VPN traffic changed to TCP

Discussion in 'privacy problems' started by lurningcerv, Jan 3, 2014.

Thread Status:
Not open for further replies.
  1. lurningcerv

    lurningcerv Registered Member

    Joined:
    Dec 27, 2011
    Posts:
    87
    All my traffic through my VPN service used to be in UDP. Now, suddenly for no apparent reason its all in TCP, and there are some packets in other protocols. Does anyone know why this is happening and how to fix it? I am pretty sure this is not a change that originated in the VPN server.
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    Is the VPN connected?

    Have you updated the VPN client? Or changed to a different route?
     
  3. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I use TCP for my VPN traffic. It looks like more normal traffic, has less packet loss problems but can be slightly slower. I use it, it should not really be a problem for you if your client or VPN software wants to use TCP. Maybe the provider did it for a reason.
     
  4. lurningcerv

    lurningcerv Registered Member

    Joined:
    Dec 27, 2011
    Posts:
    87
    It could not be the VPN provider pushing this, because it occurs for all of my VPN providers (I have more than 1). The traffic for all of them now is in TCP. Very strange it should change for all of them suddenly like that.
     
  5. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Which providers?

    Its also possible that your experiencing packet-loss and those clients notice and default you to TCP, or as Mirimir explained, you may not be connected at all.
     
  6. Gitmo East

    Gitmo East Registered Member

    Joined:
    Jul 28, 2013
    Posts:
    106
    From what you've said it sounds like your not connected or leaking badly, have you tried using wireshark and seeing exactly whats happening ?
     
  7. lurningcerv

    lurningcerv Registered Member

    Joined:
    Dec 27, 2011
    Posts:
    87
    I did capture data streams with WS. That's how I found out that the streams are now TCP that used to be UDP. As I said, it's very unlikely (read almost impossible) that all my VPN providers would change the connections to TCP suddenly at the same time. I wasn't even using some of them at the time this occurred, and yet now they are all in TCP. I know very little about OpenVPN, but the only thing I can think of is that somehow an OpenVPN setting got changed. To the "you're not connected at all"...we can rule that out. I know when I'm connected via WS and Viscosity. By the way, thank you to those who responded.
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    Testing VPNs with Wireshark, what you see depends on what interface(s) you're capturing on. If you capture on the VPN tunnel, you'll see plaintext TCP etc traffic. If you capture on the physical network interface, and you're using a VPN in UDP mode, you'll see just encrypted UDP traffic (plus ARP etc on LAN). If you capture on both interfaces, you'll see all of that.

    Might that be it?
     
  9. lurningcerv

    lurningcerv Registered Member

    Joined:
    Dec 27, 2011
    Posts:
    87
    Thank you mirmir, that was why I was seeing the TCP. It's all UDP when I capture the Microsoft stream, except for some SSDP packets. I don't know what those are.
     
  10. lurningcerv

    lurningcerv Registered Member

    Joined:
    Dec 27, 2011
    Posts:
    87
    So what I take out of this is that when you capture on the adapter (e.g. Viscosity), you get the stream flowing into that adapter, and when you capture on the physical interface, you get what came out of the adapter on its way into the physical interface. So when you're capturing on the physical interface, that is the last opportunity to capture the stream, because when it leaves the physical interface, it's outside the computer's OS...right?
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    Yes. But you can capture with the router if it's capable of that. And with the right equipment, you can capture anywhere.
     
Loading...
Thread Status:
Not open for further replies.