randomizing VPN servers i connect to with my vpnvm?

[Stumpy]

I was thinking the line "remote random" in my .ovpn file, along with the
ip addresses would make the VPN VM randomly select different servers but
that doesnt *seem* to be the case, the bit that was included in the
.ovpn files that I think is relevant is:

remote-random
resolv-retry infinite
nobind
cipher AES-256-CBC
auth SHA512
comp-lzo
verb 3

Is there something else i need to do? I assumed it would either change
when it reconnects or is restarted but that doesnt seem to be the case.

[Chris Laprise]

You also have to specify multiple "remote" lines, one for each address.

--

Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886

[Jon deps]

On 4/18/19 12:08 PM, Chris Laprise wrote:
> On 4/17/19 8:38 PM, Stumpy wrote:
>> I was thinking the line "remote random" in my .ovpn file, along with
>> the ip addresses would make the VPN VM randomly select different
>> servers but that doesnt *seem* to be the case, the bit that was
>> included in the .ovpn files that I think is relevant is:
>>
>> remote-random
>> resolv-retry infinite
>> nobind
>> cipher AES-256-CBC
>> auth SHA512
>> comp-lzo
>> verb 3
>>
>> Is there something else i need to do? I assumed it would either change
>> when it reconnects or is restarted but that doesnt seem to be the case.
>>
>
> You also have to specify multiple "remote" lines, one for each address.
>

is there some howto URL writeup on this , sounds like something I may
like to try

[Jon deps]

cd /rw/config/vpn/
user@localhost:/rw/config/vpn$ sudo cat vpn-client.conf
client
dev tun
proto udp

remote-random

remote server1.net 1197
remote server2.net 1194
remote server3.net 1301


#remote-random


cipher AES-256-CBC
resolv-retry infinite
nobind
persist-key
persist-tun
verb 3
remote-cert-tls server
ping 10
ping-restart 60
sndbuf 524288
rcvbuf 524288

fast-io



auth-user-pass _userpass.txt
ca server_ca.crt



tun-ipv6
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

--------


apparently is not the solution , hmmmm , guess I'll keep web
searching ......

[Stumpy]

Not sure which way you set it up, but I *think* the remote-random would
need to be in the .ovpn file?

Anyway, my vpn setup works... but not the randomizing so i'm hardly an
authority.

[Chris Laprise]

If they're at different domains it should work. Otherwise, domain name
caching may cause the same address to be re-used. The best way to avoid
it is to specify IP addresses instead of domain names. But there is also
the '--remote-random-hostname <prefix>' option that can prevent dns caching.

[Jon deps]

ok yes, that worked ! thankyou using the IP addresses instead of the
vpndomain.names

I do see that the ovpn server list has many servers for each geolocation
, and apparently what happens is using the country.domainname.net
cause one of them randomly on the server end to be chosen, beyond
my/user control.

so hopefully me, designating one of often the many , by using the
specific IP address isn't too much of a downside ? re: obsfucation of
whom user is

looks like this remote-random is more used for load balancing ....

[Nick Darren]

Instead of using `remote-random` function, for the setup like NordVPN surely is a big mess. I can achieved that random parts by creating/using a simple bash script by using `shuf` on the location where it should be. This will be totally random everytime the vpn-vm got restarted.