How VPNs really work

I got asked an interesting question I thought I’ll explore it here






There are many explanations of VPN as a magical tunnel that protects your identity. These descriptions, however, are very vague and often misleading. I am not an expert in networking, but know how to explain what occurs under the hood when a VPN is enabled. So, I suppose I'm talking to software engineers. They are my audience after all. It is a simple example, using the HTTP server, of how VPN works. .

 Let's say your source IP is 6.6.6.6., so let's suppose you want to join Google using an IP 1.2.3.4 port 80 then we need to make sure our source IP is 6.6.6.6. That is your public IP router, not your personal laptop's private IP, so for simplicity I will skip NAT.

 Normally with no VPN, your client sends a SYN segment to port 80 that goes into an IP packet with a destination IP 1.2.3.4 and source ip 6.6.6.6 and google replies back directly to you with a SYN/ACK destination IP 6.6.6.6 and and the source IP 1.2.3.4, and so on. 
The IP packet you are sending back and forth to 1.2.3.4 is visible to your ISP. When using plaintext HTTP (port 80),
they (the ISP and essentially anybody in between) have the option to deeply analyse it and view the content, but they are not able to do so when using HTTPS (port 443).

Let's imagine you set up an UDP-based VPN and connect to a VPN server with IP 3.3.3.3. The VPN client then grabs the IP packet, encrypts it, and puts it on a new UDP datagram with VPN information. This UDP goes into a new IP packet with a target IP of 3.3.3.3. The client continues to make SYN IP packets with destination IPs of 1.2.3.4 and 6.6.6.6. The VPN server, which recognises that this packet needs to reach you (6.6.6.6), responds to 3.3.3.3 with SYN/ACK. As a result, it generates a new IP packet with the SYN/ACK and the source IP address as 3.3.3.3 and the destination IP as 6.6.6.6. 

 In conclusion, the VPN just passes the SYN through, allowing you to establish an end-to-end TCP connection with Google over this encrypted tunnel, rather than terminating the TCP. Keep in mind that when you utilise TLS, the TLS client greeting is sent across the VPN to Google in the same manner as any other packet. Because of this, you also have end-to-end encryption, and HTTPS traffic cannot be read by the VPN.

Comments

Post a Comment

Popular posts from this blog

"Top 5 Reasons to Learn Python in Today's Tech World" Its Technology Applications"

Image
In the ever-evolving world of technology, Python stands out as a powerhouse programming language with numerous advantages that make it a top choice for aspiring developers, data scientists, and tech enthusiasts. With its simplicity, versatility, and widespread adoption, learning Python can be a game-changer. In this blog, we'll explore the top five compelling reasons why learning Python is a wise decision in today's tech landscape. 1. Easy to Learn and Read Python's clean and readable syntax makes it an excellent choice for beginners and experienced developers alike. With its minimalistic, human-friendly code structure, Python is often described as being close to plain English, making it easy to understand and write. This simplicity allows you to focus on problem-solving and creativity rather than struggling with complex syntax rules. 2. Versatility for Diverse Applications Python's versatility is a significant reason for its popularity. It can be used in various domai
Read more

Motivation Comes From Action

Image
  Are you lacking motivation? If you do, I guess you need to wait until you have motivation to accomplish what you want. Don’t find motivation in action. It won’t work. It only comes from waiting on your bed. Motivation comes from scrolling through Instagram. When you find David Goggins videos about motivation, maybe you will get motivated. If not, keep scrolling. It will be alright. Just relax. I want you to not succeed. I want you to keep scrolling and procrastinating. Just keep doing that until your enemy becomes stronger than you. Keep doing that until you don’t achieve anything in your life. Wait, you don’t want that? Well, good luck with that! Procrastinator I was that guy, and I still do that sometimes, finding motivation through scrolling social media. I’m hoping that David Goggins will come in front of my house and tell me to do push-ups. Scrolling through social media is so easy. It takes a little effort to do it. Social media gives me more easy stuff that helps me become wea
Read more