeping AES-256-GCM as Data Channel cipher, throughput increases up to 100%. Comparisons have been performed against Eddie 2.19.6 + OpenVPN 2.5, Tunnelblick + OpenVPN 2.4.9 and Hummingbird 1.1.0. All the tests consistently show a great performance boost, starting from +30% and peaking to +100%. Therefore, we strongly recommend that you test Hummingbird 1.1.1 even if you run Eddie. Remember that you can run Hummingbird through Eddie comfortably and quickly by setting the proper option. New OpenVPN 3 library features Starting from version 1..1..1, Hummingbird is linked against a new version of our OpenVPN 3 library which supports directive data-ciphers: it can be used consistently with OpenVPN 2.5 syntax in OpenVPN profiles. The directive allows OpenVPN 3 based software to negotiate a common Data Channel cipher with the OpenVPN server,, updating therefore our library to ncp-like negotiation with OpenVPN 2 branch. The new library also includes a different handling of IV_CIPHERS variable, fixing OpenVPN main branch issues causing a plethora of problems with OpenVPN 2.5. The implementation, at the same time, takes care of full backward compatibility with OpenVPN versions older than 2.5. ncp-disable directive, which to date has never been implemented in the main branch, is still supported, in order to further enhance backward compatibility with both OpenVPN profiles and servers, as well as connection flexibility with servers running older than 2.5 OpenVPN versions. Please note that if you enforce a specific Data Channel cipher by means of Hummingbird line option, the enforced Data Channel cipher will override data-ciphers profile directive. Changelog 3.6.6 AirVPN by ProMIND - [ProMIND] [2020/11/02] openvpn/ssl/proto.hpp: IV_CIPHERS is set to the overridden cipher only (both from client and/or OpenVPN profile) in order to properly work with OpenVPN 2.5 IV_CIPHERS specifications. The old method of cipher overriding by means of negotiable crypto parameters is still supported in order to maintain compatibility with OpenVPN < 2.5.0 - [ProMIND] [2020/11/24] added "data-ciphers" directive to profile config .ovpn files in order to comply to OpenVPN 2.5 negotiable data cipher specifications. In case "data-ciphers" is found in the .ovpn files IV_CIPHERS is assigned to the algorithms found in "data-ciphers". In this specific case, "cipher" directive is used as a fallback cipher and, if not already specified in "data-ciphers", is appended to IV_CIPHERS Download Hummingbird for macOS is distributed in notarized and plain versions: Signed and notarized version: https://eddie.website/repository/hummingbird/1.1.1/hummingbird-macos-notarized-1.1.1.zip Plain version: https://eddie.website/repository/hummingbird/1.1.1/hummingbird-macos-1.1.1.tar.gz The difference is about how the package is seen by macOS security and it is therefore up to the user to pick the distribution file suiting his or her needs best. The notarized version is compliant to macOS software security scheme and runs "out-of-the-box", whereas the plain version needs to be explicitly granted permission to run by the user in macOS security & privacy settings. Please note that both versions ensure the same functionality in connecting a VPN server, it is however up to the user to decide whether using the signed and notarized version or not. Version 1.1.1 manual is available here https://airvpn.org/hummingbird/readme/ Kind regards & datalove AirVPN Staff

Maybe you already know it. When a country consistently has more than 65-70% allocated (used) bandwidth, we consider the expansion. When a country has consistently more than 90% allocated bandwidth, expansion is mandatory. Currently Canada is around 55% while Sweden less than 50%. However, in Sweden, we have much stronger demand in Stockholm (better peering with various residential ISPs) than Uppsala. If you consider Stockholm as an area of its own, or equivalently Sweden as a country relying essentially on Stockholm, then you have consistently 70% allocated bandwidth. That's why expansion in Stockholm is now under evaluation with higher priority than Canada. Kind regards

I have the same problem. Port forwarding has stopped working today, ( Not reachable, Error : 110 - Connection timed out).

@arteryshelby @ZPKZ Hello! Stay tuned, infrastructure expansion will go on. Kind regards

Anyone know when there will be an Apple Silicon universal binary version that will run natively on M1 Mac's without using Rosetta2?

@bluesjunior It was just for the specific case of the customer who had previously installed some OpenVPN 2.5 beta version that did not support data-ciphers directive. Therefore OpenVPN failed when Eddie ran it with a profile containing that directive, which is supported by OpenVPN 2.5 release. Kind regards

Last week i shared a nice topic about VPN’s and how in the 21st century it is mandatory that every single person should be using one, is how some one mentioned AirVPN. I “had” 5 VPN’s on my iphone ( since it is where i use the internet the most ) i signed aboard to AirVPN and asked for a trial. And let me tell you i have not been this excited in a long time. after my trial ended few days ago i decided i should support AirVPN and get a subscription. Set up my windows 10 tablet, linux mint PC and of course my phone, i deleted the other VPNs off my system and did a few test and research in between and I have to say AirVPN is simple, fast, affordable, transparent and yet reliable. i can not believe i have not came across AirVPN before ( Google definitely did not help bring up any mention of AirVPN ) and wasted so much time, money, researching and hassle with choosing the right VPN service. enough of my ranting, keep up the good work and keep up with the good fight!!!

I am running Arch Linux, uname spits out `5.10.8-arch1-1` I only have `/usr/share/dbus-1/system.d`

Hey mate, I had the same problem. If you check your Services, there will be a 'Eddie Elevation Service', probably from an old install etc Stop the service (if it's running) and from the command prompt (run as admin) type SC DELETE Eddie Elevation Service Other option if that doesn't work is to run regedit and navigate to HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services and delete the EddieElevationService key/folder Reboot and try again either with the portable version or installer

Hello, Thanks for the reply and clarification. Also many thanks for supporting an "old" (only three years) OS as High Sierra. I guess that a lot of user like me that can't, don't want or don't need to update to the "latest and greatest" will appreciate AirVPN giving support to our OS. It is nice to see that we can still use the best VPN technology you have to offer, please keep it that way for the next couple of years at least ;·) On another side, for non techie people like me, is it safe to update to the latest beta of Eddie to try Hummingbird and if we encounter any problem roll back to the "old" stable Eddie, or there are things that we have to be aware while rolling back? Or we just wait until the new stable Eddie release is out? Thanks in advance for your answer and support.

Hi, I have used forwarded ports with no problem over the last year but suddenly none of my forwarded ports are working. I'm getting "Not reachable on server IP over the external port XXXX, tcp protocol. Error : 110 - Connection timed out" when I try to check them in the client area here. Any ideas what the problem might be?

I just downloaded utorrent and the port is showing as pen. So it looks like my problem is with BiglyBT. I will try to uninstall and clean install later. Thank you

Yep working great with the new Eddie on Big Sur here! Gave it 24 hours before I posted to make sure haha.

What ports are forwarded in your modem. If any? What sort of application is in question here? What firewall do you use on your computers?

No technical stuff from me else I would be typing all night and day. Is enough to say from day one I have been mightily impressed with AirVPN the product, the staff, and the forum. On the few occasions I have looked up and or emailed a few other companies and asked questions they have always fallen short in one way or usually many more ways. Why other VPN providers get much business is beyond me.😍

I rebooted the PC and the modem and it's still the same. I also disabled my firewall briefly to check if that helped but it's still giving the same error even with the firewall off and freshly booted.

Resolve servername.airservers.org with nslookup, host or dig, whichever you prefer. $ dig a in dheneb.airservers.org +short . Think about it. What does NetLock do? Everything is blocked except for the AirVPN server (and probably your local network plus any exceptions).

@moejoe Hello! As far as we know Enigma2 is available for MIPS based machines (Dreambox): if that's your case, we're sorry, but both Eddie and AirVPN Suite are built for i686, x86-64,. ARM (32 and 64 bit), but not MIPS. You need to re-compile them. Eddie needs Mono framework and OpenVPN, if they are not available in your system or anyway Eddie is too heavy for a top box (you will need at least 300 MB RAM free before running it, plus some MB to run OpenVPN and other external binaries), you might try Hummingbird (it will take just 10 MB or less in total), but consider that it does not have a GUI. If you run a Linux based top box with Enigma 2 on top with some ARM CPU, then you might even try Hummingbird directly. https://airvpn.org/hummingbird/readme/ Kind regards

The private key is part of the encryption method RSA, so yes. In this case, the profile contains the RSA key encrypted with your password. It's a safer way of storing the key if you don't fully trust the storage location, e.g. a SMB share or NFS export used by others. People can download the profile and try to use it with OpenVPN but will find that the password is needed to decrypt it in the first place. Yes, the key will be fundamentally different. Every account can have five concurrent connections to AirVPN. In theory, you can connect with the same key multiple times but you can't do that to the same OpenVPN daemon (as in, connect to the same server with the same connection settings). If you use different keys, you make your life easier: The aforementioned restrictions don't apply, connect up to five times to the same server using UDP/443 for example without issue. You can name the keys, for example "my PC", "Android" or "Mom". If you see an active session in your client area, you will know which device is using it – or who, naming those keys is at your discretion and is only shown in the client area. A triviality: If someone manages to get hold of your key and you used that key on all your devices, and you now must go and renew the key, you need to reimport the new key everywhere. If you had five different keys for all the devices, you only would have needed to reimport the one compromised key on one device. More specifically, the difference between tls-auth and tls-crypt. The nameless option is tls-auth. tls-crypt is more secure because it prevents a few attack vectors against the whole process of creating a TLS session between two communication parties (like an OpenVPN server and client). If you're not using a very old OpenVPN version (pre-2.4), always use tls-crypt.

Oh no....that is reserved to/for government officials and corporate rats only. Covid-19 does not apply to them apparently.

I live in a city but that whole thing didn't change my habits at all. Only change is that I work from home (so I both go to bed and get up later) and that I don't see some people as much anymore. Grocery shopping is still possible and both delivery services and the internet all work as normal. So I don't die of hunger, and there's tons to do here I can imagine living in a more remote area to be somewhat more difficult, especially if one's disabled. May your path lead you to warm sands.

Yes, I will look into OpenVPN. Thank you for the great work you guys are doing, can't imagine using internet without VPN today.

Hello! Momentarily, in London please connect to Arion, where the problem is resolved, thank you. Kind regards

The other way round for me, 500 Mbit/s with AirVPN and 90 with NordVPN. NordVPN is slower most of the time. Set buffer to 512 KB. Connect to some server that isn't loaded too much, check the blue bar on the servers in https://airvpn.org/status Cheers, happy new year to everyone!

Here are the specifics about my system that you asked for: Linux Mint 20 Ulyana Cinnamon 4.6.7 Desktop Eddie-UI 2.1.8.9 The bug happened after leaving Eddie running for 5 hours on the system above. The disconnect button did not work and I could not shut off Eddie. I started Eddie in a linux terminal, here is the output of the run: Mint20UlyanaCinnamon4.6.7> /usr/bin/eddie-ui . 2020.12.30 06:15:07 - Eddie version: 2.18.9 / linux_x64, System: Linux, Name: Linux Mint 20 Ulyana \n \l, Version: Linux Godzilla 5.4.0-58-generic #64-Ubuntu SMP Wed Dec 9 08:16:25 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux, Mono/.Net: 6.8.0.105 (Debian 6.8.0.105+dfsg-2 Wed Feb 26 23:23:50 UTC 2020); Framework: v4.0.30319 . 2020.12.30 06:15:07 - Command line arguments (2): path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui" . 2020.12.30 06:15:07 - Raise system privileges . 2020.12.30 06:15:13 - Profile path: /home/steve/.config/eddie/default.profile . 2020.12.30 06:15:14 - Reading options from /home/steve/.config/eddie/default.profile . 2020.12.30 06:15:14 - Tun Driver - /dev/net/tun . 2020.12.30 06:15:14 - OpenVPN - Version: 2.4.7 - OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10 (/usr/sbin/openvpn) . 2020.12.30 06:15:14 - SSH - Version: OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f 31 Mar 2020 (/usr/bin/ssh) . 2020.12.30 06:15:14 - SSL - Version: stunnel 5.56 (/usr/bin/stunnel4) . 2020.12.30 06:15:14 - curl - Version: 7.68.0 (/usr/bin/curl) . 2020.12.30 06:15:14 - Recovery. Unexpected crash? W 2020.12.30 06:15:14 - Routes, add 184.75.221.195 for gateway 10.31.102.1 failed: Exception: Cannot find device "tun0" W 2020.12.30 06:15:14 - Routes, add 2606:6080:1001:15:45d:2b31:f931:2e2 for gateway fde6:7a:7d20:1b66::1 failed: Exception: Cannot find device "tun0" I 2020.12.30 06:15:15 - Ready . 2020.12.30 06:15:16 - Collect information about AirVPN completed I 2020.12.30 06:15:26 - Session starting. . 2020.12.30 06:15:26 - Waiting for latency tests (2 to go) I 2020.12.30 06:15:28 - Checking authorization ... ! 2020.12.30 06:15:28 - Connecting to Arkab (Canada, Toronto, Ontario) . 2020.12.30 06:15:29 - OpenVPN > OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019 . 2020.12.30 06:15:29 - OpenVPN > library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10 . 2020.12.30 06:15:29 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2020.12.30 06:15:29 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2020.12.30 06:15:29 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2020.12.30 06:15:29 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2020.12.30 06:15:29 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]184.75.221.213:443 . 2020.12.30 06:15:29 - OpenVPN > Socket Buffers: R=[212992->212992] S=[212992->212992] . 2020.12.30 06:15:29 - OpenVPN > UDP link local: (not bound) . 2020.12.30 06:15:29 - OpenVPN > UDP link remote: [AF_INET]184.75.221.213:443 . 2020.12.30 06:15:29 - OpenVPN > TLS: Initial packet from [AF_INET]184.75.221.213:443, sid=923d6ecc 2a68b3fa . 2020.12.30 06:15:29 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org . 2020.12.30 06:15:29 - OpenVPN > VERIFY KU OK . 2020.12.30 06:15:29 - OpenVPN > Validating certificate extended key usage . 2020.12.30 06:15:29 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication . 2020.12.30 06:15:29 - OpenVPN > VERIFY EKU OK . 2020.12.30 06:15:29 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Arkab, emailAddress=info@airvpn.org . 2020.12.30 06:15:29 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA . 2020.12.30 06:15:29 - OpenVPN > [Arkab] Peer Connection Initiated with [AF_INET]184.75.221.213:443 . 2020.12.30 06:15:30 - OpenVPN > SENT CONTROL [Arkab]: 'PUSH_REQUEST' (status=1) . 2020.12.30 06:15:30 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.9.230.1,dhcp-option DNS6 fde6:7a:7d20:5e6::1,tun-ipv6,route-gateway 10.9.230.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:5e6::10a2/64 fde6:7a:7d20:5e6::1,ifconfig 10.9.230.164 255.255.255.0,peer-id 0,cipher AES-256-GCM' . 2020.12.30 06:15:30 - OpenVPN > Pushed option removed by filter: 'redirect-gateway ipv6 def1 bypass-dhcp' . 2020.12.30 06:15:30 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified . 2020.12.30 06:15:30 - OpenVPN > OPTIONS IMPORT: compression parms modified . 2020.12.30 06:15:30 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified . 2020.12.30 06:15:30 - OpenVPN > OPTIONS IMPORT: route-related options modified . 2020.12.30 06:15:30 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified . 2020.12.30 06:15:30 - OpenVPN > OPTIONS IMPORT: peer-id set . 2020.12.30 06:15:30 - OpenVPN > OPTIONS IMPORT: adjusting link_mtu to 1625 . 2020.12.30 06:15:30 - OpenVPN > OPTIONS IMPORT: data channel crypto options modified . 2020.12.30 06:15:30 - OpenVPN > Data Channel: using negotiated cipher 'AES-256-GCM' . 2020.12.30 06:15:30 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2020.12.30 06:15:30 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2020.12.30 06:15:30 - OpenVPN > ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=enp4s0 HWADDR=18:31:bf:27:32:cc . 2020.12.30 06:15:30 - OpenVPN > GDG6: remote_host_ipv6=n/a . 2020.12.30 06:15:30 - OpenVPN > ROUTE6: default_gateway=UNDEF . 2020.12.30 06:15:30 - OpenVPN > TUN/TAP device tun0 opened . 2020.12.30 06:15:30 - OpenVPN > TUN/TAP TX queue length set to 100 . 2020.12.30 06:15:30 - OpenVPN > /sbin/ip link set dev tun0 up mtu 1500 . 2020.12.30 06:15:30 - OpenVPN > /sbin/ip addr add dev tun0 10.9.230.164/24 broadcast 10.9.230.255 . 2020.12.30 06:15:30 - OpenVPN > /sbin/ip -6 addr add fde6:7a:7d20:5e6::10a2/64 dev tun0 . 2020.12.30 06:15:34 - OpenVPN > /sbin/ip route add 184.75.221.213/32 via 192.168.1.1 . 2020.12.30 06:15:34 - OpenVPN > /sbin/ip route add 0.0.0.0/1 via 10.9.230.1 . 2020.12.30 06:15:34 - OpenVPN > /sbin/ip route add 128.0.0.0/1 via 10.9.230.1 . 2020.12.30 06:15:34 - OpenVPN > add_route_ipv6(::/3 -> fde6:7a:7d20:5e6::1 metric -1) dev tun0 . 2020.12.30 06:15:34 - OpenVPN > /sbin/ip -6 route add ::/3 dev tun0 . 2020.12.30 06:15:34 - OpenVPN > add_route_ipv6(2000::/4 -> fde6:7a:7d20:5e6::1 metric -1) dev tun0 . 2020.12.30 06:15:34 - OpenVPN > /sbin/ip -6 route add 2000::/4 dev tun0 . 2020.12.30 06:15:34 - OpenVPN > add_route_ipv6(3000::/4 -> fde6:7a:7d20:5e6::1 metric -1) dev tun0 . 2020.12.30 06:15:34 - OpenVPN > /sbin/ip -6 route add 3000::/4 dev tun0 . 2020.12.30 06:15:34 - OpenVPN > add_route_ipv6(fc00::/7 -> fde6:7a:7d20:5e6::1 metric -1) dev tun0 . 2020.12.30 06:15:34 - OpenVPN > /sbin/ip -6 route add fc00::/7 dev tun0 . 2020.12.30 06:15:34 - DNS of the system updated to VPN DNS (Rename method: /etc/resolv.conf generated) . 2020.12.30 06:15:34 - Routes, added a new route, 184.75.221.211 for gateway 10.9.230.1 . 2020.12.30 06:15:34 - Routes, added a new route, 2606:6080:1001:17:9ea4:71f9:d294:d7b7 for gateway fde6:7a:7d20:5e6::1 . 2020.12.30 06:15:34 - Flushing DNS I 2020.12.30 06:15:34 - Checking route IPv4 I 2020.12.30 06:15:34 - Checking route IPv6 I 2020.12.30 06:15:35 - Checking DNS ! 2020.12.30 06:15:35 - Connected. . 2020.12.30 06:15:35 - OpenVPN > Initialization Sequence Completed . 2020.12.30 06:45:21 - Collect information about AirVPN completed . 2020.12.30 07:14:40 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org . 2020.12.30 07:14:40 - OpenVPN > VERIFY KU OK . 2020.12.30 07:14:40 - OpenVPN > Validating certificate extended key usage . 2020.12.30 07:14:40 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication . 2020.12.30 07:14:40 - OpenVPN > VERIFY EKU OK . 2020.12.30 07:14:40 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Arkab, emailAddress=info@airvpn.org . 2020.12.30 07:14:40 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2020.12.30 07:14:40 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2020.12.30 07:14:40 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA . 2020.12.30 07:15:26 - Collect information about AirVPN completed malloc(): invalid next size (unsorted) ================================================================= Native Crash Reporting ================================================================= Got a SIGABRT while executing native code. This usually indicates a fatal error in the mono runtime or one of the native libraries used by your application. ================================================================= ================================================================= Native stacktrace: ================================================================= 0x55b042e23eb5 - mono : (null) 0x55b042e24250 - mono : (null) 0x55b042dd1129 - mono : (null) 0x55b042e23467 - mono : (null) 0x7f07d6c8c3c0 - /lib/x86_64-linux-gnu/libpthread.so.0 : (null) 0x7f07d6ab018b - /lib/x86_64-linux-gnu/libc.so.6 : gsignal 0x7f07d6a8f859 - /lib/x86_64-linux-gnu/libc.so.6 : abort 0x7f07d6afa3ee - /lib/x86_64-linux-gnu/libc.so.6 : (null) 0x7f07d6b0247c - /lib/x86_64-linux-gnu/libc.so.6 : (null) 0x7f07d6b0528c - /lib/x86_64-linux-gnu/libc.so.6 : (null) 0x7f07d6b05fdf - /lib/x86_64-linux-gnu/libc.so.6 : (null) 0x7f07d6b082d6 - /lib/x86_64-linux-gnu/libc.so.6 : realloc 0x55b04309e903 - mono : monoeg_realloc 0x55b0430a2362 - mono : monoeg_g_string_set_size 0x55b042f09752 - mono : (null) 0x55b042f0af45 - mono : (null) 0x55b042f0b10e - mono : (null) 0x55b042f3d64d - mono : (null) 0x55b042f55fa8 - mono : (null) 0x41b82f08 - Unknown ================================================================= Telemetry Dumper: =================================================================

Poland does not protect their citizens from ideological/government censorship, which is by far the greater threat there. https://rsf.org/en/poland https://rsf.org/en/news/poland-about-censor-privately-owned-media-its-hungarian-ally It is important to note that this is a double-edged sword which will definitely be used against people, even if implemented with good intentions. The underlying question is: What justifies removing a piece of information? A post about EU wanting to make Poland pay for some wall in the south against the waves of refugees will be a candidate since it's in fact wrong, and the problem is that an article about the govt. replacing "inconvenient" judges and journalists will be, too, being an inconvenient truth that will inevitably divide people. Exposing everyone in the world to this nonsense is a very, very bad idea. Which is why a Poland server is… improbable.

Operating System: openSUSE Leap 15.2 KDE Plasma Version: 5.18.6 KDE Frameworks Version: 5.71.0 Qt Version: 5.12.7 Kernel Version: 5.3.18-lp152.57-preempt OS Type: 64-bit Processors: 8 × AMD Ryzen 5 3400G with Radeon Vega Graphics Memory: 15,3 GiB In the first and second beta, I didn't have this problem.

@Staff When can we expect one of these 10gbit/s wonders in Canada(Toronto)?

Hello! We're very glad to inform you that AirVPN Suite 1.0.0 RC 1 for Linux has just been released. It addresses all the problems reported so far, except: problems reported in unstable distributions but not occurring in the same distribution stable release the specific problem reported by @OpenSourcerer as we failed to reproduce it: please report if you find anything similar to what OpenSourcerer has reported because we can't manage to reproduce the malfunction in spite of very many efforts Links to download packages have been updated in the first message of this thread. Kind regards

Thanks for the Christmas sale! I've tried several other VPN's over the years but somehow overlooked AirVPN. It feels good to know I've found one of the best and have settled in for 3 years. Wishing everyone a Better New Year!

Considering this post is nearly a week old I find it a little disconcerting that no one from AirVPN has even bothered to reply to this

Okay. Try this instead: keepalive 5 10 It's short for ping 5, ping-restart 10. Maybe you need to lower the ping frequency, too.

This new Xuange server works really well and fast as well as stably! I've been using it all day on my Smartphone and computer. I have noticed that this connection is much faster than I what the other Servers in the Air! I will always use this server in the future. Thank you for this new server, and Merry Christmas everyone!

As a long time GNU/Linux enthusiast & evangelist I am very privacy & net neutrality concerned, and care a lot about the software I run. Eddie is the very first VPN client I happily run on my Manjaro box. Though I still enjoy personally adding & managing VPN configurations thru the Network Connection Manager, I now see why a VPN client might be interesting: Eddie simply works out of the box and does not make a GNU/Linux user feel a 2nd class citizen (eg, network lock feature included by default), & provides detailed info on latency & load. What about transparency? Simply astonishing. In this world where money is the only religion, transparency is often an abused concept of the past. Not here. When geographic location is not mandatory, I love operating from the currently fastest server available and not overload the others.. The number of locations seems to be low and the servers number a bit odd, but it works well. A well balanced infrastructure indeed with access points in strategic places all over the world. I love the servers names! As time passes, they become close friends. What about sponsorship? The fact that the company cares about some of the most important open source projects & organizations is definitely a plus. Not to mention that the community simply looks great. Thank you!

@Hiroo Onoda Hello! Please discard our previous message. There is no such permission on stock Android 10 versions The wrong answer was based on a customized Android version we use. We apologize for any inconvenience. Currently Eddie can not boot automatically in Android 10 and 11 unless you start it with third party boot managers etc. The issue will be addressed in the next Eddie release, stay tuned. Kind regards

@Flx The first message was approved by some moderator in the wrong thread, not a big deal. Then we moved the message on its own thread, this one. Then user "wireguard" posted more messages which were all approved by some moderator. @Brainbleach Of course. We were replying to "wireguard" who invites surreptitiously to punish AirVPN because AirVPN uses and develops actively OpenVPN: "Needless to say, investing in AirVPN means investing in OpenVPN, and that's not acceptable to me at this point," . He/she also kept claiming that "it's time to retire OpenVPN" (sic), that OpenVPN is a "truly disgusting hack" (sic) and so on,. showing his/her embarrassing ignorance and lack of good faith. Nothing to do with your messages. Funny how bogus account writers are so eager to become from time to time AirVPN software lead developers, general managers for AirVPN strategies, marketing directors and more. 😀 We wanted to prove beyond any reasonable doubt that his/her claim are unreasonable and based on wrong assumptions and terrible omissions, showing how Wireguard can not replace OpenVPN for a significant percentage of our customers and how our OpenVPN development has been beneficial for many users around the world. That said, we claimed that Wireguard needed to be developed and tested further years ago, so at the time our claim was totally reasonable. We also claimed years ago that the problem was not with CHACHA20 which to the best of nowadays knowledge is a very robust and secure cipher. Now the problems are different because Wireguard is asked to offer something which it was not designed for, i.e. providing some kind of anonymity layer. Such problems include lack of DNS push, lack of dynamic IP address assignment (with subsequent problems with client key-private address static correspondence, a very tough legal problem for us but above all for our customers), need of keeping client real IP address stored in a file. We have resolved them one by one with external software and internal work around. Once the problems are resolved in a robust way, which means testing thoroughly the adopted work-around, we can offer Wireguard, not earlier. Kind regards

@arteryshelby We do not log and/or inspect our customers' traffic. Since 2010 you can't produce any single case, and not even the slightest clue, in which the identity of an AirVPN customer has been disclosed through traffic log and/or inspection and/or any other invasive method. It means a lot, given that various younger VPN services have been caught lying (ascertained court cases) and that AirVPN is now the oldest still active VPN service, with the exception of a minor service which anyway changed ownership twice in the last 12 years. By the way we have never asked our customers to blindly believe in our words. We do not block Tor and we even integrate its usage in our software, so you can be even safer if you can't afford to trust us OR some datacenter. For example you can use Tor over OpenVPN, to hide Tor usage to your country and ISP, and at the same time hide your traffic real origin, destination, protocol etc. to us and the datacenter the server is connected into. Last but not least, we invest a lo of money in Tor infrastructure and in 2017, 2018 and 2019 more than 2.5% of global world Tor network traffic transited on Tor exit-nodes paid by AirVPN. It is an important achievement we're proud of, and it hints to good faith. Kind regards

Regarding the VPN service from the video type the name in the search field above. You will find your answer and the answer from staff. Have a nice one.

@BlueBanana Hello! Check the stats about used bandwidth on the total infrastructure day by day: As you can see, the used peak bandwidth has increased remarkably in the last days, up to 80200 Mbit/s. On the whole infrastructure, it is still slightly more than just 1/3 of the total available bandwidth (236900 Mbit/s). We will closely monitor, on top of that, used bandwidth country by country, of course. About the countries you mention, even the last peak usage does not exceed 60% of total available bandwidth in each of those countries. We are still well within the range of the quality of service ensured by the terms of service and actually most available bandwidth has not ever been used. That said, we will not hesitate to add servers when it is really necessary, of course. We are monitoring closely, as usual, peak demands country by country. Kind regards

For the sake of a good review and a marketing stunt, no, probably not. What I noticed: While most of their points they explain are quite right, considering That One Privacy Site as a source and requiring public audits and server/location amount as necessary is questionable. All of Reddit knows by now that That Guy has little knowledge of the stuff he writes about and reviewed all VPN providers solely based on what they wrote on their website at that time. You really can't top that method. I could set up a VPN service promising everything under the sun on its website and for him it'd be the best VPN he'd ever witnessed. Also, The Verge. Location amount doesn't really count because faking a server location is a thing and it was proven that NordVPN for example does this. It's even possible to find out who does it for yourself, and it was even mentioned on these forums somewhere. Although, to be fair, they rule NordVPN out because of even more points. They still take warrant canaries into consideration, even though not a must. They're considered a failure, lulling people into a false sense of security and are generally thought of more like a running marketing gag. Some questionable things are their speed tests which really depend on your location and setup, server choice, used config, etc, as they correctly write. It's possible you get a much better result on many occasions, so it shouldn't be a necessity. Minor thing: The possibility to do VPN over Tor wasn't even considered, something only Eddie offers so far. Only Tor over VPN got screen time, but it gets screen time everywhere and isn't even strictly a VPN topic, no idea why it gets two full paragraphs in that article. And... hold on, what the hell is that? They can't possibly be serious. So the public audit is their one k.o. argument? And they only tested five, FIVE, providers extensively? :DDDDD

Last update: 16 May 2018 - Related to version: Eddie 2.14.4 Any Linux distribution has at least:a different graphics server (X11, Wayland)a different desktop environment (GNOME, KDE, LXTE etc.)a package manager with a specific format (deb, rpm, tar.xf etc.)a different packaging signature for trust and securitya different method to obtain administrative privileges, required by advanced features of Eddie (also because OpenVPN requires them)a different set of packages used by our client, that sometimes have different names (for example 'stunnel4' under Debian, 'stunnel' for Fedora)maybe a different DNS management.We are working at our best to support every kind of configuration managed by our source code directly, when possible. Tested without known issuesDebian (tested 7/8/9)Ubuntu (18.04 GNOME tested)Ubuntu Mate (18.04 tested)Devuan (tested Ascii)MintArch (XFCE tested)Fedora (28 tested) With minimal issuesopenSUSE (Tumbleweed KDE tested) openSUSE (Tumbleweed GNOME tested) Works, with no tray icon.Elementary Works, but tray icon, web and folder links don't work. Fatal issues None known. Tech notesSometimes Tray icon works, but it is not shown because the desktop environment hides it. For example, latest GNOME may require a separate shell extension (generally TopIcons).Currently Eddie 2.x under Linux requires root privileges (like GParted or Synaptic Manager). Elevation is generally obtained with a polkit policy file (pkexec) if installed, otherwise fallback methods are used when available (gksu, kdesu, beesu etc.). When the UI runs as root, there are four -optional- actions that are performed as normal user: tray icon, notifications, open web links and open file folders. If it is not possible to act as a normal user, such actions are not performed at all. A totally separated UI (as a normal user) vs. root-actions (as root user, service or separate process) is currently under development. Needed improvementsMinimal lintian warnings on .deb editionGeneral info details on .deb edition (for example, reporting Proprietary as License, not true.)General info details on .rpm edition (for example, reporting Proprietary as License, not true.)Create official package for AUR and other distributions.Create packages also for CLI-only edition.Create packages based on direct source compilation.Procedures to include Eddie in official/standard repository

Greetings, I've searched for forums, but couldn't find a concrete answer. Is it possible to use AirVPN as a proxy server? I'd like to run it, but NOT have it redirect all traffic through air's vpn, only specific browser traffic that I point to it. I'm looking at using Switchy! for chrome, which can route traffic through a proxy based on domain name (or other rules), and am wondering if I can setup AirVPN to be used as the proxy to go through when these rules trigger.

You can try this project: https://r1ch.net/projects/forcebindip

Probably because they decided not to use women and children as suicide bombers, or fire rockets indiscriminately into civilian areas. But this isn't really the place to discuss it.