Gap
Advanced
- Joined
- 14.09.20
- Messages
- 137
- Reaction score
- 1,266
- Points
- 93
We'll talk about using VPN server chains.
Imagine that you are connecting to the site via a VPN server located in the Netherlands. Your traffic goes in encrypted form to the VPN server, where it is decrypted and then goes to the site.
If you use a chain of VPN servers, such as two VPN servers (the Netherlands and Switzerland), then Internet traffic from the first VPN server will not go to the site, but in encrypted form to the second VPN server in Switzerland and only then to the site server.
Why do I need VPN server chains?
There is only one reason-increased anonymity, namely protection against targeted attempts to establish the user's authentic IP address "on the other side of the VPN". There are no other reasons to use multiple VPN servers.
On a number of resources, you will find information that using multiple VPN servers does not make you more anonymous, it is an unnecessary waste of money and an unjustified loss of speed. This is a myth that even some owners of VPN services believe in. Needless to say, there are quite a lot of services on the VPN services market, the management of which has no idea about the methods of de-anonymization of users and threats.
As a rule, we are talking about a Double VPN-using two VPN servers in a chain, this is the most popular bundle. But there is also Triple VPN – three servers in the chain and Quadro VPN-four servers in the chain.
VPN chains are used to prevent the VPN user from being deanonymized by the "connection Mapping" method and complicate deanonymization by "unwinding".
But first, we'll break down another common myth that says that a Double VPN is significantly slower than a regular one. In one of the next chapters of this section, we will talk about choosing a VPN server, where we will talk about such indicators as ping and channel width. In short, ping is the time, in milliseconds, that a signal travels from your computer to the site server, passing through a VPN server or chain of servers. And the channel width is the bandwidth of the "wires" that connect you to the destination server.
Ping is mainly affected by the client-VPN-destination distance, and if you are located in Moscow, your VPN is in Singapore, and the destination server (site) is in the Netherlands, then the connection from Moscow will go to Singapore and then to the Netherlands, thereby covering half the globe. And the ping will be higher than if you take a Double VPN with servers in Germany and the Netherlands.
Needless to say, the number of servers does not affect the bandwidth of the Internet channel in any way. For example, if your ISP provides you with Internet speeds of 20 Mbps, then even if the VPN supports 100 Mbps, you won't be able to use them. Conversely, if a VPN offers you 10 Mbps, then your speed can't be higher than that.
Therefore, the speed is determined by a competent choice of servers, and a Double VPN can have a better ping and better channel bandwidth than a single VPN. We will return to this question in the Chapter on choosing a VPN server.
So, using a chain of servers makes you more anonymous and if you choose the correct location of VPN servers, it does not create speed problems. There are quite a few VPN providers on the market that provide VPN server chains, and they all use one of two server connection schemes: cascading or end-to-end.
Cascading scheme of the VPN server chain
Cascading is the most popular scheme that involves a sequential connection of servers, when traffic goes from one server to another.
This is the same diagram that we drew above. Traffic goes from one server to another and is decrypted and encrypted again on each server. This creates a theoretical risk of traffic being intercepted on any of the chain's servers if an attacker has access to it.
Here I want to focus your attention: if you have a chain of three servers Netherlands-France-Germany, detractors to intercept your traffic, just have access to any of the servers. You just need to know.
Advantages of this scheme:
Disadvantages:
End-to-end scheme for the VPN server chain
End-to-end – a scheme for using multiple VPN servers, in which the connection to the final VPN server is started in encrypted form through intermediate servers. This solution is mostly used by users on their own and is rarely offered by VPN providers.
Pros:
Disadvantages:
Imagine that you are connecting to the site via a VPN server located in the Netherlands. Your traffic goes in encrypted form to the VPN server, where it is decrypted and then goes to the site.
If you use a chain of VPN servers, such as two VPN servers (the Netherlands and Switzerland), then Internet traffic from the first VPN server will not go to the site, but in encrypted form to the second VPN server in Switzerland and only then to the site server.
Why do I need VPN server chains?
There is only one reason-increased anonymity, namely protection against targeted attempts to establish the user's authentic IP address "on the other side of the VPN". There are no other reasons to use multiple VPN servers.
On a number of resources, you will find information that using multiple VPN servers does not make you more anonymous, it is an unnecessary waste of money and an unjustified loss of speed. This is a myth that even some owners of VPN services believe in. Needless to say, there are quite a lot of services on the VPN services market, the management of which has no idea about the methods of de-anonymization of users and threats.
As a rule, we are talking about a Double VPN-using two VPN servers in a chain, this is the most popular bundle. But there is also Triple VPN – three servers in the chain and Quadro VPN-four servers in the chain.
VPN chains are used to prevent the VPN user from being deanonymized by the "connection Mapping" method and complicate deanonymization by "unwinding".
But first, we'll break down another common myth that says that a Double VPN is significantly slower than a regular one. In one of the next chapters of this section, we will talk about choosing a VPN server, where we will talk about such indicators as ping and channel width. In short, ping is the time, in milliseconds, that a signal travels from your computer to the site server, passing through a VPN server or chain of servers. And the channel width is the bandwidth of the "wires" that connect you to the destination server.
Ping is mainly affected by the client-VPN-destination distance, and if you are located in Moscow, your VPN is in Singapore, and the destination server (site) is in the Netherlands, then the connection from Moscow will go to Singapore and then to the Netherlands, thereby covering half the globe. And the ping will be higher than if you take a Double VPN with servers in Germany and the Netherlands.
Needless to say, the number of servers does not affect the bandwidth of the Internet channel in any way. For example, if your ISP provides you with Internet speeds of 20 Mbps, then even if the VPN supports 100 Mbps, you won't be able to use them. Conversely, if a VPN offers you 10 Mbps, then your speed can't be higher than that.
Therefore, the speed is determined by a competent choice of servers, and a Double VPN can have a better ping and better channel bandwidth than a single VPN. We will return to this question in the Chapter on choosing a VPN server.
So, using a chain of servers makes you more anonymous and if you choose the correct location of VPN servers, it does not create speed problems. There are quite a few VPN providers on the market that provide VPN server chains, and they all use one of two server connection schemes: cascading or end-to-end.
Cascading scheme of the VPN server chain
Cascading is the most popular scheme that involves a sequential connection of servers, when traffic goes from one server to another.
This is the same diagram that we drew above. Traffic goes from one server to another and is decrypted and encrypted again on each server. This creates a theoretical risk of traffic being intercepted on any of the chain's servers if an attacker has access to it.
Here I want to focus your attention: if you have a chain of three servers Netherlands-France-Germany, detractors to intercept your traffic, just have access to any of the servers. You just need to know.
Advantages of this scheme:
- Easy to use. You get a configuration file, add it in the VPN client, and connect. Everything is simple and clear.
- High speed compared to the end-to-end scheme.
Disadvantages:
- Traffic is decrypted on each server and can be intercepted on each server.
End-to-end scheme for the VPN server chain
End-to-end – a scheme for using multiple VPN servers, in which the connection to the final VPN server is started in encrypted form through intermediate servers. This solution is mostly used by users on their own and is rarely offered by VPN providers.
Pros:
- Internet traffic is not decrypted on intermediate servers – this is the main advantage of this scheme. It passes through the first VPN server in encrypted form, heading to the exit VPN server.
- Before the first VPN server, traffic is encrypted twice.
Disadvantages:
- Upon receiving the configuration file, the detractors will receive the final IP address that was used by the owner of this VPN.
- This scheme of implementing the VPN chain does not have the best effect on the speed of work.
- For an end-to-end scheme, you need to run two VPN clients on your computer.
- Not all devices can run two VPN clients at once. for example, this scheme is not available for iOS and Android users.