Staff

Hello! We're glad to inform you that, following the community requests and suggestions, we added five DNS block lists in our system, MIT licensed (*) by Jerry Joseph. GoodbyeAds A programmatically expanded list of hosts used for advertisements, Malware and tracking. Use this list to block ads trackers malwares. Items: 200489 (as of today) GoodbyeAds Samsung A well maintained list containing Samsung hosts used for advertisements and tracking. Those who are not using GoodbyeAds list and want to block only Samsung ads and tracking can use it. Items: 103 (as of today) GoodbyeAds Spotify A well maintained list containing Spotify hosts used for advertisements. This list helps to block/reduce Spotify ads. Items: 3774 (as of today) GoodbyeAds Xiaomi A well maintained list containing Xiaomi hosts used for advertisements and tracking. Those who are not using GoodbyeAds list and want to block only Xiaomi ads and tracking can use it. Items: 279 (as of today) GoodbyeAds YouTube A well maintained list containing YouTube hosts used for advertisements. This list helps to block/reduce YouTube ads. Items: 97645 (as of today) ===== By default, AirVPN DNS remains neutral in accordance with our mission. However, you have the option to enforce block lists which poison our DNS, in order, for example, to block known sources of ads, spam, malware and so on. You can manage your preferences in your account Client Area ⇨ DNS panel https://airvpn.org/dns/. We offer only lists released with licenses which grant re-distribution for business purposes too. The system is very flexible and offers some exclusive features never seen before in other VPN services: You can activate or de-activate, anytime, any combination of lists. You can add customized exceptions and/or additional blocks. Any specified domain which must be blocked includes all of its subdomains too. Lists which can return custom A,AAAA,CNAME,TXT records are supported. You can define any combination of block lists and/or exceptions and/or additions for your whole account or only for specific certificate/key pairs of your account (Client Area ⇨ Devices ⇨ Details ⇨ DNS) Different matching methods are available for your additions and exceptions: Exact (exact FQDN), Domain (domain and its subdomains), Wildcard (with * and ? as wildcards), Contain, Start with, End with. An API to fetch every and each list in different formats (see Client Area ⇨ API ⇨ dns_lists service) is active Any change in your selected list(s), any added exception and any added block is enforced very quickly, within few tens of seconds. You don't need to disconnect and re-connect your account. You can define your own lists and discuss lists and anything related in the community forum here Essential requisite to enjoy the service is, of course, querying AirVPN DNS while your system is connected to some VPN server, which is by the way a default setup if you run our software. Kind regards & datalove AirVPN Staff (*) MIT License Copyright (c) 2018 Jerry Joseph Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Hello! OISD changed and implemented new lists. In AirVPN, now you can select: OISD Full - It's the "BIG" list. OISD NSFW - New NSFW list. OISD NSFW will be merged with our "Porn / NSFW" list in a few hours. Kind regards

Hello! We added five lists in our system: GoodbyeAds A programmatically expanded list of hosts used for advertisements, Malware and tracking. Use this list to block ads trackers malwares. Items: 200489 (as of today) GoodbyeAds Samsung A well maintained list containing Samsung hosts used for advertisements and tracking. Those who are not using GoodbyeAds list and want to block only Samsung ads and tracking can use it. Items: 103 (as of today) GoodbyeAds Spotify A well maintained list containing Spotify hosts used for advertisements. This list helps to block/reduce Spotify ads. Items: 3774 (as of today) GoodbyeAds Xiaomi A well maintained list containing Xiaomi hosts used for advertisements and tracking. Those who are not using GoodbyeAds list and want to block only Xiaomi ads and tracking can use it. Items: 279 (as of today) GoodbyeAds YouTube A well maintained list containing YouTube hosts used for advertisements. This list helps to block/reduce YouTube ads. Items: 97645 (as of today) Kind regards

Hello! We had a momentary problem with them which has been sorted out. The issue persisted for a couple of hours. Can you please try again now? We deeply apologize for any inconvenience. Kind regards

Hello @NaDre the DCO module might actually make the load balancing superfluous. OpenVPN 2.6.x alone will not, though. So we will keep the load balancing active in the meantime. It will make sense to disable it when DCO enters a stable phase and that stable release is tested on the field, showing that the load balancing is no more necessary. Our current load balancing allowed our servers to beat the OpenVPN limits, as you may remember. The current maximum throughput reached on 10+10 Gbit/s servers (all OpenVPN instances together, of course, and WireGuard excluded) is about 4 Gbit/s (2 Gbit/s + 2 Gbit/s). Without load balancing OpenVPN 2.5.5. and 2.6.2 (without DCO) on our most powerful CPUs, with AES-256-GCM and/or CHACHA20-POLY1305, single instance, can't beat 1.7 Gbit/s. (850 Mbit/s + 850 Mbit/s). OpenVPN + DCO promises to beat even that performance, on a level playing field. They don't recommend load balancing but then they say: <vanity mode on> which is something similar to what we do, except that our load balancing system is better than this as it uses directly the kernel to welcome clients and assign them to the proper OpenVPN instance <vanity mode off> 😉 Kind regards

Hello, the current state is the following: https://airvpn.org/forums/topic/56119-new-10-gbits-server-available-bg/?do=findComment&comment=220907 After the message by Antonio Quartulli (lead DCO developer) we re-started from scratch and the stability problems are resolved. However DCO is still immature for production. Remember that: ovpn-dco is currently under heavy development, therefore neither its userspace API nor the code itself is considered stable and may change radically over time. So you might need to re-build everything multiple times: it's not the way to go in production, of course. Without DCO, on your client side, you can not see any difference in performance and stability between OpenVPN 2.5.x and 2.6.x. So, the only thing we could do would be upgrading to OpenVPN 2.6 without DCO. However, we would prefer to migrate to OpenVPN 2.6.x with DCO support, instead of 1) upgrading to 2.6.3, and 2) later on re-upgrading the whole infrastructure again with DCO. We'll keep you informed, but don't expect too much, nothing will change on your side in terms of stability and throughput. Kind regards

@McFly The route tool works, it returns a green token because it gets 200 (OK) from the final web server, and that's true. But the landing page is served by the Sucuri Firewall as a courtesy block page. Our IP addresses are not in the main black lists around, but there are hundreds of black lists around, we will try to understand which one Sucuri uses (maybe a proprietary one). Kind regards

Hello! You may like to start from here: https://airvpn.org/forums/topic/48234-speedtest-comparison/?do=findComment&comment=130191 Kind regards

@alternate Hello! We're sorry for the several additional days we scheduled for the tests. We're still testing, given the size. We want to be sure they don't cause issues. Besides a syntax error in the list pushed us to verify the good parsing during the import. When we're sure that all is fine, GoodbyeAds will be added as the community feedback on it is very good. Kind regards

Hello! How many independently owned VPN services remain? According to another Reddit list of recommendations we discovered: https://www.reddit.com/r/VPNTorrents/comments/13d41c1/ovpn_acquired_by_pango_removed_from/ only AirVPN, Mullvad and iVPN? And there was WeVPN but it's defunct. Kind regards

Hello! Unfortunately not, it is Apple policy that any Apple app and service may, if it wants to, bypass any VPN. As far as we know, it's not true that the kill switch mentioned in Proton article prevents leaks by Apple services. Some services may decide to bypass the VPN tunnel, other services will systematically bypass the tunnel. OpenVPN Technologies reminded here: https://openvpn.net/vpn-server-resources/faq-regarding-openvpn-connect-ios/ We see that Proton labels this behavior as a bug, but it's probably not. On the contrary, it seems correct (by reading documentation) what OpenVPN tells, i.e. this is Apple policy. On the other hand, if it was a bug on Apple's considerations too, it would have been fixed after so many years. We guess that nobody can realistically assume that iOS is suitable for a robust anonymity layer, but reminding all of the above might be useful anyway. We do not develop (we have never developed) software for iOS, for multiple problems. On top of the above, it's difficult to make GPLv3 compatible with Apple store, due to conflicting licenses -- and we release only FOSS. Actually there's a record of app deletions by Apple when some GPL software was put on the store (even VLC and OpenVPN-connect had to close the source code). Therefore, we're sorry we will not work on the "issue", and anyway it is not resolvable (to the best of our current knowledge) on not "jail broken" iOS devices. Kind regards

Hello! We're sorry, the lines and the ports will remain 1 Gbit/s full duplex per server. The maintenance by the datacenter personnel is performed in order to update/standardize configuration on the aggregation devices, according to the provider informative notes. Kind regards

Hello! OpenVPN over UDP and WireGuard are blocked on most (if not all) China residential lines. You need the following connection mode: OpenVPN protocol TCP port 443 entry-IP address 3 (three) When you run Eddie you can change connection mode on the "Preferences" > "Protocols" window. Uncheck "Automatic", select the proper line (the selection is confirmed by highlighted line) and click "Save". Kind regards

Hello! We don't know the Twitter systems, but other systems may improve geo-location approximation through the combination of browser language and system timezone. Kind regards

Hello! The second log you sent us shows a different problem: Since you renewed a few days ago your client certificates, the problem is likely caused by using ovpn file(s) embedding the old certificate(s). Please generate new ovpn files, import them in Tunnelblick and test again. Please make sure to pick the correct OpenVPN version for each Tunnelblick (OpenVPN >=2.5 for Tunnelblick 4.0 beta, OpenVPN >=2.4 for the other older Tunnelblick you have). Kind regards

Hello! Confirmed, unfortunately. We're investigating and a fix will be implemented in the next release. Thank you very much for the report. Kind regards

Hello! A first non-fatal problem comes from directives not recognized by the probably old OpenVPN version used by this Tunnelblick version, but the configuration file is sanitized. Should you need to generate configuration files already compatible with OpenVPN 2.4, in the Configuration Generator make sure you select "Advanced Mode" and then in the "OpenVPN version" combo box select ">= 2.4". The Configuration Generator will then generate configuration files compatible with OpenVPN 2.4.x. Then the fatal problem should be this one: Apparently Tunnelblick can't resolve the domain name to get the IP address it should connect to, or the IP address is inaccesible, and exits, in your case gb.vpn.airdns.org. Can you please check the DNS settings of your system? Make sure that publicly accessible DNS addresses are set. See here if necessary: https://serverguy.com/kb/change-dns-server-settings-mac-os/ Furthermore, please make sure that you don't run third party tools (typically Malwarebytes, Bitdefender etc.) which might overblock our VPN servers IP addresses. Kind regards

Hello! Please try this: open the Task Manager and terminate any eddie-ui* process running. Pay attention, you could have two different processes, kill them all delete manually Eddie's configuration file. To find it, please see here: https://eddie.website/support/data-path/ uninstall Eddie completely (this time the process should be successful) reboot the system and re-install Eddie Kind regards

Hi! The final decision to re-open was taken after the request to re-open the thread came from someone who we could call a "counter-part" wishing to exercise the right to reply. This is a perfectly legitimate request. Of course we have no idea whether it comes from the original author of the table or from anyone else, and that's not important. It's only important that anyone is given the right to reply. We're sorry to hear that, and indeed the role of every moderator is invaluable. We indeed wrote "The moderators propose themselves on a voluntary basis and perform their tasks during their free time without any monetary retribution and without any obligation to complete their task in the future. Moderators are not employees of AirVPN and their only motivations are passion and dedication. Their role in maintaining the community forums readable and a relaxed place is invaluable." and we're sorry to hear that it's not enough in your opinion. Therefore, we would like here to re-affirm that without the invaluable moderators activities performed every day and for years and years with passion and dedication, and without any monetary compensation, the community forums could not exist as they currently do. The moderators also wrote valuable guides, created translations into various languages for Eddie Android edition (check the credits in the app), and assist other users relentlessly. For that, we and all the community owe to OpenSourcerer, LZ1, zhang888 gratitude and recognition. Kind regards

Hello! Can you please publish the integral Tunnelblick log? Note: feel free to open a ticket as well to get support directly from the technical support team. Kind regards

Hello! Thank you for having joined the AirVPN community forums with vibrant passion. The community forums have been created by AirVPN for the AirVPN community, and are moderated by moderators from the community itself, appointed by the AirVPN staff. An experiment with un-moderated forums was attempted but unfortunately it was a fiasco. Nowadays, hoping to have a readable forum when it's not moderated at all is probably unrealistic. The moderators propose themselves on a voluntary basis and perform their tasks during their free time without any monetary retribution and without any obligation to complete their task in the future. Moderators are not employees of AirVPN and their only motivations are passion and dedication. Their role in maintaining the community forums readable and a relaxed place is invaluable. While the AirVPN staff forums are moderated by Staff and only Staff members can start new threads, community forums are open to anyone (even non AirVPN customers) and are subjected to non-staff moderation in general. Staff members now and then intervene on the community forum, usually when a post by staff is explicitly required or in those rare cases for which legal problems arise, but in general the staff members don't interfere with the community and with the moderators activity, except to delete blatantly spam bot messages ("buy pharma", "new project porn", and so on) when they pass through captchas. In the case of this particular thread, the support team had an important amount of requests to re-open it (not from you, we know) even from long time community members. Due to the amount of requests, support passed all the matter to a staff member who decided that it was worth to re-open the thread immediately. It is opinion of some staff members that this thread is informative in general, and that it provides various verifiable data which may be useful to protect AirVPN business and promote the good name of AirVPN itself. By keeping the thread open, the community offers to any involved party, including the parties which allegedly publish false data harming AirVPN and/or other services here mentioned, the option to reply even in public and even here should they wish so. We repute that locking the thread would substantially undermine the right to reply, as correctly external entities made us notice via e-mail. With them we publicly apologize, and at the same time we remind that the locking was very short (something like 3 hours max), that a new thread may be opened by anyone (you don't need to be an AirVPN customer) and that the forum moderation is performed by volunteers from the community. Please keep in mind that moderators are persons and human errors in total good faith are possible. There is no reason to make a drama out of it. Whether you are a member of AirVPN community or an external entity which want to exercise the inalienable right to reply, we encourage you and the whole community to open a direct communication channel with moderators when you have doubts, complaints, or just to discuss issues in the forum. You can reach community moderators (LZ1, OpenSourcerer and zhang888) through direct messages of your forum Messenger. Staff messenger is also open now, and as usual for professional support you may open tickets which will be handled by the (not outsourced) support team. Kind regards

Hello! Can you please tell us on which VPN servers, if you can be more specific? Kind regards

@theroarmonster Thank you very much! Hopefully it was just a momentary DNS malfunction. Please feel free to keep us posted if the problem re-occurs and remember the airvpn.info web site in case of "emergency". Kind regards

@OpenSourcerer Re-opening the thread upon various users request... at least for a while. We did not expect we could acquire information we were unaware of thanks to this thread but it happened, plus some community member was happy to be informed about this whole matter so let's see where the thread goes, it doesn't deserve to be locked right now. Let the community members decide by themselves what to do, of course always within the bounds of the netiquette (right, @fsy ?).

Hello! Our New York City server provider M247 informs us of two planned maintenances which will affect our servers during the following time windows: From: Tuesday, 9th of May 2023 07:00 am UTC To: Tuesday, 9th of May 2023 11:00 am UTC From: Wednesday, 10th of May 2023 07:00 am UTC To: Wednesday, 10th of May 2023 11:00 am UTC During the above maintenance windows the servers may experience downtime periods. The downtime periods are not expected to be as long as the entire maintenance window. These works are part of the New York network upgrade process. Kind regards AirVPN Staff