You are not logged in.
Hello guys,
I'm new to VPN. I'm leasing an anonymous IP address. I keep seeing that my router activity LED shows substantial activity, and my system shows about 30Kbytes/s of incoming traffic when I'm not really doing anything. Is this something to be expected with VPN?
Offline
Nope.
Offline
Have you traffic dumped the tunnel to see what is going through it?
tcpdump -lnn -i tun0
You might need to write it to a file and analyse it offline with Wireshark:
tcpdump -lnn -i tun0 -s0 -w /tmp/openvpn-traffic.pcap
(The above assumes your OpenVPN interface is tun0... Replace with tap0 or whatever it actually is.)
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Thanks for the replies, I was viewing/dumping eth0 instead of tun0 previously. It seems that the traffic and noise is coming from the nodes connected to the VPN. Too many Windows users, annoying NETBIOS/Windows Sharing/ARP broadcasts. I will be trying out different VPN once this one runs out.
Offline
Too many Windows users, annoying NETBIOS/Windows Sharing/ARP broadcasts. I will be trying out different VPN once this one runs out.
I suspected that might have been the case (broadcast traffic).
Changing from a Bridged to a Routed type VPN will prevent the broadcast traffic being sent over the VPN. OpenVPN supports both types; you must be using Bridged at the moment since the broadcast traffic is coming over it.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
@fukawi2
Indeed, I'm running a bridged setup. It seems like I can't change to routed IP tunnel, changing to 'dev tun' from 'dev tap' resulted in:
WARNING: 'dev-type' is used inconsistently, local='dev-type tun', remote='dev-type tap'
WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1542', remote='link-mtu 1574'
WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'
WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (255.255.255.128) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
I think it means that the server supports only 'tap'.
Offline
I'm quite surprised that an anonymous VPN service would give you access to a TAP interface at all. That seems like a huge security issue IMO considering you have (potential) access to every client on the network.
#binarii @ irc.binarii.net
Matrix Server: https://matrix.binarii.net
-------------
Allan -> ArchBang is not supported because it is stupid.
Offline
I think it means that the server supports only 'tap'.
You need to update both ends, and also assign/allocate a subnet to use for tunnels (ie, a little more than just changing "tap" to "tun")
That seems like a huge security issue IMO considering you have (potential) access to every client on the network.
Not unless the server has the "client-to-client" option enabled
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline