When innovation knocks, what will you do: let it in or shut the door? Being forever-curious and imaginative geeks, we at NordVPN are always open to innovation. That's why we developed our NordLynx protocol technology.
Jan 04, 2022 · 5分で読む
The NordLynx protocol is an encryption system that can protect your privacy while you're using a VPN. It's a process that encrypts your data while it's traveling to and from the VPN server, so no one can intercept and view it while it's in transit.
NordLynx is built around a protocol called WireGuard®, and it has two really great properties. One is its capacity to provide NordVPN app users with lighting-fast internet connection speeds, without compromising on encryption security. If you've ever wondered “What internet speed do I need and can I get it with a VPN?”, our NordLynx protocol may be the answer.
While connecting to VPN servers adds an extra step on your data's journey, NordLynx should ensure that you won't notice any perceptible slowdown on your end.
The other selling point is its simplicity; because the NordLynx code is much more streamlined than old VPN protocols, it's really easy to troubleshoot and resolve technical issues. That means we'll be able to continually maintain and improve your VPN service.
Offering a high-speed connection while maintaining top-notch online security is one of the biggest challenges for a VPN provider. What if there was something that could bring a radical change?
The emergence of WireGuard, a new VPN tunneling protocol, seemed like a breath of fresh air in the industry.
Modern, extremely fast, and insanely lean in its architecture, WireGuard uses state-of-the-art cryptography and is backed by thorough academic research. With this combo, it outshines the current leading VPN protocols – OpenVPN and IPSec. WireGuard consists of only 4000 lines of code, making it easy to deploy, audit, and find bugs. To compare: OpenVPN runs on 400,000 lines of code, meaning that WireGuard would make up only 1% of the massive OpenVPN’s architecture.
However, it’s not all as great as it sounds. The WireGuard protocol is still under heavy development, and it’s far from perfect. Yes, WireGuard can promise better connection speeds already, but its capabilities to keep users anonymous fall behind.
But an opportunity to offer a faster and more reliable VPN connection to our users was right there. And as a leading VPN provider, we took it as a challenge.
That’s how Project NordLynx came to life.
WireGuard alone can’t ensure complete privacy. Here’s why. It can’t dynamically assign IP addresses to everyone connected to a server. Therefore, the server must contain a local static IP table to know where internet packets are traveling from and to whom they should return. It means that the user's identity must be stored on the server and linked to an internal IP address assigned by the VPN.
To put it less technically: by implementing the out-of-the-box WireGuard protocol in our service, we would have put your privacy at risk. And we would never do this.
So we had a puzzle to solve: how can we bring WireGuard’s benefits to our users while strengthening the wobbly privacy part?
We needed to find a way for the WireGuard protocol to work without posing a risk to our customers’ privacy.
And we found it. We developed something called a double NAT (Network Address Translation) system.
To put it simply, the double NAT system creates two local network interfaces for each user. The first interface assigns a local IP address to all users connected to a server. Unlike in the original WireGuard protocol, each user gets the same IP address.
Once a VPN tunnel is established, the second network interface with a dynamic NAT system kicks in. The system assigns a unique IP address for each tunnel. This way, internet packets can travel between the user and their desired destination without getting mixed up.
The double NAT system allows us to establish a secure NordLynx connection without storing any identifiable data on a server. Dynamic local IP addresses remain assigned only while the session is active. Meanwhile, user authentication is done with the help of a secure external database.
Follow these simple steps to turn on the NordLynx protocol on your NordVPN app.
Follow these steps, and you'll connect with NordLynx as your encryption protocol whenever you use a NordVPN service.
If you want to disable NordLynx, it will only take a few seconds; in fact, it's almost the same as the NordLynx setup process. If you've already selected NordLynx as your protocol, open your NordVPN app and follow the steps from the previous section. When you get to Step 4, select a different protocol, and now that will be your default the next time you auto connect or manually select a server.
Alternatively, you can pick the Use Recommended option, which will connect you with the best VPN protocol for your system and area.
In fall 2018, we invited a small group of users to take our WireGuard implementation for a test drive as a part of a closed beta. Then, after months of further research, development, and testing, we went public with NordLynx – our solution for a fast, private and secure VPN connection. And we’re inviting every curious soul out there to try it!
The NordVPN Linux app already supports NordLynx, which you can download here, if you haven't already.
By default, NordVPN for Linux runs on the OpenVPN protocol. Follow these steps to switch to NordLynx:
.nordvpn set technology NordLynx
That’s it – now your Linux app is running on NordLynx. You can always switch back to OpenVPN by entering ‘nordvpn set technology OpenVPN’.
Not using Linux but want to try NordLynx? We will soon provide tutorials on how to set it up on any third-party WireGuard client.
We believe that NordLynx has the potential to be a game-changer in the VPN industry. But we’re nothing without your feedback – please let us know about your experience with NordLynx and help us make the internet better!
And if you want to see for yourself how fast NordVPN is, you can dowload it today using a NordVPN coupon to get the best deal possible.