Proxies And VPNs

From VuzeWiki
Jump to: navigation, search

Proxies and VPNs are used to route your network traffic through alternative networks to enhance privacy and anonymity.

HTTP Proxy Configuration[edit]

HTTP proxies redirect HTTP (and HTTPS) connections. Within Vuze this affects tracker communications, HTTP seed connections, basically anything that uses URLs for connection purposes. Note that you will need to ensure that your web browser is also configured to use the proxy if you want webpages rendered within Vuze (e.g. the Vuze HD Network) to go via the proxy.

HTTP proxying does NOT affect normal peer-to-peer connections as these are made via TCP/UDP connections. To route these connections requires either a SOCKS proxy or a VPN.

Configuration is via the advanced mode options Connection->Proxy Options - for an HTTP proxy deselect the 'I have a SOCKS proxy' checkbox.

SOCKS Proxy Configuration[edit]

Vuze supports SOCKS proxies of type 4, 4a and 5. It does not support incoming TCP connections. It supports SOCKS 5 UDP associations for tracker announces and scrapes but not for peer connections.

Configuration is via the advanced mode options Connection->Proxy Options. Tracker and data communication is configurable separately in case you want to only router one of these via a proxy.

Your SOCKS connectivity can be tested from the configuration page:

SOCKS Test.png

When running Vuze will display your SOCKS connectivity status in the status area:

SOCKS StatusBar.png

Detailed information is available in the statistics view:

SOCKS Stats.png

The 'More...' link will show you more information on the individual SOCKS server instances.

Sometimes your default DNS server may not be returning accurate SOCKS server instances - you can force Vuze to use a DNS server of your choice to work around this.

If you want to check the routing status of your peer data connections then refer to the 'Routing' tab on the 'Transfers' tab of the 'Statistics' view - this will show connections made via the SOCKS proxy as such.

If you are using a SOCKS proxy for privacy purposes then you will want to disable features that will otherwise allow your public IP address to leak and for other peers to connect directly to you. These are configured by the Tools->Options->Connection settings (make sure your Mode is set to intermediate or higher under Tools->Options->Mode). Look for the 'Peer Sources' section and deselect everything apart from the first one, 'from a tracker'. Also ensure that you haven't got the 'Mainline DHT Plugin' installed (mlDHT)

Socks PeerSources.png

SOCKS support does NOT support incoming proxied connections (regardless of whether or not you explicitly disable these as above) - this means you will appear to have a 'NAT problem' - reported whenever you aren't receiving incoming connections.

VPN Configuration[edit]

To a large extent Virtual Private Networks (VPNs) are transparent to Vuze - they intercept your network packets at the point where the operating system routes them and forces the packets to be sent to the VPN servers for forwarding. However, assuming that your VPN is implemented on your machine as a separate network interface you can set some configuration option in Vuze to explicitly tell it to use that interface. This can be an advantage if your VPN connection is unreliable - if it fails, rather than the OS falling back to routing packets though the public IP network Vuze will continue to explictly attempt to route those packets through the VPN (which will fail, but at least the packets won't have be sent elsewhere)

Vuze options are documented here. First set your Mode to 'Advanced'. Next go to Connections->Advanced Network Settings and locate the interface name for your VPN (e.g. eth<number>). Enter this interface name in the 'Bind to local IP address or interface' box. Now scroll down to the bottom and check the 'Enforce IP bindings even when interfaces are not available' option.

More recent versions of Vuze will attempt to detect when your traffic is being routed via a VPN interface and offer to perform this configuration change for you.

If your VPN provider doesn't support incoming connections then you can explicitly disable these in Vuze by deselecting 'Incoming Connection' under 'Peer Sources' in Connections - if for some reason your public IP address is leaked (e.g. you start a download with your VPN disconnected and haven't bound explicitly to an interface) this will prevent other peers from connecting to you via this public IP.

If you have either manually or automatically setup the VPN interface binding the VPN connectivity status is shown in the status area:

Route icon.png

This will be red if there are connectivity issues, for example your VPN connection has failed.

Note that lack of incoming connection support by your VPN provider will cause Vuze to report that you have a 'NAT problem' - this is reported whenever Vuze detects an absence of incoming connections.

Clearing Bind Settings[edit]

If your VPN configuration has changed, or perhaps you have stopped using a VPN, then you may be presented with a red icon with a tooltip indicating that a particular bind IP is not found. You can reset things to their original state by going to the Connections->Advanced Network Settings (see above for details of how to do this) and

  • Clear the 'Bind to local IP address or interface' box
  • Un-check the 'Enforce IP bindings even when interfaces are not available' option

There is also a right-click option to do this via the status bar icon.