Clarification On Using Proxy /w VPN, Why Port Forwarding is needed,and DNS Leaking

edited July 2014 in General VPN Support Posts: 2
Recently signed up for PIA and after reading the faqs and a little googling I still had some questions to clear up a few things

1.)As I understand it a proxy can hide your traffics location but does not encrypt it while a VPN does both. I know some have reported getting faster speeds with both (though I can't imagine why), but other then that is there any reason to use both? Another layer I guess?

2.)I saw the option in the PIA windows application for port forwarding, but from my testing it is already port forwarding. I'm running programs on 3 different ports and accessing them over my phones LTE connection works as it normally would if I was disconnected from VPN. So can some one explain this further to me?

4.) I understand what DNS leaking is , but after going to dnsleaktest.com and not seeing my own IP does this mean I'm safe , or should I use the DNS leak option in the app?

5.)Is there any way to stay connected to the best server (best in terms of bandwidth not latency ) ?

Any help or clarification greatly appreciated!

Comments

  • Posts: 4,013
    1. For torrents, bundling a bajillion different connections into one via the proxy makes lots of sense. This way the VPN does not treat it like a bajillion different packets, and usually increases your speed by quite a bit.

    2. Port forwarding is useful for torrents only as far as I know. In fact, I would go so far as to say it is required for torrents. Without port forwarding you simply cannot upload data. (Meaning you cannot seed.)

    3. You skipped this number. Just a thought. :)

    4. If you want my advice, skip that mess and use DNSCrypt with a server that supports DNSSec. The DNSCrypt Netherlands server supports it.

    5. Not that I know of.
  • 1. For torrents, bundling a bajillion different connections into one via the proxy makes lots of sense. This way the VPN does not treat it like a bajillion different packets, and usually increases your speed by quite a bit.

    2. Port forwarding is useful for torrents only as far as I know. In fact, I would go so far as to say it is required for torrents. Without port forwarding you simply cannot upload data. (Meaning you cannot seed.)

    3. You skipped this number. Just a thought. :)

    4. If you want my advice, skip that mess and use DNSCrypt with a server that supports DNSSec. The DNSCrypt Netherlands server supports it.

    5. Not that I know of.
    Hmm, it would seem my counting isn't as strong as it once was :P . Thanks a lot for your answers, some of your posts to other users were able to answer most of my questions before I started this thread. 

    Ok, so I'll configure torrent app to use proxy. I believe I read in another thread on here that it is recommended not to use Utorrent since it will refuse to route DHT requests and such through proxy.

    As for port forwarding your answer perplexes me because I have just recently (and now as a matter of fact) was seeding at near my full upload (speedtest shows 12mbps Up, utorrent reporting 1.2MB/s which is around 10mbps). Also double checked PIA app and I dont have port forwarding enabled. Also read that enabling may reduce anonymity, how is that true? 

    DNSCrypt seems relatively easy and straight forward to use. Thanks for the tip. Originally I wanted my router (AC66u) to connect via Openvpn and route all my devices though it, but after seeing your thread on routers that can run it at decent speed, I've decided to just run it on each device, that said with DNSCrypt running on my windows box when DNS requests needs to get handled it will use windows DNS settings not the routers? Always assumes when you set DNS to non ISP in router it affected all DNS coming through the router. 
  • edited July 2014 Posts: 4,013
    Hmm, it would seem my counting isn't as strong as it once was :P .
    Thanks a lot for your answers, some of your posts to other users were
    able to answer most of my questions before I started this thread.

    Ok,
    so I'll configure torrent app to use proxy. I believe I read in another
    thread on here that it is recommended not to use Utorrent since it will
    refuse to route DHT requests and such through proxy.

    As
    for port forwarding your answer perplexes me because I have just
    recently (and now as a matter of fact) was seeding at near my full
    upload (speedtest shows 12mbps Up, utorrent reporting 1.2MB/s which is
    around 10mbps). Also double checked PIA app and I dont have port
    forwarding enabled. Also read that enabling may reduce anonymity, how is
    that true? 

    DNSCrypt seems relatively easy and
    straight forward to use. Thanks for the tip. Originally I wanted my
    router (AC66u) to connect via Openvpn and route all my devices though
    it, but after seeing your thread on routers that can run it at decent
    speed, I've decided to just run it on each device, that said with
    DNSCrypt running on my windows box when DNS requests needs to get
    handled it will use windows DNS settings not the routers? Always assumes
    when you set DNS to non ISP in router it affected all DNS coming
    through the router. 
    Port forwarding does reduce anonymity. But in most cases it is so
    trivial a difference that you may as well ignore it. Depending on your
    torrent client, it may entirely disregard your VPN and use another
    interface. I think that is the main problem with uTorrent. It will use
    any interface it can latch onto with complete and total ignorance of
    what you tell it to use. That is why I use qBittorrent as my client. I
    can tell it to use only a single network interface and it will not fall
    back to another if that one fails.

    As for how port forwarding
    reduces your anonymity, it it simply the fact that if PIA has 100k users
    at any given time, and only a few thousand of them use port forwarding,
    then it is much easier to shorten the list of PIA users that may be
    doing whatever is being monitored. (For example, many torrents are
    seeded by the anti-piracy groups purely to try and compile a list of IPs
    of users who pirate whatever the content is.)

    Regarding DNS, if
    you already know that a given site is a given IP, you can always put the
    IP into a browser and it will be fetched without ever doing a DNS
    lookup. Likewise if you use DNSCrypt, your routers settings for DNS are
    useless if your PC is doing the DNS lookups by itself.
    Post edited by OmniNegro on
Sign In or Register to comment.