r/VPNTorrents • u/iqBuster • Jul 10 '21 • 1
10 Bittorrent Clients Tested: Who Offers Proper Networking Options? (interface binding for VPN usage)
I installed 12 clients just to find out which ones allow binding to a specific interface/address. This is the setting to be used with a VPN, forget the praised "killswitches" that may be unrealiable. You can see proof to my words every other post in this sub.
- qBittorrent, Tixati - these are good examples how this should be implemented
- BiglyBT - very good (please read Note, dropped to #2 due to it)
- BitTorrent/uTorrent Classic, Deluge: the option is there, but that's not how you implement it
- Tribler, FDM, Transmission*, BitTorrent/uTorrent Web: lack this functionality
- FrostWire: so bad - disqualified! That's a great way to fu your users.
TLDR: You only have four client options that's places 1, 2 and Transmission(*) to comfortably use with a VPN. If you are using another client, comment below on the availability of options. Now onto individual clients.
Also see my other posts:
Video guide to find the network interface and configure the client on Windows (Linux/Mac are similar)
How to safely torrent on Android with VPN & BiglyBT
List of VPNs that allow port-forwarding (2021)
Answered: Why you do need port-forwarding for Bittorrent
A well known client and its often recommended feature. There's not much to add, it was implemented in a very user-friendly way if you decide to set it up. qB asks to select an interface and then allows to choose the kind of addresses (all/IPv4-only/IPv6-only) or one specific address available on the interface. Normally you want 'All addresses' and only choose the right adapter.
qBittorrent: Network interface selection
qBittorrent advanced options, the setting is placed at the very top
A niche yet nice client with powerful configuration capabilities. IPv4 and IPv6 are separately configurable and you can disable one or the other completely if your VPN does not support IPv6. You should select the long UUID number or on Linux the interface name.
Tixati Connection settings, the dropdown menu for IPv4
I was pleasantly surprised. This is a clear example of how good programs and UX should be. Upon first startup it greeted me with a message, asking whether I was using a VPN and if I wanted to bind to it to "increase privacy". Excellent, #1 well deserved.
NOTE: Make sure to tick the checkbox or you risk eventually leaking despite VPN:
Options > Connection > Advanced Network Settings > (scroll down) Enforce IP bindings even when interfaces are not available, prevents any connections if none of the specified interfaces are available [x]
The initial wizard is marvellous. The wiki link doesn't work however.
The full settings window allows to bind infinitely many interfaces/IPs and on top of that allows for regex - I guess its only useful for users who juggle with their network setups. Can allow LAN IPs to bypass binding which is a fair addition. Additionally: "Enable IPv6 Support" disabled by default.
PS: The MTU value is set to 1500, that's always incorrect in case of a VPN (this is probably a tuning option and may cause unnecessary fragmentation if BiglyBT really abides by it)
Screenshot of the advanced network settings in BiglyBT
#3 BitTorrent/uTorrent "Classic"
These are essentially the same client but different branding. The advanced configuration allows the following options:
net.bind_ip and net.outgoing_ip and net.disable_incoming_ipv6 (default: false)
You can probably find their exact descriptions online, but you need to set these manually, no pretty lists to select from. Only one IP allowed, but you can force-disable IPv6.
A separate word on the installers bloated with malware potentially unwanted products. Yes, you will be asked to install some shady programs, in my case at least twice or even three times. In the end, although I clicked "Next" without checking the checkbox for Opera - it was installed against my wish. I'm not sure whether I wasn't attentive enough to catch it or it just blatantly did anyway. The install configuration checkboxes simply did not work (Windows 7 x64). After installation a pingback web page was opened: https://www.utorrent.com/prodnews?v=3%2e5%2e5%2e1%2e46 https://www.bittorrent.com/prodnews/?v=7%2e10%2e5%2e1%2e46 (IDs changed)
...is the same as uTorrent version 3.5.5
Almost good, but not quite. You can select the listen and outbound interfaces separately (although seriously, I still don't see a point) and I suppose a manual IP entry would work flawlessly. However when I entered a clearly gibberish interface name and hit "Apply" - it happily took the invalid value without as little as a warning. Other than that same as above: you can only select one IP which is unacceptable in the era of IPv6. I do not know whether upon binding to an IPv4 address it would still try to communicate on IPv6.
Deluge has a pretty interface and so close to nailing it.
No option to bind to an interface, but supports proxies. Additionally you may have heard of it's privacy thanks to "onion-like" routing for BitTorrent, however lacking the crucial binding option this is puzzling.
You can select in the "Anonymity" tab to become an exit node for other Tribler users, that is you will download/seed content on behalf of others (piped through you) and it's disabled by default (good). However if you are a VPN user and wanted to contribute, there's no real safe way for you other than to configure your networking setup externally.
Tribler's Connection tab and proxy settings
Quite a popular program, but it lacks interface binding or even proxy settings.
Neither the Qt GUI nor the default web interface have an option for interface binding nor proxies. However if you wanted to secure Transmission, there's a Docker container (transmission-vpn?) with OpenVPN bundled with Transmission. This ought to do it.
#4 BitTorrent/uTorrent Web
This atrocity barely has speed settings, you would expect no better. I don't think BitTorrent Inc. quite understands that dumbing down the interface and the entire program for an "average Joe", who can barely open his e-mail inbox to check for new mail, is a damned effort. These users will never download a BitTorrent client to begin with because "uh I heard bad things about it". Though good luck with their pathetic subscription model, out of millions of users there will be some thousands to fall for it.
The installers are similarly riddled with "optional" junk.
You will pay a high price if you don't pay attention to the long-winded description text for the interface selection option. You can only select one IP, and I was about to put it to place 3, but then I caught it. The description literally says that this interface "binding" will fallback onto any other interface (likely all, default) if your "VPN interface" happened to fail or disconnect. This is a time bomb for unsuspecting users hence disqualified.
Important note and disclaimer: I have not tested the clients individually to verify when/how/whether the setting is applied. Especially the IPv4 vs IPv6 should be examined carefully as it is a potential source for a leak, e.g. when your ISP adds IPv6 support after you've configured your clients to use a specific IPv4 interface.
Finally, it is to be expected that "network binding" applies to all traffic within the program. This may not be the case for the proxy settings, as there's TCP+UDP traffic between peers, TCP (HTTP/S) to trackers and separately only UDP traffic on DHT. I recommend you to invest an hour or two to inspect the flow of traffic with Wireshark: it should all be through the VPN connection even after reconnects (and zero traffic if the VPN connection drops).
u/flytohappiness Aug 26 '21
I have qbittorrent and using PIA. What network interface should I use? (gif0, stf0,…) And what optional IP address to bind to?
u/iqBuster Aug 28 '21
You do not need to limit IP addresses after selecting the correct interface.
The names sound like OSX? In that case you're on your own to find a command/way to list info about interfaces. Compare before/after connecting to see where IP addresses appear (oh you can actually do this with just qBittorrent too, it should show available IPs/lack of those before connecting)
u/gamingforthesoul Jul 10 '21
Were you using Windows 98?
u/iqBuster Jul 11 '21
Windows Me
Jul 13 '21
BiglyBT is crashing on windows 10. Not sure why.
u/iqBuster Jul 16 '21
BiglyBT is a bit different because it needs Java to run. If you wanted to troubleshoot then start BiglyBT from console to see the error log (I think it will work like this)
u/carapungo Aug 06 '21
All you have to do, before torrenting is go here:
Then activate the Torrent Address detection
You will see this
"Add this Magnet Link to your torrent client and wait for the results below".
If you see your own IP, then the bit torrent agent is leaking your IP and is not safe to download. Qbittorrent was leaking my IP, I changed it to webtorrent.
u/DPJazzy91 Jul 10 '21
Are they binding to a VPN? Or are they just using a proxy?