Jump to content
Not connected, Your IP: 216.73.216.62

Staff

Staff
  • Content Count

    11395
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    1982

Posts posted by Staff


  1. Eddie 2.24.6 Desktop Edition released


    Hello!
     

    We're very glad to inform you that a new stable release of Eddie is now available for Linux (various ARM based architectures included, making it compatible with several Raspberry Pi systems), macOS, Windows.


    Special thanks to all the beta testers, whose invaluable contributions and suggestions in the last months have helped developers fix several bugs and improve the overall stability of the software.

    Eddie is a free and open source (GPLv3) OpenVPN GUI and CLI by AirVPN with many additional features such as:

    • traffic leaks prevention via packet filtering rules
    • DNS handling
    • optional connections over Tor or a generic proxy
    • customizable events
    • traffic splitting on a destination IP address or host name basis
    • complete and swift integration with AirVPN infrastructure with OpenVPN and WireGuard
    • white and black lists of VPN servers
    • ability to support IPv4, IPv6 and IPv6 over IPv4


    What's new in Eddie 2.24.6

     
    • WireGuard is the new communication protocol by default, while OpenVPN remains available for any necessity
    • CPU usage optimization
    • update of packaged binaries and libraries
    • new options to customize WireGuard
    • improved management and configuration of bootstrap servers (qualified domain names are now possible too)
    • systemd-resolved (Linux) enhanced compatibility for all working modes
    • improved management of SIGTERM signal
    • several bug fixes

     

    Operating and architectural notes


    Eddie GUI and CLI run with normal user privileges, while a "backend" binary, which communicates to the user interface with authentication, gains root/administrator privileges, with important security safeguards in place:

    • strict parsing is enforced before passing a profile to OpenVPN in order to block insecure OpenVPN directives
    • external system binaries which need superuser privileges (examples: openvpn, iptables, hummingbird) will not be launched if they do not belong to a superuser
    • Eddie events are not run with superuser privileges: instead of trusting blindly user's responsibility and care when dealing with events, the user is required to explicitly operate to run something with high privileges, if strictly necessary

    Backend binary is written in C++ on all systems (Windows included), making the whole application faster.

    Settings, certificates and keys of your account stored on your mass storage can optionally be encrypted on all systems either with a Master Password or in a system key-chain if available.


    Download Eddie 2.24.6


    Eddie 2.24.6 can be downloaded here:
    https://airvpn.org/linux - Linux version (several architectures and various distribution specific packages for easier installation)
    https://airvpn.org/macos - Mac version
    https://airvpn.org/windows - Windows version

    Eddie is free and open source software released under GPLv3. Source code is available on GitHub: https://github.com/AirVPN/Eddie

    Complete changelog can be found here.

    Kind regards & datalove
    AirVPN Staff

  2. On 1/11/2025 at 11:20 AM, deltaman8 said:

    2.24.6 still has this issue, and it has gotten worse.
    In this version it only needs 2 additional users to trigger the UI freeze.

    I sincerely hope that you will not release something as "stable" that has a freezing UI. (2.24.2 did not have these issues... the freezing issues started with 2.24.4.)

    Hello!

    Thank you very much for your tests!

    We understand your concern. However, we can’t postpone the release any further over an issue reported by a single user; otherwise, we would end up indefinitely delaying a version that fixes many more problems compared to the current stable release. The reported issue is under investigation anyway and we have also plans to drop the Mono framework completely: currently this is necessary for Eddie GUI and it could be a co-cause of the issue you reported.

    Kind regards
     

  3. 7 minutes ago, vpn080618 said:

    I installed the experimental version and it works now.


    Hello!

    Very well!
     
    7 minutes ago, vpn080618 said:

    Maybe somebody can tell me still why the other version don't work anymore for me.


    The problem is not Eddie in itself but OpenVPN linked against OpenSSL 1.1.x. libssl 1.1.x is perhaps not available anymore, replaced by OpenSSL 3 library. All recent OpenVPN versions are linked against OpenSSL 3, so the problem is no more.             
     
    7 minutes ago, vpn080618 said:

    And does the experimental have any security issues?


    It has been extensively tested and no critical issue has appeared so far. Of course absence of evidence does not mean evidence of absence. A stable version will be released very soon anyway, a matter of days. If you prefer to run Eddie 2.21.8 you can: just switch to WireGuard (which is not linked against any SSL library) or upgrade OpenVPN in your system and have Eddie use the new OpenVPN binary. You can switch to WireGuard from Eddie's "Preferences" > "Protocols" window. In the new Eddie 2.24.x WireGuard is the new default connection mode and protocol, replacing OpenVPN (which remains available for any necessity).

    Kind regards
     

  4. 19 minutes ago, georgek3r said:

    I dont want to open another thread. Any idea why in wireguard in torrenting i get disconnected from NL servers and connected to German Servers automatically? I see this behaviour only on NL servers. 


    Hello!

    This is due to how your client software picks the destination server. In the thread original message you mentioned Eddie. It lets you build a white list of servers or countries according to your connection preferences, respectively in the "Servers" and "Countries" window.

    Kind regards

     

  5. 11 minutes ago, Mikeyy said:

    Did you manage to update EDDIE? Just runned into this issue with Philips Google TV running Android 12. Managed to install app, setup up everything, but app isn't starting with TV.

    Is there maybe solution to start EDDIE and automatically connect every time I start one other app on TV, as an second option?


    Hello!

    Currently not, we're sorry. A new Eddie beta version will be out in the near future anyway.

    Kind regards
     

  6. 25 minutes ago, tranquivox69 said:

    From further experiments I suspect it's not only a matter of bandwidth but probably a matter of hardware in the servers supporting too many users (CPU speed, RAM, I don't know).

    This is currently on Alrai


    Hello!

    Do you experience this problem on Netherlands servers only (but please test the 10 Gbit/s ones too, Dalim, Menkent and Piautos in the NL), or on other European countries as well?

    Kind regards
     

  7. 2 hours ago, Subwoofer said:

    I have since installed Wireguard client which seems to be much faster than Eddie. I got a dl speed of around 500 on one connection!
    But I will definitely test Eddie 2.24.6, the built in MTU tuning sounds like it's worth checking out.


    Hello!

    Excellent! Consider that Eddie 2.21.8 includes very old WireGuard code, while the new 2.24.6 features an up to date one. Furthermore, when you test WireGuard native app, the VPN interface MTU is set to 1320 bytes because of our Configuration Generator directive, while Eddie 2.21.8 leaves default WireGuard size (usually 1460 bytes) which is not suitable in some networks. Eddie 2.24.x sets by default 1320 bytes MTU, and offers the option to modify it.
     
    2 hours ago, Subwoofer said:

    I have a question, regarding your comment about being in a network that interferes with UDP.
    I thought that using VPN bypasses any limitations on my ISP service.


    AirVPN offers routed private networks built over transport layer protocol UDP (and, with OpenVPN, TCP too). The ISP can not tamper, forge or wiretap/sniff the content of the tunnel, but can enforce limitations (such as de-prioritization and other shaping methods) directly on the transport layer protocol. However, since you have 500 Mbit/s throughput when in the VPN and 600 Mbit/s when outside the VPN, this is probably not the case. A performance hit due to routing (because of the obliged hop, the VPN server) and other overhead (wrapping, encryption...) are physically unavoidable. If your peak is 600 Mbit/s without VPN, 500 Mbit/s inside the VPN is just fine in our opinion.

    Kind regards
     

  8. On 1/6/2025 at 6:49 PM, nonamenumber0 said:

    When I start Eddie while connected to WIFI, I get the following message:
    "Unable to contact provider AirVPN to obtain bootstrap information.

    Please check your Internet connection.

    If you are behind a restrictive firewall, please try to open a ticket for help.

    If the support team provides custom bootstrap URLs, please enter them below."
    There is a box to enter the bootstrap URL and then a "cancel" or "save"


    Hello!

    Please ignore the previous answer, DNS is not the root of the issues.

    The first problem is related to the bootstrap access attempted by Eddie with a direct IP address. HTTP access without FQDN is sometimes not allowed in various networks. Please test Eddie 2.24.6 which tries bootstrap servers even with domain names, not only through IP addresses. The 2nd problem is that UDP seems blocked: please check any tool that might be blocking either OpenVPN or UDP, both on your Mac (including tools like LittleSnitch) and your router (on it, please disable for testing purposes any traffic management / QoS / filtering-mangling tool).

    To download Eddie 2.24.6 beta version please see here:
    https://airvpn.org/forums/topic/57401-eddie-desktop-224-beta-released/

    If any problem persists, please send us the system report as recommended by the previous message.

    Kind regards
     

  9. On 11/30/2024 at 12:54 PM, zendata said:

    I have been attempting to connect to AirVPN servers through Wireguard on Ubuntu 24.04.1 LTS, but after I connect I cannot access the Internet.


    Hello!

    Please test again with ufw disabled to quickly discern whether an ufw custom rule is the "culprit". From a terminal enter the following command:
    sudo ufw disable

    You can later re-enable ufw if needed with
     sudo ufw enable

    Kind regards

     

  10. 5 hours ago, vpntest012 said:

    What is going with the Tzulo servers and/or connections in Los Angeles and Phoenix?  There have been extended high packet loss for weeks. 


    Hello!

    According to the datacenters, this is a consequence of heavy flood attacks which compel the IP transit provider to null route specific IP addresses. We are assessing the situation.

    Kind regards
     

  11. On 1/5/2025 at 3:48 PM, Subwoofer said:

    My speeds without VPN on my Wifi MacBookPro are 600mbps up and down. Latency is 10ms.
    My speeds with AirVPN are anywhere between 40 and 200mbps max, depending on the server and protocol. I've tried a handful of servers and also Wireguard protocol.
    I've tried 2 different Macs, an Intel macBook Pro and Mac Mini M1, both Wifi and wired connections. Speeds are the same for both.


    Hello!

    While the OpenVPN performance you report in macOS is unfortunately typical, the WireGuard performance should be much higher, provided that you are in a network that does not interfere with UDP.

    Please test Eddie 2.24.6 (on the M2 machines please make sure to download the optimized version for ARM 64 bit, important!) with WireGuard. Tune different MTU values for the WireGuard network interface. You can modify it on Eddie's "Preferences" > "Protocols" window. Each time you change MTU, please make sure to re-start the connection, in order to apply the change on WireGuard.

    Eddie 2.24.6 download instructions:
    https://airvpn.org/forums/topic/57401-eddie-desktop-224-beta-released/

    The aforementioned program is beta software but it has been extensively tested, even by the Mac community, and a stable version should be released in a matter of days. It's important that you don't stay with Eddie 2.21.8 for performance reasons because it includes old WireGuard software and it does not allow you to modify WireGuard interface MTU.

    Kind regards
     

  12. On 1/8/2025 at 5:58 PM, airvpn_dw said:

    I've been wondering for a while now why my latency on my host with Eddie Client is higher than when I run Eddie within a VM environment. The host is a Windows11 and the VM is Linux. The difference for the same server can be double the latency (23ms on VM vs. 53ms on Host). The VM network is configured as 'Bridged'.


    Hello!

    if the answer to the important previous question by OpenSourcerer is no, and in particular when the performance gap involves even transport layers such as TCP and UDP, it's not an infrequent experience. The optimization of the Linux TCP/IP stack is definitely superior, and when you bridge a Linux VM to the network interface you get rid of (you bypass it completely) Windows TCP/IP stack. A similar occurrence takes place when you create a FreeBSD VM in bridge mode, in a Linux host: although the network interface driver can be the same (FreeBSD ports a lot of drivers, including network card ones, from Linux) the FreeBSD VM networking shows lower round trip times and higher throughput than the host.

    Kind regards
     

  13. 13 hours ago, Lunnayan said:

    How can I increase the limit on connections from a single device?

    Is it possible to make a limit of 30-50 connections from one device?


    Hello!

    Yes, it is possible in integer multiples of 5 connection slots per user. Please open a ticket or write to support@airvpn.org and our sales department will make you an offer according to your request.

    Kind regards
     

  14. 8 hours ago, Hugo Boss said:

    Recently my server list only shows one server in USA [Metallah], there should be more but I cant see them. Any ideas?


    Hello!

    If you're running Eddie, a plausible explanation is that you white listed Metallah only. Please check "Show all" on the "Servers" window to see all the servers and adjust your white and/or black lists.

    Kind regards
     

  15. 1 hour ago, tgbdPWJH2f8M said:

    I had this "ERROR: Cannot allow system DNS to pass through network filter" error message. 

    I changed the /etc/airvpn/bluetit.rc setting `networklockpersist` from `off` to `on`, and it worked fine.  I have ufw installed.

    Linux Mint 21.3 Virginia
    Linux 6.8.0-50-generic #51~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC
    x86_64

     


    Hello!

    After the problem occurred, please send us the output of:
    sudo journalctl | grep bluetit
    If you wish to test with ufw disabled:
    sudo ufw disable
    Kind regards


     

  16. Version 2.24.6 (Wed, 08 Jan 2025 16:23:32 +0000)

    • [change] [all] ISO 3166 break, changing "Taiwan, Province of China" into "Taiwan, Republic of China"
    • [change] [all] New bootstrap endpoint
    • [bugfix] [all] Bootstrap emergency urls fix
    • [bugfix] [macOS] WireGuard issue
    • [bugfix] [all] Minor fixes
    If no other serious issues arise, this version will be released as stable within a few days. The remaining minor issues (IP Exit, Speed Chart, etc.) are under investigation and will be fixed in the next version.
    Thank you.

  17. 1 hour ago, colorman said:

    Jan 06 14:33:20 localhost (bluetit)[14726]: bluetit.service: Failed at step EXEC spawning /sbin/bluetit: Exec format error


    Hello!

    It looks like an architecture error. Can you please check whether you have installed the correct package? Please make sure you download the proper package for your OpenSUSE architecture (x86-64, aarch64 etc.).

    Kind regards
     

  18. 1 hour ago, Anon23978 said:

    I have been connected to the Los Angeles Sarin sever for 2+ weeks and it is now (as I type this) suffering from high (96%) packet loss for more than 15 minutes.

    It has been struggling with lower packet loss for the past day or so as well, yet us3.vpn.airdns.org has not updated/switched to a better server.


    Hello!

    Area domain names records are updated every 2-5 minutes but remember that TTL is 1 hour, so you can expect that a TTL respectful DNS updates cached records on average after 30 minutes. On our authoritative servers, us3.vpn.airdns.org did not resolve to Sarin entry-IP address 3 immediately after the packet loss was detected by the monitoring system. We're investigating the problem on Sarin.

    Kind regards
     

  19. 1 hour ago, SPKRFRQR said:

    those machines get regularly rotated to different exit locations, and the VPN .conf's on each of them also get rotated to different geolocations as frequently as is deemed necessary.. 


    Hello!

    A possible solution may come by relying on the areas (country or continent) domain names offered by AirVPN. By using the general area name that resolve into the specific entry IP addresses of all the servers in that area you randomize and rotate the connections for each name.

    If the mentioned names are not flexible enough consider your own fully qualified domain names, five for example, each one resolving into a pool of VPN server entry-IP addresses according to your needs and preferences.

    Kind regards
     

  20. 19 minutes ago, georgek3r said:

    I dont have any kind of problems in wireguard, but as you have pointed out is not safe for torrenting
    https://airvpn.org/faq/wireguard/


    Please re-read the previous message because in the meantime we have found out that Netcup enforces traffic shaping against UDP, so you will never be fine with Netcup, and we have edited the message accordingly. Switch to WireGuard safely, the privacy problems with WireGuard are irrelevant for p2p, anyway they are mitigated by our system and you can also re-generate your key anytime to change VPN IP address.

    Kind regards
     

  21. 18 minutes ago, georgek3r said:

    My logs are flooded with AED Decrypt errors. ... at the same time i think its not possible 2 different VPS providers do traffic shaping. 


    Hello!

    Netcup does enforce traffic shaping, and exactly against UDP, so you had better drop this service. Liteserver.nl does not mention officially traffic shaping against UDP, but on the forums you can find many issues with it reported by customers (only UDP).

    Assuming that traffic shaping is not enforced by liteserver.nl, a common reason for this error on virtual servers is the MTU size of the VPN Interface. Please try a smaller one through MTU option in WireGuard (you should test WireGuard before anything else). On the WireGuard's configuration file [Interface] section our Configuration Generator already adds
    MTU = 1320 
    which is good for most networks. If that's not enough please try also 1280 bytes. You can edit the profile with any text editor. Of course test only from liteserver.nl as Netcup is not suitable. In Eddie 2.24.x beta you can modify WireGuard interface MTU in "Preferences" > "WireGuard" window.

    Kind regards
     
×
×
  • Create New...