Staff

Hello! This is an error, please set an IP address for the namespace virtual interface, not a whole subnet. Do you mean that the problem started when you deleted and re-created /etc/netns, or it was solved when you did this? Can you please send us the output of: ls -l /etc Furthermore, please send us the complete Bluetit log, that you can generate with: sudo journalctl | grep bluetit > bluetit.log # if you have systemd based Arch sudo grep bluetit /var/log/syslog > bluetit.log # if you have Arch-systemd-free cuckoo: error while loading shared libraries: libxml2.so.2: cannot open shared object file: No such file or directory Yes, this is a required library. It is pre-installed on many distributions and we considered it as available by default. We shall ponder revising the minimum requisites list, thank you. Kind regards

Hello! Confirmed. This is a bug that has been lurking in the code for a long time (probably since the early 2.0.0 testing versions). It has been addressed so you will see a fix on the next version already. Kind regards

Hello! AMule uses both TCP and UDP protocols for different functions. TCP is primarily used for client-to-client transfers and connections to eDonkey servers, while UDP is used for extended protocol features, according to Wikipedia. For your account you have forwarded a few UDP only ports. Please change them to "TCP and UDP" and test again. Furthermore, if your system is Windows, make sure that the Windows Firewall (or Defender etc.) allows incoming packets for aMule on both private and public networks: if the VPN is considered a public network (check it out) by default incoming packets will be rejected or dropped. Kind regards

Hello! We're glad to inform you that AirVPN Suite 2.1.0 beta 1 is now available. Packages for ARM 64 bit architecture are available as well, if you wish to test. https://airvpn.org/forums/topic/80022-linux-airvpn-suite-210-preview-available/ Kind regards

Hello! We're very glad to inform you that AirVPN 2.1.0 beta 1 is now available. Please check here: https://airvpn.org/forums/topic/80022-linux-airvpn-suite-210-preview-available/ This version includes even more bug fixes and IPv6 management improvements. It is linked against updated libraries. NEW BLUETIT AND GOLDCREST OPTION air-4to6 Enables or disables IPv4 over IPv6 for AirVPN connection. This option is available when the tunnel is built on IPv6, i.e. air-ipv6 on. When air-4to6 option is on or omitted, both IPv4 and IPv6 traffic will be sent over the IPv6 tunnel. Values: on | off . Default: on Kind regards

@clients First of all, you wrote to the support team on Sunday May the 10th and you received a reply within 48 hours, since on Sunday only tech support and emergency dep. work, and not sales. A reply within 48 hours is perfectly reasonable. Second, the reasons of your account suspension were clearly stated in the reply, so your claim is false. Dear Sir/Madam, you accepted explicitly with double confirmation AirVPN's Terms of Service. https://airvpn.org/tos According to the aforementioned Terms of Service article 5, AirVPN terminated your use of the Service due to infringement of article 4, point 5. It was ascertained by reputable authority and later verified independently that your account was running a malware spreading infrastructure through AirVPN servers. In accordance with the appropriate and due procedure and with your statements on the matter, a proper court will examine the evidence that you and all the involved parties will be required to produce in due time, and emit a ruling. For the readers: AirVPN is configured as a mere conduit like entity and as such does not inspect or analyze customer traffic and has no general obligation to do so. However, upon actual knowledge of illegal conduct through reliable notifications, judicial decisions, or communications from competent authorities, it must act expeditiously and effectively to stop or prevent the continuation of the unlawful activity (or lose the liability exemption granted to mere conduits and other entities). This thread is now frozen and locked, in case further forensic or any other type of examination will be required by a competent court. Kind regards

Hello! Thank for your choice! The infrastructure servers are updated periodically and rebooted on a scheduled, slow rotation to avoid excessive disruptions, except when an urgent update is absolutely necessary. On the 1st of May, an urgent update became essential to address a paramount, critical vulnerability affecting all Linux kernels. Therefore, after having verified that no exploit was attempted on the servers, and after applying a temporary patch preventing the exploit, we proceeded at a rapid pace to update all kernels and reboot the servers in large batches to complete all updates within 24 hours. Kind regards

Hello! Roughly 30% to 50% of peers in a typical Linux distro swarm have working IPv6 connectivity. However, BitTorrent clients or systems may prefer IPv4 and the perceived percentage of IPv6 peers can be dramatically lower. Kind regards

Hello! We can't provide an ETA right now but stay tuned. Are you sure that blocks from Russia are effective when you use QUIC CPS of a real .ru website? According to a few reports, that's good to bypass current blocks. However, it must be said that different ISPs implement different blocking techniques. Kind regards

Hello! Syntax error. Check our previous message and fix accordingly, there's an undue space character between "Nftables" and "TableOwner" that must be deleted, otherwise the option is not recognized. Kind regards

Hello! We already told you where to look at and you already provided evidence of the duplicate and exposing Bluetit's bug, don't worry and thank you. No further action is required at the moment. You must see that Bluetit's warning about exclusive tables ownership disappears and Network Lock now works properly. firewalld exclusive tables ownership prevents Network Lock from working properly on any Suite version, obviously. Kind regards

Hello! Exactly. Add it (you can edit the file with any text editor with root privileges), set it to "no" and verify that the issue gets resolved. NftablesTableOwner=no then re-start firewalld. This is vital to let Bluetit operate "Network Lock" properly. Exclusive ownership of the firewall tables must be pondered on a case by case basis. In this case if you wish to enable "Network Lock" you can't assign exclusive ownership of the tables to firewalld. You have two default routes via 192.168.178.1 on the same interface (enp6s0), one without explicit metric (so metric 0) and one with metric 100. Such duplicates are harmless in general but Bluetit detects them, probably fails to understand that the metric of one of them is 0, and throws a critical error believing that the metric is the same for both. We'll work on the matter carefully. In the meantime just delete the duplicate route and configure your interface either fully static or fully DHCP to keep on testing Kind regards

@colorman Hello and thank you for your tests! This is a critical situation which will cause Network Lock to falter and lead to firewall system settings restore problems. Please fix it according to the quoted instructions. Should you have already adhered to the aforementioned guidance and Bluetit continues to issue that warning, we kindly ask you to apprise us forthwith. This critical error suggests that something goes wrong in Bluetit's gateway(s) detection. Probably the error shall endure even after the prior misconfiguration has been rectified. If so, please send us the output of the following commands: ip a ip route show ip route get 0.0.0.0 Kind regards

Hello! This message has been picked to experiment answers by a selected LLM. The answer has been verified manually and slightly edited. In short, the hops you mention are in Singapore. No changes in Singapore infrastructure took place to justify the change in latency you detect. Operator: locate countries of: vlan12.as06-10g.wco1.sg.m247.ro irb-1906.agg1v.wco1.sg.m247.ro be-2-3111.bb1n.wco1.sg.m247.ro All three hostnames point to infrastructure in Singapore. Here’s how that breaks down: wco1.sg.m247.ro sg is the standard country/location code for Singapore wco1 likely refers to a specific data center or site within that region m247.ro is a Romanian network provider (M247), but they operate globally So for each: vlan12.as06-10g.wco1.sg.m247.ro → Singapore irb-1906.agg1v.wco1.sg.m247.ro → Singapore be-2-3111.bb1n.wco1.sg.m247.ro → Singapore Summary: All three are part of M247’s network presence in Singapore, despite the .ro domain. Operator: Break down names with additional details These hostnames follow fairly typical ISP / backbone naming conventions. Each segment encodes device role, interface, and location. Let’s break them down piece by piece. 🌍 Common suffix (applies to all) m247.ro → Network operated by M247 (Romanian-origin ISP with global PoPs) sg → Singapore wco1 → Likely “West Coast / core site 1” (internal site code for that Singapore PoP) So all three are devices inside the same Singapore location. 1️⃣ vlan12.as06-10g.wco1.sg.m247.ro Breakdown: vlan12 A VLAN interface (Virtual LAN ID 12) Used for logical segmentation inside a router/switch as06-10g as06 → likely “access switch / aggregation switch #6” 10g → 10 Gigabit interface/uplink wco1.sg.m247.ro Location + provider (Singapore PoP) Interpretation: 👉 A VLAN interface (ID 12) on an access/aggregation switch with a 10G link 👉 Likely used for customer traffic or internal segmentation 2️⃣ irb-1906.agg1v.wco1.sg.m247.ro Breakdown: irb-1906 IRB = Integrated Routing and Bridging Interface number 1906 Common on Juniper gear (Layer 3 gateway for a VLAN) agg1v agg → aggregation router/switch 1 → device number v → possibly “virtualized” or variant of the node wco1.sg.m247.ro Same Singapore site Interpretation: 👉 A Layer 3 gateway interface (IRB) on an aggregation router 👉 Handles routing between VLANs or customer subnets 3️⃣ be-2-3111.bb1n.wco1.sg.m247.ro Breakdown: be-2-3111 BE = Bundle Ethernet (port-channel / LAG) 2 → bundle ID 3111 → internal interface identifier bb1n bb → backbone router 1 → device number n → possibly “north” (directional naming is common) wco1.sg.m247.ro Same location Interpretation: 👉 A backbone router interface using a bundled (aggregated) high-capacity link 👉 Likely part of core transit or inter-PoP connectivity 🧠 Big picture (network hierarchy) Putting them together: Access layer → as06-10g (customer-facing / edge connectivity) Aggregation layer → agg1v (traffic consolidation + routing) Backbone/core layer → bb1n (high-capacity transit) This is a classic ISP architecture: Customer VLAN → Access Switch → Aggregation Router → Backbone Router ⚠️ Important note These interpretations are informed guesses, not guaranteed facts. Naming conventions vary by provider, but M247’s style aligns closely with standard ISP practices. Kind regards

@anchoby Hello! Error 111 means that the packet reached your node but the attempted connection was actively rejected, typically through a TCP RST packet. Please follow this checklist: https://airvpn.org/forums/topic/66388-port-forwarding/?do=findComment&comment=243305 Kind regards

Hello! We see the problem. Eddie Android edition 4.0.0 is affected by a bug. When Eddie generates a profile for WireGuard or AmneziaWG, it fails to add the MTU option and the IPv6 argument for the AllowedIPs option. We have immediately patched Eddie with high priority and now version 4.0.1 is available, addressing these issues. We strongly recommend that you upgrade immediately. Thank you for having reported the problems! Please see also here: https://airvpn.org/forums/topic/80030-eddie-android-edition-401-available/ Kind regards AirVPN Support Team

Hello! We're very glad to inform you that Eddie Android edition 4.0.1 is now available. This is a patch release to fix a bug affecting AmneziaWG and WireGuard profile generation by Eddie. When generating a profile for WireGuard or AmneziaWG, Eddie 4.0.0 omits the MTU option and the IPv6 address space (even when it's necessary) in AllowedIPs option arguments. We strongly recommend that you upgrade immediately. Eddie Android edition 4.0.1 is available on our web site and the Google Play Store. Any other feature is described by the 4.0.0 version announcement, available here: https://airvpn.org/forums/topic/79743-eddie-android-edition-400-available/ Kind regards & datalove AirVPN Staff

Hello! We're very glad to inform you that AirVPN Suite version 2.1.0 alpha 1 is now available for x86-64 based Linux systems. UPDATE 2026-05-13: AirVPN Suite 2.1.0 beta 1 is now available. AirVPN Suite 2.1.0 development focuses on bug fixes, improved IPv6 management and aims at a quick release. New features are planned for the major new version (probably 3.0.0) to offer complete AmneziaWG support. Main changes: very large routing table should not cause Bluetit to crash anymore more accurate detection of default gateway several IPv6 addresses management fixes more accurate detection of network availability (in progress) option to tunnel or not IPv4 traffic over an IPv6 tunnel Changelog Changelog for AirVPN Suite Version 2.1.0 beta 1 - 11 May 2026 [ProMIND] updated to OpenVPN-AirVPN 3.12 (20260508) airvpntools [ProMIND] setBootServerIPv6Mode() renamed to setBootServerIPMode() airvpnuser [ProMIND] getOpenVPNProfile(): changed interface. Replaced connectIPv6 and mode6to4 with ipMode [ProMIND] getWireGuardProfile(): changed interface. Added mtu. Replaced connectIPv6 and mode6to4 with ipMode network [ProMIND] added enum IPMode openvpnclient [ProMIND] resolveProfile(): changed interface. Replaced ipv6 with IPMode [ProMIND] replaced TUN_LINUX with TunNetlink::TunMethods wireguardclient [ProMIND] resolveProfile(): changed interface. Replaced ipv6 with IPMode Changelog for Bluetit Version 2.1.0 beta 1 - 11 May 2026 [ProMIND] added run control directive airvpn4to6 [ProMIND] added client option --air-4to6 [ProMIND] replaced airVpnIPv6Mode and airVpn6to4Mode with airVpnIPMode [ProMIND] replaced airVpnBootConnectionIPv6 with airVpnBootConnectionIPMode [ProMIND] start_airvpn_connection(): send IPMode to log Changelog for Hummingbird Version 2.1.0 beta 1 - 11 May 2026 [ProMIND] no change Changelog for Goldcrest Version 2.1.0 beta 1 - 11 May 2026 [ProMIND] added client option air-4to6 to run control file Changelog for Cuckoo Version 2.1.0 beta 1 - 11 May 2026 [ProMIND] no change Version 2.1.0 alpha 1 - 23 April 2026 [ProMIND] updated to OpenVPN-AirVPN 3.12 (20260206) airvpntools [ProMIND] added new method capitalizeWord() network [ProMIND] getGatewayFromRouteTable(): msgBuf is now dynamically allocated (currently to 32KiB) [ProMIND] getGatewayFromRouteTable(): socket's receive buffer set to 1MiB [ProMIND] getGatewayFromRouteTable(): revised code for a more strict and reliable scan [ProMIND] added methods isValidIPAddress(), isValidIPv4() and isValidIPv6() [ProMIND] parseIpSpecification(): fixed IPv6 specification handling wireguardclient [ProMIND] setup(): check validity for both IPv4 and IPv6 gateways [ProMIND] profileNeedsResolution(): fixed IPv6 address handling [ProMIND] setConfiguration(): fixed IPv6 address handling [ProMIND] resolveProfile(): fixed IPv6 address handling Download URL x86-64: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta/AirVPN-Suite-x86_64-2.1.0-beta-1.tar.gz x86-64 SHA-2: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-x86_64-2.1.0-beta-1.tar.gz.sha512 x86-64 legacy: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta/AirVPN-Suite-x86_64-legacy-2.1.0-beta-1.tar.gz x86-64 x86-64 legacy SHA-2: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-x86_64-legacy-2.1.0-beta-1.tar.gz.sha512 ARM 64 bit: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-aarch64-2.1.0-beta-1.tar.gz ARM 64 bit SHA-2: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-aarch64-2.1.0-beta-1.tar.gz.sha512 ARM 64 bit legacy: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-aarch64-legacy-2.1.0-beta-1.tar.gz ARM 64 bit legacy SHA-2: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-aarch64-2.1.0-beta-1.tar.gz.sha512 ARM 32 bit: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-armv7l-2.1.0-beta-1.tar.gz ARM 32 bit SHA-2: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-armv7l-legacy-2.1.0-beta-1.tar.gz.sha512 ARM 32 bit legacy: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-armv7l-legacy-2.1.0-beta-1.tar.gz ARM 32 bit legacy SHA-2: https://eddie.website/repository/AirVPN-Suite/2.1.0-beta1/AirVPN-Suite-armv7l-legacy-2.1.0-beta-1.tar.gz.sha512 If you wish to test, thank you very much! Please feel free to report here any bug and malfunction you find! Kind regards & datalove AirVPN Staff

@lexsilico Hello! We have AirVPN Suite 2.1.0 alpha 1 ready (only for x86-64 systems). It aims at addressing (in this alpha 1 or imminent versions) this problem. Would you like to test it and report back? It also includes IPv6 related fixes, but remember that it's still an alpha version so don't rely on it for serious purposes. ARM builds will be available soon, stay tuned. URL to download the tarball: https://eddie.website/repository/AirVPN-Suite/2.1.0-alpha1/AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz SHA-2: https://eddie.website/repository/AirVPN-Suite/2.1.0-alpha1/AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz.sha512 $ sha256sum AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz fcc74f7941b6c1b4215e9820d2fc959fb17957fbbdb7d149a1a128930f05038d AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz If you test, keep us posted! Kind regards

@Pi77Bull Hello! We have AirVPN Suite 2.1.0 alpha 1 ready (only for x86-64 systems). Although it does not address directly the main problem you mentioned with network gateway check, it is undergoing various changes that could resolve the issue (either in this early alpha 1 version or in the next ones). Would you ike to test it and report back? It also includes IPv6 related fixes, but remember that it's still an alpha version so don't rely on it for serious purposes. URL to download the tarball: https://eddie.website/repository/AirVPN-Suite/2.1.0-alpha1/AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz SHA-2: https://eddie.website/repository/AirVPN-Suite/2.1.0-alpha1/AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz.sha512 $ sha256sum AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz fcc74f7941b6c1b4215e9820d2fc959fb17957fbbdb7d149a1a128930f05038d AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz If you test, keep us posted! NOTE. Before proceeding, make sure that the directory /etc/netns exists on your system. If it does not, create it before testing traffic splitting. Currently, it is assumed that /etc/netns is a system directory on Linux distributions, so, if it was removed, you (as superuser) and not Bluetit must re-create it to let the system (and Bluetit) store configuration files for different network namespaces in isolated directories. Kind regards

@Posh1698 Hello! We have AirVPN Suite 2.1.0 alpha 1 ready (only for x86-64 systems). It aims at addressing this problem. Would you like to test it and report back? It also includes IPv6 related fixes, but remember that it's still an alpha version so don't rely on it for serious purposes. URL to download the tarball: https://eddie.website/repository/AirVPN-Suite/2.1.0-alpha1/AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz SHA-2: https://eddie.website/repository/AirVPN-Suite/2.1.0-alpha1/AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz.sha512 $ sha256sum AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz fcc74f7941b6c1b4215e9820d2fc959fb17957fbbdb7d149a1a128930f05038d AirVPN-Suite-x86_64-2.1.0-alpha-1.tar.gz If you test, keep us posted! Kind regards

Hello! A possible reason is that Eddie generates files compliant to the latest protocol specifications and you are using an older version. If that's the case, we can compare the two different profiles (remember to delete your key), i.e. the working one and the non-working one, and check the log of your software to find out the reason. Kind regards

Hello! You may get a lot of data from here: https://airvpn.org/forums/topic/65417-amneziawg-config-patcher-cps-db/ If you have an Android device or emulator, by running Eddie Android edition 4 you can generate ready to use AmneziaWG configuration files which are fully integrated with AirVPN (i.e. you can generate profiles for specific AirVPN servers, countries and so on), even relying on a large CPS QUIC database of real web sites if needed to bypass the blocks. You can then share them with your Windows machine. Important: Eddie Android edition generates files compatible with v2.0 Amnezia protocol, so you need this latest version. Kind regards

Hello! Possible causes: Streaming services (Netflix, YouTube, etc.) often rate-limit or deprioritize known VPN exit IP addresses, or IP addresses assigned to specific ASNs. Speed tests don’t trigger this, but video streams do. Try different AirVPN servers. Too large virtual network interface MTU causing excessive fragmentation, optionally with broken MTU path discovery. Streaming uses sustained flows that are more sensitive to MTU mismatches than bursty speed tests. Shrink MTU to 1280 bytes to check whether you get any improvement. If not, consider MSS clamping, just in case the PMTU discovery is broken upstream (not an uncommon case). Set MSS to 40 bytes less than MTU, for example MTU 1320 bytes, MSS 1280 bytes. On Asus routers you'll need to do this via iptables: as far as we know there's no option to do it on the Web UI. Asus Adaptive QoS or Bandwidth Limiter on the router. Check and disable such tools if they are active. If DNS is outside the VPN but traffic is inside you can hit far-away CDN nodes, causing slow streams. Make sure to enforce strict DNS settings on the router so that it will query only VPN DNS. Kind regards

@lexsilico Hello! Thank you. We now have all the data. We will update this thread when we have more definite information. In the meantime keep using the successful patch you have already applied. Kind regards