Not connected, Your IP: 3.16.41.142
Online: 23231 users - 267126 Mbit/s total BW
go558a83nk
-
Content Count
2096 -
Joined
... -
Last visited
... -
Days Won
37
Posts posted by go558a83nk
-
-
by default pfsense will monitor my end of the VPN, not the gateway. (but, it monitors the gateway my ISP WAN properly) I have to manually change the monitor IP. It's a good question and something people bug pfsense devs about often.
Not sure what is wrong on your end but my pfsense can ping the GW ip.
Check System > Routing > Gateways
My gateay is set to dynamic. That works no matter which IP you get.
Yes, that's how setup. RTT for that by default is always 0.1ms because it's pinging my VPN internal IP, not the gateway.
-
So taking the Rasalas server as an example, nslookup gives me this:
Name: rasalas.airservers.org
Address: 64.120.44.138 <--entrance IP
ipleak.net reports this:
64.120.44.139 <--exit IP
Correct?
yes.
That is entry IP 1. You may note in Eddie or the config generator that servers have at least 2 entry IP. Servers updated to the latest software have 4 entry IP.
But, always only the one exit IP.
-
Does it make a huge difference? I ran the seedboxes-test twice and I was always on the fastest route - the differences were almost negligible, though.
For you it didn't make a difference I guess. But, in my experience with both those seedboxes, the ability to choose my route significantly enhanced the speed with which I could download from them.
Either you get "around" overloaded networks, or you get routing that works with your location (AirVPN server) better.
In the case of being able to do this with AirVPN servers, you'd possibly get routing that works better with your ISP than the default routing.
-
Is it possible with any AirVPN location that an option similar to https://network.feral.io/reroute or http://speedtest.seedboxes.cc/ could be offered to users?
(The Seedboxes.cc site doesn't show it right away but if you test your speed you'll be offered the choice of which network to use based on the speed tests.)
I'm thinking "no" but I figured I'd ask and at least generate some discussion.
Guest reacted to this -
Some of the servers are only 100mbit/s servers, most are 1000mbit/s.
Keep that in mind when you're looking.
-
are you trying to connect to a server that no longer exists?
-
The problem is that with each different connection the gateway IP will be different. So, with each new connection a person must manually change the monitor IP. We're just wishing for something that always works.
Hello,
why can't you get the VPN gateway address at each connection and automatically use it for your purposes?
Kind regards
by default pfsense will monitor my end of the VPN, not the gateway. (but, it monitors the gateway my ISP WAN properly) I have to manually change the monitor IP. It's a good question and something people bug pfsense devs about often.
-
I started using Google's DNS server: 8.8.8.8 and Cloudflare's: 1.1.1.1 as monitoring IPs. Seems to work really well.
Yes, I could do that but 1) it adds more variability to the path between me the IP I'm monitoring and 2) I pay for AirVPN so I don't mind pinging them continuously but I'd feel like I'd be abusing whatever public DNS I ping.
-
Hi.
When connected to an AirVPN-server through a VPN-router... Are there any fixed IPs on the VPN-server that can be used to ping for monitoring the quality of the VPN connection (RRD graphs etc)? I used to be able to use 10.x.0.1 but they do not seem to respond to pings anymore. What is the correct IP to use for this purpose?
Kind regards,
You can ping the VPN default gateway address as usual.
Kind regards
The problem is that with each different connection the gateway IP will be different. So, with each new connection a person must manually change the monitor IP. We're just wishing for something that always works.
-
Yep, since 10.4.0.1 isn't pingable anymore there's nothing that just works anymore. Good question.
-
This was much much harder than initially expected but I have created .deb and rpm. packages to make the installation process a lot easier (and create less dependency issues).
Deb-Package:
Rpm-Package:
In the future, new versions will be available through the releases section on github.
thanks. the other day I tried to install and got some pip3 error. this should make it easier.
-
Explain it for those of us who aren't bitcoin experts. Sure somebody can see that Air received some bitcoin but how do they know who sent it?
-
Glad to see those new servers are in a different datacenter than the others in Frankfurt.
-
As of this time two different public DNS cannot resolve those new hosts (e.g. serpens.airvpn.org). I guess the records haven't propagated yet?
Hello! It's an issue we should be able to resolve quickly.
EDIT: it's taking longer than expected. Please use <server_name>.airservers.org in the meantime. We might be dropping <server_name>.airvpn.org in the near future.
Kind regards
ah, OK, thanks!
-
As of this time two different public DNS cannot resolve those new hosts (e.g. serpens.airvpn.org). I guess the records haven't propagated yet?
-
or build a pfsense box with an intel chip
It doesn't have to be an intel chip. AMD chips have AES-NI too. AES-NI is what's important. For a pfsense box you don't need a huge CPU with 8+ cores. Mine is AMD, has 2 cores, and can do at least 430mbit/s openvpn with AES-256-GCM data channel. I don't know how much faster as that's my ISP max.
-
I was connected to another AirVPN server the other day and rarbg was telling me my IP was banned. It wouldn't let me post comments to torrents, or vote on comments, or look past page 2 of the list of torrents.
But, I had no problems downloading torrent files.
I went to another AirVPN server and had no problems. Obviously there are users of AirVPN who are morons and cause problems for the rest of us.
333_half_evil reacted to this -
Yes, the AC68 will limit you to about 50mbit/s max. The CPU in routers can't encrypt/decrypt super fast.
-
I understand there may be changes coming to DN Servers. Currently I make use of 10.4.0.1 and 10.5.0.1 which aren't available if my VPN isn't connected though I know I can't rely solely on that. Are there changes afoot and if so what?
I did try to search but "DNS" like other abbreviations is too short but I'm sorry if this is a repeat.
Richard
10.4.0.1 will remain a DNS server accessible to all subnets.
-
If you change protocols, servers, and ports, this 10.0/16 will change.
Not sure why this is an issue, in case you treat AirVPN as your "ISP",
then everything DHCPd to you 10.0.0.0/8 should be considered a public IP.
Things are changing and you think people won't need to go through a transition period?
If this was a reply to me, then I think you didn't understand what I wrote. I said the subnet changed after simply reconnecting - same port/protocol/server. Staff said above "not random, they are unique (and always the same)" speaking of each openvpn daemon's subnet. So, the question then is do I get a different openvpn daemon even though I connect to the same server/port/protocol combination?
It doesn't matter to me. I reported it in case it was an important problem for Staff to fix considering what they'd already said.
-
AirVPN won't do that as they ARE in the business of security and privacy but they do have a list of ciphers that can be used. One may be easier on your CPU than aes-256-gcm but usually gcm is the fastest.
-
Is it normal for a traceroute to a local IP address to reach the internet!?
Looks like maybe they've fixed it. Of note, I reconnected to the same server, same port, same everything. Just a reset of the connection. But, I got a different subnet. My understanding was those subnets would stay the same. Previously was 10.32.82.1, now 10.32.70.1.
tracert 10.4.0.1 Tracing route to 10.4.0.1 over a maximum of 30 hops 1 28 ms 26 ms 28 ms 10.32.70.1 2 27 ms 29 ms 27 ms 199.249.230.254 3 * * * Request timed out. 4 * * * Request timed out. 5 * * * Request timed out. 6 * * * Request timed out. 7 * * * Request timed out. 8 * * * Request timed out. 9 ^C
-
Thanks I've updated my script accordingly.
Last thing, I used to graph the ping to the first IP on the outside of the tunnel. I used to do that with the gateway 10.4.0.1. Is there any IP I could use to continue doing that? (an IP that would not change over time I mean)
Hello!
10.4.0.1 remains good for your purpose. It is ping-able from any subnet. It is also a DNS server IP address which is reachable from any subnet.
Kind regards
As has been established in the other thread, 10.4.0.1 is not pingable...at least on many servers. Three of us have responded in that thread with no reply from you.
I can use it for DNS resolution
nslookup airvpn.org 10.4.0.1 Server: UnKnown Address: 10.4.0.1 Non-authoritative answer: Name: airvpn.org Addresses: 2001:1af8:4010:a08d:22:: 5.196.64.52
But I can't ping it
ping 10.4.0.1 Pinging 10.4.0.1 with 32 bytes of data: Reply from 38.122.207.9: Destination net unreachable. Request timed out. Request timed out. Ping statistics for 10.4.0.1: Packets: Sent = 3, Received = 1, Lost = 2 (66% loss),
The trace is interesting
tracert 10.4.0.1 Tracing route to 10.4.0.1 over a maximum of 30 hops 1 181 ms 209 ms 126 ms 10.32.82.1 2 99 ms 119 ms 121 ms 199.249.230.254 3 * * 38.122.207.9 reports: Destination net unreachable.
The trace to 10.4.0.1 is going outside your server network it seems as it encounters 38.122.207.9...which is encountered when I do trace to outside your Dallas DC.
tracert 8.8.8.8 Tracing route to google-public-dns-a.google.com [8.8.8.8] over a maximum of 30 hops: 1 226 ms 182 ms 135 ms 10.32.82.1 2 122 ms 39 ms 34 ms 199.249.230.254 3 98 ms 50 ms 34 ms 38.122.207.9 4 181 ms 90 ms 59 ms be2664.ccr31.dfw01.atlas.cogentco.com [154.54.41.201] 5 28 ms 34 ms 42 ms be2763.ccr41.dfw03.atlas.cogentco.com [154.54.28.74] 6 29 ms 33 ms 34 ms tata.dfw03.atlas.cogentco.com [154.54.12.106] 7 68 ms 47 ms 37 ms 209.85.172.106 8 92 ms 142 ms 155 ms 108.170.240.129 9 214 ms 123 ms 89 ms 64.233.175.103 10 93 ms 84 ms 94 ms google-public-dns-a.google.com [8.8.8.8]
-
Looks like your network or your ISP is preventing UDP connections. Try TCP.
Report from China
in Eddie - AirVPN Client
Posted ...
I'm sorry, I feel bad for you Staff. No matter how many times you say *entry IP 3 and 4* people still seem to not comprehend. I guess they just don't open their eyes.