5

I have connected internet through openvpn. Without vpn like normal internet, I trace the path using tracert google.com I determined that, firstly the data goes from my computer to my home router (router ip 192.168.1.1), then ISP (xxx.xx.xx.x) and other local ISP (same country) and at the end google.com.

But after connecting openvpn, I traced again, I determined that first destination is 10.8.0.1 (I'm guessing that this IP has something to do with installed TAP driver. But, if you know exactly what it is then please explain). And then second destination, the data directly goes to outside of my Country. (The data/packet doesn't even goes to router and ISP) and at the end, google.com.

After tracing and comparing the route in ordinary connection and tunneled vpn connection, I wonder that can my ISP know that I use vpn? Can my ISP know what bandwidth I'm using xx mbps bandwidth? Do they know that a particular MAC (my modem's mac) is using particular amount of bandwidth ? or what I'm doing over vpn ?

My guess is that they can determine this things but I wonder even if the tracert doesn't display intermediate router and isp path, how the logs can be traced ?

Sorry for any mistakes, But I'm very curious about it.

2
  • Everything has to go via your router and ISP at some point. Either the virtual network is just confusing tracert or you're misinterpreting the results.
    – RJFalconer
    Commented May 11, 2015 at 10:31
  • It depends on the type of VPN, but yes, as a general rule, they are likely to have determined that you are using a VPN based on the characteristics of the exterior packets that make up the tunnel. IPSEC, PTPP, and L2TP are dead give-aways, whereas SSL may be more ambiguous. Commented May 11, 2015 at 11:50

3 Answers 3

6

Your ISP will be able to see that encrypted data is being sent to an endpoint, but they won't be able to actually know what this data is. Your ISP will also be able to see how much bandwidth you're using and could somewhat guess what you're using the VPN connection for, for example:

  • Up to 10GB/Mo : Basic web surfing/email
  • Up to 40GB/Mo : As above, but with a little bit of media streaming.
  • Up to 100GB/Mo : As above, perhaps torrents/game downloads
  • 150GB+/Mo : Intense usage, as above but with constant torrenting/downloading, & perhaps hosting content.

Your ISP will be able to see where you're connecting to, just not what you're sending there.

They can however ask the VPN provider or endpoint ISP for your access logs, if they are suspicious of your activities (usually requires an authorisation via a court). Remember that it may be against the ISP's terms to host any sort of server from your connection (even gameservers if it is a home DSL connection, apparently).

Your VPN connection still routes via your router/modem and your ISP, however.

0
1

The only way to connect to the outside world is trough the ISP. So let's check what is happening:

  1. When you use a VPN, you are opening something like a tunnel from your PC to the VPN server. Imagine that you write a letter to someone but instead of using your plain language you use an encrypted language. The Mail Service could open and try to read your letter but it will be unreadable.

  2. That tunnel is an encrypted connection from your PC to the VPN server passing trough your ISP, his routers , etc. Just like the letter, it will use the mail service nodes until it gets to the final destination.

  3. Your ISP and all the other intermediate routers are unable to read the contents of your data, because it's encrypted. Just like the letter!!!

When you are using a VPN and issue a ping, the ICMP packet goes inside the tunnel to the VPN server, so you can't ping ISP router or the intermediate routers.

Your ISP can detect you are using encrypted data and the IP address of the VPN server, however they are unable to check the data, so they won't know if it's torrent, streaming, regular http, ftp or whatever. They can measure exactly how much bandwith you are using, and from the characteristics of it they can assume which kind of traffic you're moving. It's not the same torrenting than streaming for example.

4
  • Please give explanation while giving a down vote. Commented May 11, 2015 at 12:54
  • Someone didn't like it. Don't know why.
    – jcbermu
    Commented May 11, 2015 at 13:12
  • I DV'ed, but can't remember why. probably because it looks like you've copied my answer, but simply written it differently.
    – AStopher
    Commented May 22, 2015 at 20:53
  • @cybermonkey "Good artists copy, great artists steal". Steve Jobs
    – jcbermu
    Commented May 25, 2015 at 9:02
-1

Here is an interesting interactive illustration of who can see what when you use the internet with a decent virtual machine on a three machine virtual network using cerificates and encryption. Also what can be seen when you use Tor. And who can see what when you use neither

https://www.eff.org/pages/tor-and-https

1
  • TOR works differently than a VPN does, TOR bounces different packets round to different endpoints, unlike VPN which sends all data to a single endpoint.
    – AStopher
    Commented Jun 25, 2015 at 19:57

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .