VPN not randomizing my IP

kungr · November 13, 2017, 9:28pm

Everytime I flick my VPN service on it assigns the same IP Address. That sounds wrong to me. As well, the types of login credentials needed to set up the VPN seems like it isn’t very anonymous.

Are VPNs a misnomer? They have to track and log customers to ensure that they aren’t abusing the VPN service with high traffic and multiple connects. Soooooooo…

I picked a VPN service from a top ten list. Now it just feels like a intelligence shell company.

Any thoughts?

Levitance · November 13, 2017, 9:36pm

The same external IP address, or the same IP address on the encrypted subnet?

kungr · November 13, 2017, 9:47pm

External? I type into google,“what’s my IP” and it’s the same everytime the VPN is on.

Levitance · November 13, 2017, 9:55pm

Okay, that’s external. If your VPN provider has a set number of exit points, you’re probably just going to the same one over and over again. Might be a region setting or something. Tunnel Bear, for example, allows you to select your exit point. Not all VPN providers do.

If you were able to select a different exit point, and still got the same external IP address, that would be concerning. Internal IP addresses (192.168.., 172.16.., and 10...*) will similarly likely be linked to region. DHCP servers tend to give the same leased IP to the same requesting MAC address as long as the lease is valid (usually anywhere from hours to days).

kungr · November 13, 2017, 10:29pm

Ya like there are a few exit node options. But always the same IP from node. I’m wondering if there are multiple users on the IP.

Zumps · November 13, 2017, 11:04pm

You should be able to read up on their web page whether they bundle your traffic with others’, which I’d think they do, because leasing a new IP per customer would become an endless pit of expenses.

anon37371794 · November 13, 2017, 11:17pm

Yes. There will be lots of users on that same IP address.

Some VPNs allow you to use a different server as your exit point, but there will always be other people using that same server and hence ending up with the same IP address.
That makes it more difficult for anyone to build a profile on you based on your IP address, as it will be used by people with varying interests (still mostly adult content though).

Levitance · November 14, 2017, 12:32am

Yeah that’s pretty weird. If you connected and were going out of an East Coast IP address, you shouldn’t have that same IP when you connect to a West Coast server. I’d say email and ask. Maybe it’s a bug on their side.

kungr · November 14, 2017, 12:39am

No your right. Consistently each node has it’s own (different) IP. WestIP≠EastIP

Dexter_Kane · November 14, 2017, 2:41am

Basically you get the ip of the server you connect to. If you connect to an ip address (rather than a domain name) in the config then that is the ip you get. If you’re using the domain name and you only get one ip then either your provider only has one server at that domain name or your dns is returning the same ip everytime it’s queried.

If that’s the case then if you can get a list of all the ip addresses for your VPN server you can configure that manually to randomly pick one. Otherwise maybe turn off dns cache or reduce the cache life.

kungr · November 14, 2017, 6:46am

what?

Dexter_Kane · November 14, 2017, 8:22am

From the openVPN manual

Implementing a load-balancing/failover configuration

Client

The OpenVPN client configuration can refer to multiple servers for load balancing and failover. For example:

remote server1.mydomain
remote server2.mydomain
remote server3.mydomain
will direct the OpenVPN client to attempt a connection with server1, server2, and server3 in that order. If an existing connection is broken, the OpenVPN client will retry the most recently connected server, and if that fails, will move on to the next server in the list. You can also direct the OpenVPN client to randomize its server list on startup, so that the client load will be probabilistically spread across the server pool.

remote-random
If you would also like DNS resolution failures to cause the OpenVPN client to move to the next server in the list, add the following:

resolv-retry 60
The 60 parameter tells the OpenVPN client to try resolving each remote DNS name for 60 seconds before moving on to the next server in the list.

The server list can also refer to multiple OpenVPN server daemons running on the same machine, each listening for connections on a different port, for example:

remote smp-server1.mydomain 8000
remote smp-server1.mydomain 8001
remote smp-server2.mydomain 8000
remote smp-server2.mydomain 8001
If your servers are multi-processor machines, running multiple OpenVPN daemons on each server can be advantageous from a performance standpoint.

OpenVPN also supports the remote directive referring to a DNS name which has multiple A records in the zone configuration for the domain. In this case, the OpenVPN client will randomly choose one of the A records every time the domain is resolved.

Add a bunch if IP addresses for the server, if you know them, and use the remote-random configuration to make it connect to a random IP each time. This only works if there are multiple servers, if there’s just one then there’s just one IP.

Disabling DNS cache may prevent your DNS from always resolving the same address for the VPN domain name. But that may not be the problem.

kungr · December 6, 2017, 1:42am

Okay so i asked my VPN provider why the Same IP was coming up every time and I believe the response was that it’s a “laundry match” (not verbatim), BUT mysteriously that VPN exit doesn’t connect anymore. wtf.

SpinTripFall · December 6, 2017, 1:58am

Weird.

oO.o · December 6, 2017, 2:16am

Is the VPN paid or free? Free ones are usually suspect…

kungr · December 6, 2017, 4:00am

paid more words

far-bound · December 6, 2017, 10:38pm

What VPN are you using?