Answered: Location of NewYork server

dave4444

New Member
Please consider moving the NewYork server to a hosting company actually in New York City instead of Buffalo.

Most exchanges and interconnects in NYC are about 8-10ms away from Buffalo causing higher than desirable latency.

Traceroutes to/from the server in Buffalo to various places all seem to go through NYC anyway adding 16-20ms latency over what would be necessary.
 
Solution
This has been changed, you now can use the same server for DNS as DNS uses a dedicated IP on all servers. Note that if you configure that manually, you will need to use the DNS IP of the server (last IP), they are listed on the server page in the member area.

Crazy Gaston

New Member
Please consider moving the NewYork server to a hosting company actually in New York City instead of Buffalo.

Most exchanges and interconnects in NYC are about 8-10ms away from Buffalo causing higher than desirable latency.

Traceroutes to/from the server in Buffalo to various places all seem to go through NYC anyway adding 16-20ms latency over what would be necessary.

That might not be what's causing the latency. I've noticed by doing DNS leak tests that the DNS servers are actually located in Germany even if you specify to connect to a US server (in my example, I connected to the Chicago server). Take a look:

DNS Leak Test:

VPNLatency1.png


IP Leak:

VPNLatency2.png


VPN Settings:

VPNLatency3.png


So as you can see, the latency might be cause be servers located in Germany. The US servers should be fine providing you could find a way to connect exclusively to US servers.
 

Crazy Gaston

New Member
I think he mean that the DNS IP is not the same as the VPN-IP

Correct. I don't understand why I can't use the VPN server as the DNS Server in Perfect Privacy. In NordVPN, ExpressVPN, AirVPN, etc., the DNS server is used as the VPN server by default. In other words, the IP address of your DNS server is the exact same IP address of your VPN server.
 

webslap

Member
Well you can do this, you are free which PP DNS Servers you want to use. As well as the DNS on the same Server you are going to connect. (By using it manually)
(But maybe PP should also implement to choose the own server DNS in their software!)

Because of using Cascading VPN or other options, it also makes sense to choose the used DNS by yourself and not to use static, always from the same Server.

DNS servers are potentially log your activities. And even if PP is not logging actively any of your activities, by executing the processes, these data will bei used and is on the servers for a very short time. To prevent fetching these informations from a running server, it makes sense to use the DNS not at the same location then the VPN server is. Of course thats just a theoretical option to fetch these data from a live-system and someone would have need full access to the server, but to use other DNS services would be always an advantage out of this point of view.
 

Crazy Gaston

New Member
Well you can do this, you are free which PP DNS Servers you want to use. As well as the DNS on the same Server you are going to connect. (By using it manually)
(But maybe PP should also implement to choose the own server DNS in their software!)

Because of using Cascading VPN or other options, it also makes sense to choose the used DNS by yourself and not to use static, always from the same Server.

DNS servers are potentially log your activities. And even if PP is not logging actively any of your activities, by executing the processes, these data will bei used and is on the servers for a very short time. To prevent fetching these informations from a running server, it makes sense to use the DNS not at the same location then the VPN server is. Of course thats just a theoretical option to fetch these data from a live-system and someone would have need full access to the server, but to use other DNS services would be always an advantage out of this point of view.

Literally no other VPN service is configured this way. It's industry standard to made the DNS the same as the VPN. Therefore, I highly doubt that it's an advantage.
 

PP Stephan

Staff member
This has been changed, you now can use the same server for DNS as DNS uses a dedicated IP on all servers. Note that if you configure that manually, you will need to use the DNS IP of the server (last IP), they are listed on the server page in the member area.
 
Solution

MixMaster

Junior Member
Correct. I don't understand why I can't use the VPN server as the DNS Server in Perfect Privacy. In NordVPN, ExpressVPN, AirVPN, etc., the DNS server is used as the VPN server by default. In other words, the IP address of your DNS server is the exact same IP address of your VPN server.

That's a problem if you use simple routing. To reach the VPN server, packets to the server address must use a direct route through the previous default gateway. Unless you employ more sophisticated routing rules, the route can be set for an address only, not for a single port or connection.

So, if the address of your DNS server is the exact same IP address of your VPN server, you're leaking unencrypted DNS queries along with the VPN traffic.
 

MixMaster

Junior Member
So what real advantages does using a dedicated IP for DNS have over using dynamic IPs? Nowadays, using static IPs is kinda outdated as it provides no real security advantage over dynamic.

Huh. Wat? I don't get what you're saying.
You don't *have* to set a static DNS address. OpenVPN pushes DNS addresses for your connection that can be used dynamically (e.g. via resolvconf).
 
Top