Skip to content

Latest commit

 

History

History
515 lines (341 loc) · 35.2 KB

README_technical.md

File metadata and controls

515 lines (341 loc) · 35.2 KB

Index

0. Introduction

In this repo, I will write about the problems students face on campus network and attempt to provide solution (feasible or non feasible). The solutions end at Section 3.

In Section 4, I will write in depth discussion on why do few protocols, which are really good, like Wireguard, UDP based VPNs, etc. do not work on campus network. Feel free to skip that section if you are not interested.

Section 5 deals with Contributing rules and Section 6 ends with a vote of thanks to people who helped me in anyway.

I am working on a VPN implementation based on lightway by ExpressVPN - check out

1. VPNs

  • Recommended Solutions
VPN Platform Status Reason
HotspotShield w l m It's paid but the free version is pretty good enough for daily usage. Can stream 4k videos with a lag of about half a second ( if you test it by hopping to different timelines ). 2 Mbps limit on the free version - they say - is actually about 85-100 Mbps (actual speed; whilst ookla results showed 300mbps+ on an average at JCB Hall) - might vary drastically sometimes - preferred solution will be to use the updated version of the client with a server having lesser load. Its hydra protocol connects quickly while IKEv2 (IPSec) doesn't work. Though being quite fast, pings are too high thus making high-end gaming next to impossible. Along with that, the mobile version of it has 15 minutes timeout and has to see an ad to extend it further by 15 minutes but there is no such case with the desktop version. Hence, it's a recommended choice for Desktop but NOT for mobile devices.
Speedify (Not free · 2gb/mo free-trial) w l a m It's the best -- after ExpressVPN removing its servers from India; with a latency of around 40ms(tested 4 times; exhausting its free-user plan) and a speed of 450 Mbps on an average (source: Ookla; where it was around 700+ Mbps earlier) which makes it suitable for gaming and every other purpose; and its early plan is similar to that of ExpressVPN but here comes the twist, Speedify comes with 3-years plan option saving you 4.8k INR in 3 years(as compared to ExpressVPN)!
ExpressVPN (Not free) w l a m Even though paid, it's fast, stable and the secure option out in the internet but with Update in Indian laws to store logs for servers in India, ExpressVPN has removed its servers and the latency has been increased upto 120ms thus making it unsuitable for gaming.
OpenVPN hosted on DigitalOcean or AWS ec2 w l a m This is slower than ExpressVPN but it's very much feasible for using on PC/Laptop.
It uses more CPU than ExpressVPN and Wireguard
Mullvad (Not Free) w l a m It's paid (5€), But it works very well and securely in OpenVPN mode with TCP port 443 and bridging mode. Note that Mullvad has no servers in India, so gaming is basically impossible since the ping will be too high and Anticheat may prevent you.
Opera with VPN w l a m Opera Browser comes with an inbuilt proxy - see Free VPN - Opera - this basically is named as "VPN" by opera but actually, it is not, it's a fork of SurfEasy proxy which was bought by Opera (source). Not much usable for streaming since it is very very slow (comparable to the speed of TOR).
TLS Tunnel a It's paid, but the free version is good enough for daily usage and is 3x faster than SecureVPN. The user must watch a 30 seconds add to get 3 hours of time limit for using the VPN without interruptions. It has some of the much-needed features like selecting apps for which the network will be redirected through the VPN, vibrating when the VPN gets disconnected, etc.
SecureVPN a Use its free plan. The free plan will suffice the use case on mobile devices; Select the free server with ads and voila you will be connected and no need to upgrade your time as in NoCardVPN; you will be shown ads only when you open the app, so connect it and never open it again. Speed will be highly reduced but suffice for WhatsApp and normal video streaming.
NoCardVPN a Works like a charm with no significant loss in speed, but have to manually increase connection time (10/20/30/40/60 mins depending on your luck; else it will disconnect after that time is over) during which they serve ads for the survival of the project since it is completely free on user's end.

ℹ️ For detailed comparison of OpenVPN on EC2, DigitalOcean, ExpressVPN and Speedify for gamers and casual users, see OpenVPN vs ExpressVPN vs Speedify section.

  • Working Solutions but not recommended:
VPN Platform Status Reason
Psiphon a Uses L2TP/IPsec. For more info on protocols see VPN Protocols section.
Slow and requires more CPU consumption.
Tor via Brave Browser w l m It just works - Very slow ( less than 1 Mbps; tested on Ookla ) - Can just somehow stream 720p detailed motion videos - Captcha issues while Surfing the web; since TOR network so, obviously - Cloudflare bots protection checking leads to more delay in opening websites. But it works!
SetupVPN w l m ⚠️ No information on which protocols are used.
Maybe unsafe.
Full services for paid users.
HoxxVPN w l m ⚠️ It's not a VPN, its more like a proxy for PC. For browsers, it uses http tunneling.
It's unsafe as; it uses 4096-RSA, which has already been cracked.
  • Not working or untested:
VPN Platform Status Reason
Wireguard hosted on any server w l a m Uses UDP, which is blocked. More about this under Wireguard section
Warp (1.1.1.1) w l a m Uses Wireguard internally
Surfshark w l a m Uses Wireguard internally. Main hope was it's network masking, but apparently that failed too; the vpn was able to connect to only one location out of 67 tested locations with one specific port only (UK port 80), that too with a speed of 6mbps(OOKLA).
VPNHub a Could have worked by changing the settings, but that is for paid users only.
Tor w l a m Tor commonly uses ports 9001 and 9030 for network traffic and directory information - source, which are blocked on network. See more about blocked ports under Packet Filtering.
NordVpn w a l m Uses NordLymx (based on Wireguard) by default, it can work as it also supports OpenVPN. But it's paid

❔ : Untested

Conclusion:

  • UDP based VPNs don't work because UDP is dropped (see Packet Filtering) unless some tunneling is used.
  • TCP based VPNs work on port 443 as it is allowed. Connection on other ports are reset ( see - issue#2 ).
  • OpenVPN, ExpressVPN and Speedify are the fastest and the most secure VPNs available.

1.1 Using OpenVPN

Step 1: Get an AWS account

⚠️ Make sure to setup the server properly at your own risk. I am not liable to any charges you receive for your mistakes. First watch video about Billing here - Billing and Terminating Instances.

Watch this video on how to create a free AWS account - Create new AWS account. Remember this step requires you to have a debit card (Mastercard, American Express or Visa).

Step 2: Create a free ec2 instance

Watch this video on how to create an ec2 instance- Creating an AWS EC2 instance.

The further 2 steps are derived from a blog, IIT KGP: Bypassing network restrictions without compromising on internet speed by Anjay Goel

Step 3: Setting Up OpenVPN Access Server:

You will need mobile hotspot for this setup. To setup OpenVPN Access Server, watch this video - Steps to create OpenVPN Server on AWS.

Please use TCP_NODELAY option if you use this vpn for gaming. Steps :

  • SSH into your vpn server
  • execute sudo echo "tcp-nodelay" | sudo tee -a /etc/openvpn/server.conf
  • restart openvpn service using sudo systemctl restart openvpn.service && sudo systemctl restart [email protected]

Step 4: Download ovpn files

  • Linux/MacOS: Run the command - scp -i /path/to/privatekey <username>@<host>:/path/to/ovpn_file ~/Documents/, the key will be downloaded in Documents.

  • Windows: Skip this section.

  • Android: See the windows/linux/MacOS step and then transfer the downloaded android.ovpn to phone via Telegram/Bluetooth/Mail or whatever to a folder in your android.

Step 5: Connecting to VPN on client devices:

  • Android: Download Open VPN Connect app from Play Store. Open the app and after going throught the first screen, got to Files tab of the app, import the ovpn file and connect.

  • Linux: In many distros, you can go to the network manager and import the ovpn file. If not then install OpenVPN ($ sudo apt-get install openvpn) and run using $ sudo openvpn --config /path/to/config.ovpn.

  • MacOS: You can either download the tunnelblick GUI tool for importing the ovpn files or download the cli tool for openvpn via MacPorts or brew using $ sudo ports install openvpn and $ brew install openvpn respectively; then execute $ sudo openvpn --config /path/to/config.ovpn.

  • Windows: Download the official client, import the ovpn file and run - watch video here - Steps to connect to OpenVPN

Step 6: Bill Management

This is a very important setup, to avoid any extra charges from your debit card. Watch this video - Billing and Terminating Instances.
Remember to use only one instance.
Remember that bandwidth is free upto 100GB per month, so its better not to waste resource on the VPN. Use it for daily usages like whatsapp, discord, etc. Prevent torrenting, etc. which can eat up resources.
Remember to check your usage weekly/biweekly as shown in the video.

If in any case you have to stop an instance forcibly, do it; to be on the safe side.

1.2 Observation : ExpressVPN and Speedify work best

Express VPN works and it works damn fast - it uses Lightway Protocol whose core is open sourced now here - and a combination of iptable rules and DNS Resolution.
My speculation is that it runs in TCP Mode and it's fast. But I need to verify this by looking at logs and iptable entries. I speculate that Lightway UDP doesn't work because I tried it specifically on the Android version of the app, it didn't connect at all where the TCP counterpart connected quickly.

Speedify improves the performance of even a single internet connection when faced with latency or packet loss. It intelligently makes up to 8 simultaneous TCP connections back to Speedify Servers on each of our internet connections allowing it to send and receive data redundantly or in parallel as needed.
With the feature of utilising multiple interfaces(Wifi+Ethernet) together it can boost the speed to a considerable amount.

I will try to implement soon my own lightway based VPN. So do checkout this page in future too!

2. Social Media and KGP Network

Not to our surprise, access to multiple popular social media platforms is blocked by the network administrators.
Quoting the administration's reply on being asked upon this:

"This is as per institute administrative policy decision. Sorry for this inconvenience."
Computer & Informatics Centre, IIT Kharagpur - Jul 28, 2022.

  • Status of various popular social media platforms:
Name Status
Telegram
Whatsapp
Discord
Signal
YouTube ⚠️
Slack ⚠️
Facebook
Instagram
LinkedIn
Twitter
Mastodon
Matrix.org
Reddit

⚠️ - Limitations imposed

  • YouTube: Restricted Mode - ON.
  • Slack: Only desktop client works.

Though the restrictions are surprising; blocking WhatsApp on the one hand and leaving Facebook and Instagram on the other doesn't seem to fit into any ideology.
Anyways let's discuss some possible solutions and their feasibility; other than using VPNs for obvious reasons.

2.1 Telegram and Proxy

Even though "using some VPN" is the only possible method to use almost all the restricted platforms; there is one exception to it - Telegram.

This section is dedicated to telegram and its versatility - the way you will only be configuring proxy on telegram and using the network at its full potential everywhere else - with its own proxy protocol namely MTProto; tho it provides other types of proxies too, for example, SOCKS5, HTTPS etc. none of them will work except MTProto.
It was developed solely for enhancing the user experience on weak network connections and now we can utilise it for accessing telegram API through the campus network. For technical details on how it works behind the scenes (as much as it is available in the public domain) refer to:

Security Aspect

Read the below documentation thoroughly and then only comment on its security and decide whether to use it or not depending on your threat model.

How to configure proxy?

image

⭕️ If you don’t know what proxies are, follow these steps:

  1. Go to Proxy Monitoring Bot.
  2. Type /mtproto in the chat box.
  3. Click on any of the proxies given to you in reply; try a few and find the fastest one for you.
  4. Select the check box Enable Proxy in the popup window; if any.
  5. Select Add Proxy and done.

If still facing some issues then manually add those proxies via the method described next.

⭕️ If you know what proxies are, and you want to configure your own custom one, be it self-hosted or whatever, follow these steps:

  1. Go to Settings -> Data & Storage -> Use proxy (path being same on Android, macOS, Windows and Linux).
  2. Choose your proxy from the resources below or use the details of your own proxy.
  1. Select the proxy type as MTPROTO.
  2. Add the IP for the proxy server in the field named Server.
  3. Enter the port being used by the proxy in the field named Port.

    Enter username and password, if any.

Observations

It is reliable, and secure (not been cracked yet, all those attacks which you might have read from the docs in Security Aspect are theoretical and have not been performed successfully yet).

  • Direct calls are supported.
  • VC and group calls are not supported.

For people planning to shift to or already there on telegram consider joining: @projecttrik for more details on features and use cases of Telegram, just an initiative for new users to understand the potential of telegram.

2.2 Using Web Versions

  • You can utilise the web version of your desired platform for unblocking them via, browser-based-proxies like HoxxVPN, SetupVPN etc but these are unsafe to use as discussed in the previous section.
  • Free VPN - Opera - For details refer Recommended solutions
  • Much more "secure" option than the previous ones is Tor via Brave Browser, tho we are not clear about the exact level of security but it's safer than others for sure and a hell lot slow for surfing - can stream videos at 720p on youtube without buffer tho :). One drawback, which is a real problem; you will have to log in every time as there will be no cookie stored for your sessions.

2.3 Use alternatives

Since the solutions are limited, then a good strategy might be to shift to another working platform like Telegram, slack and Matrix.org. Facebook is highly NOT suggested with its poor track record, lots of data leaks, intolerable privacy policy and whatnot.

Now you have a basic idea about the approaches, decide according to your use case and threat model.

Source : A thorough documentation on communication aspect of restrictions imposed on the network in IIT-KGP campus, by Arpit Bhardwaj - Link

3. Slow LAN Speed

Before concluding that there is issue with the port, make sure to check the following

3.1 LAN Cable :

Make sure your cable is CAT 5e and better (6, 6e, etc.) that you can get easily in TechM.

3.2 Ethernet Adapter properties :

It's easy to check properties of your ethernet adapter.

For linux users

$ ip link list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 24:4b:fe:6f:4f:b4 brd ff:ff:ff:ff:ff:ff
    altname enp3s0
3: wlo1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DORMANT group default qlen 1000
    link/ether 3c:58:c2:da:d9:69 brd ff:ff:ff:ff:ff:ff
    altname wlp0s20f3
...
more info

In this case eno2 is my ethernet adapter. So next use ethtool, if not present google how to install (for unix/linux only).

$ ethtool eno2
Settings for eno2:
	Supported ports: [ TP	 MII ]
	Supported link modes:   10baseT/Half 10baseT/Full
	                        100baseT/Half 100baseT/Full
	                        1000baseT/Full
                           
...
more info 

As you can see it shows 1000baseT/Full. This means my adapter supports 1000 Mbps ( 1Gbps ) with Full Duplex.

For windows users: Check this post

ℹ️ If your speed is less than 1Gbps, check about your laptop manually online. If it shows it supports 1Gbps, update your drivers.

3.3 Disbale auto-negotiation

✅ This is really important section.

Sometimes even though everything is correct the speed gets capped around 75Mbps. This is due to the LAN server auto negotiates to a speed which can be used by both the parties (server and client). You can force the speed and duplex to full speed.

⚠️ This may not work for everybody so your connection will go out for a moment but it will come back soon. If it doesn't connect at all (at present or in future cases) then revert the changes to auto.

This method worked for me (tested on linux) and after a system restart my speed shot up from 75mbps to direcrtly 700-800Mbps. I used ethtool again for this.

$ sudo ethtool -s [device_name] speed [10/100/1000] duplex [half/full] autoneg [on/off]

Here device_name is obtained from ip link list (the same from previous step). Speed is in Mbps - 1000 means 1Gbps, and duplex is the communication multiplexing - full means both ways. autoneg will be off.

In my case (since the institute network supports 1Gbps we can use full duplex, it's less probable that it will cause issues like more collisions - see here. The insti server auto negotiates and we won't so maybe a mismatch. ) I used this command :

$ sudo ethtool -s eno2 speed 1000 duplex full autoneg off

To revert back:

$ sudo ethtool -s eno2 speed 1000 duplex full autoneg on

For Windows users : Follow this guide. But, in the last step instead of Auto, select 1.0 Gbps Full Duplex.

Note: If still the network is slow, then it must be the issue with the port or the entire network is slow due to maintainence.

4. Slow WIFI Speed

The institute has a fast Ethernet connection but a notoriously slow Wifi (95% of the cases) due to its usage of 2.4 ghz and 20MHz bandwidth with a Bit-rate of 72.2Mb/s (Megabits/s). This wifi is shared with many people in the same wing which brings its speed down to 10-12 Mbps.

lagnos@rog:~$ iwconfig wlo1
wlo1      IEEE 802.11  ESSID:"STUDENT_SECURED"
          Mode:Managed  Frequency:2.412 GHz  Access Point: E8:BA:70:61:38:E2
          Bit Rate=72.2 Mb/s   Tx-Power=20 dBm
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on
          Link Quality=50/70  Signal level=-60 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:2004  Invalid misc:5420   Missed beacon:0

ℹ️ The below solutions will work only if your LAN is working at a good speed.

4.1 Best Solution

The current laptops either use Wifi 5 or Wifi 6. The can be summarised as follows :

Source : What’s the Difference Between Wi-Fi 5 and Wi-Fi 6?



As you can see Wifi 5 supports 802.11ac and Wifi 6 supports even better protocol, they are much capable of handling 1 Gbps.
So the best solution will be to create Wifi hotspot in your laptop and use it in android.
The speed of the network will depend on your connected devices. In new phones (2020 and above) you can get speed around 200 Mbps (20x) easily.

For ExpressVPN users : just connect your android on the hotspot created in windows and use the VPN on your phone. It works and gives 150 Mbps (15x) easily.

4.2 Other Solutions

Just buy a router/repeater or use raspberry Pi

Setting up router :

Buy a good 300Mbps or (1 Gbps if u are rich) and then use ethernet interface to distribute internet wia the wifi interface.
Before buying check if it will support OpenWRT, to be able to forward conenctions from ethernet to wifi ( to be used as Access point ) and vice versa. Setting up can be a bit tedious for beginner but it will give high speed internet.

Benefits : You can get 300Mbps internet, and even if u share with 3 room mates u still get arorund 100 Mbps in the worst case scenario which is much better than getting 12-13 Mbps on Wifi

For Raspberry Pi :

  • The logic is same, route the connections on Wifi interface via the ethernet interface.
  • Buy a 150/300 Mbps usb adapter which is capable of AP mode (verify before buying).

For detailed config : Check out my post here.

Benefits : As in the previous solution you can get much better speed than the institute wifi and can enjoy online streaming. Cheers!

5. Discussion

This section is a read for people who wish to know why various protocols like Wireguard or OpenVPN (UDP) did not work. Anything that is written here are my observations and may not be absolutely correct. If you find any error please open an issue and inform me about it to make this repository more accurate. This is going to be a long read, so buckle up 🚀.

  • There is packet filtering as the network prohibits the use of ceritifcates for the connection and uses PEAP + MSChapv2 ( which btw is very much vulnerable). Credentials can be cracked easily and MITM (Man in the middle attacks) can be used against a conenction. So it's better to implement some security methods. For more info lookup : chapcrack on Google.

5.1 Packet Filtering

Protocol Status Proof Remarks
UDP 🟠
  • The network connected well to server hosted on Cloud on non standard port 55555 over UDP. But the connection is dropped after just a few requests (see issue)
  • UDP works and connects to an external server on any unused port, other than the standard ports.
  • As common ports are most probably blocked, services like DNS doesn't work. Hence programs depending on DNS-name resolution like dig and nslookup won't work. The server is able to use only the DNS provided by campus network DHCP
  • To make DNS work we need iptables magic on Linux. This iptables is used by expressvpn to forward DNS requests. Read More in Discussions.
TCP 🟠
  • Server hosted on cloud could be connected via netcat and telnet without issues on port 55555 and similar private ports.But the connection is dropped after just a few requests (see issue)
  • TCP Based VPNs do work even though very much slow
  • Servers outside the campus network can be accessed over TCP comfortably, on any unused port other than the common ports.
  • tor cannot be used (TCP over LTS) as it cannot connect to the nodes.
  • Need to check tor on a private port and update info.
ICMP
  • ping and traceroute doesn't work at all
  • ICMP packets are plainly dropped displaying normal firewall behaviour.

5.2 VPN Protocols

Rank Speed Stability Security Encryption
1 Speedify Very Fast Very Stable Very High AES128-GCM
2 ExpressVPN Very Fast Very Stable High WolfSSL
3 WireGuard Fast Stable High ChaCha20
4 OpenVPN Fast Very stable Very high 160-bit, 256-bit
5 IKEv2/IPSec Fast Very stable High 256-bit
6 L2TP/IPsec Medium, due to double encapsulation Stable Medium 256-bit
7 SSTP Fast Very stable High 256-bit
8 PPTP Speedy, due to low encryption Very stable Weak 128-bit

Resources Used :

Comparing WireGuard and Lightway
OpenVPN vs IPSec, WireGuard, L2TP, and IKEv2
Best VPN Protocols: OpenVPN vs PPTP vs L2TP vs Others
Wireguard
Lightway vs Wireguard vs OpenVPN - Youtube
What kind of Encryption does Speedify use?

And many more...

5.3 Wireguard

As we see in the section above, Wireguard is faster than OpenVPN. So it was a very good choice for a VPN.

  • The issue faced in setting up was that Wireguard is UDP only VPN whereas the only option for us is to route traffic through TCP:443.
  • Tunneling TCP over TCP can be a disaster : Why TCP Over TCP Is A Bad Idea
  • There are alternative solutions which involve tunneling UDP over TCP using utilities like : udp2raw and udptunnel. But sadly I was unable to set them up and couldn't make them work.
  • Even routing UDP over TCP is not much of a good idea and did not produce interesting results. The above method results in a performance similar to OpenVPN so why not just use OpenVPN : Using Wireguard when UDP is blocked. The other issue of routing UDP over TCP is it is diffcult to this on every platform, like android requires root privileges for this.

Resources Used:

Known Limitations
https://gist.github.com/insdavm/90cbeffe76ba4a51251d83af604adf94
https://github.com/wangyu-/udp2raw/issues/411
https://encomhat.com/2021/07/wireguard-over-tcp/

5.4 OpenVPN vs ExpressVPN vs Speedify

The testing was done on a couple of devices from the campus ( LBS and JCB Hall ). Devices being - ROG Strix G15 2020, Aspitre 7 and MSI GL65 Leopard.

⚠️NOTE: The following data for ExpressVPN is not updated after the removal of its servers from India due to update in Indian laws to store logs for servers in India; stay tuned will be updated soon.

  • For casual users 💻
Server Download Speed Before Download Speed After
⚠️ ExpressVPN 600 Mbps 500-550 Mbps
Speedify <750 Mbps 450-500 Mbps
OpenVPN - AWS ec2 600 Mbps 150 Mbps
openVPN - Digital Ocean 600 Mbps 200 Mbps
Mullvad (OpenVPN) - Singapore 100 Mbps 50 Mbps
  • For gamers 😎

CSGO Official Servers:

Server Ping Packet Loss Remarks
⚠️ ExpressVPN - Mumbai 50-70 ms Rare It's Paid T_T
OpenVPN - AWS ec2 60-80 ms Rare It's free for 1 year with 1 account.
4 people 4 years. Ez Katka 😄
OpenVPN - DigitalOcean 130+ ms 2-4 % Don't use it, not worthy

Valorant

Server Ping Packet Loss Remarks
⚠️ ExpressVPN - Mumbai 50-80 ms Rare
OpenVPN - AWS ec2 70-90 Rare ✅ 💙
OpenVPN - DigitalOcean 120+ ms 5-6 % 😞

Need testers for testing gaming on Speedify.

As you could see, ExpressVPN maybe the best. Among AWS and DigitalOcean, AWS is much better as its servers are in Mumbai whereas for DigitalOcean, they are in Bangalore.

5.5 Disable Nagle's Algorithm

Nagle's algorithm is a means of improving the efficiency of TCP/IP networks by reducing the number of packets that need to be sent over the network. It was defined by John Nagle while working for Ford Aerospace. It was published in 1984 as a Request for Comments (RFC) with title Congestion Control in IP/TCP Internetworks in RFC 896.

Source : Nagle's Algorithm

Lately, I have observed that in-game fast mouse movements (flicks and single headshots) were not accurate. I doubted that the packets maybe getting "piggy-backed". This is a problem for gaming, where low latency is needed. So we need to disable it to improve latency. Even though latency did not improve much, but the flicks and headshots were now much accurate and gave a good playing experience. Much recommended for gamers.

I have added option to angristan/openvpn-install repo used in the steps section. I have also created an upstream PR to the repo. I hope it gets merged, till then you can use my script.

Pull Request : add TCP_NODELAY option #1063

5.6 Further Steps

This repository is available for anyone who wishes to add upon this work or needs information for any purpose or maybe is planning to implement their own VPN. For me, I would love to research more on this topic and look for ways to improve the Internet situation at the campus. It was really difficult with bad network at the campus to be able to even talk with parents on video call as whatsapp and similar apps are blocked.

Beleiving in open source I hope someone will add value to this repository, so that even people with less technical experience can understand basic comparisons among the various servers and technologies.


Dont't forget to visit my experimentation with Rapsberry Pi and ExpressVPN - here