Server list updated with provider and ownership

There was a problem preparing your codespace, please try again.

Saved searches

Use saved searches to filter your results more quickly

Cancel Create saved search

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Find Mullvad servers with the lowest latency at your location

License

Ch00k/mullvad-closest

This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Switch branches/tags
Branches Tags
Could not load branches
Nothing to show
Could not load tags
Nothing to show

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Cancel Create

• Local
• Codespaces

HTTPS GitHub CLI
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more about the CLI.

Sign In Required

Please sign in to use Codespaces.

Launching GitHub Desktop

If nothing happens, download GitHub Desktop and try again.

Launching GitHub Desktop

If nothing happens, download GitHub Desktop and try again.

Launching Xcode

If nothing happens, download Xcode and try again.

Launching Visual Studio Code

Your codespace will open once ready.

There was a problem preparing your codespace, please try again.

Latest commit

894d207 Jul 9, 2023

Git stats

Files

Failed to load latest commit information.

Latest commit message
Commit time
July 9, 2023 22:24
July 9, 2023 21:42
July 9, 2023 22:24
July 9, 2023 22:24
July 9, 2023 21:48
July 9, 2023 21:48
July 9, 2023 21:48
July 9, 2023 21:48

README.md

mullvad-closest

mullvad-closest helps pick a server that would have the lowest latency at (and would usually be the closest to) your current location.

Your current location is taken from the response of https://am.i.mullvad.net/json (the API that powers https://mullvad.net/check).

List of Mullvad servers is provided by relays.json , a file that is bundled with Mullvad application. Depending on your platform, it can be found in the following locations on the filesystem:

• Linux: /var/cache/mullvad-vpn/relays.json
• macOS: /Library/Caches/mullvad-vpn/relays.json
• Windows: C:\ProgramData\Mullvad VPN\cache\relays.json

The distance between your location and a Mullvad server is the geodesic distance in kilometers. By default only the servers within 500 km are shown.

The latency is the result of one ICMP request sent to the server’s IP address.

Installation

$ pipx install mullvad-closest 

Usage

$ mullvad-closest --help Usage: mullvad-closest [OPTIONS] Options: -s, --server-type [openvpn|wireguard] Only show servers of a particular type -m, --max-distance INTEGER Only show servers within this distance from myself [default: 500] --help Show this message and exit. 

Find all WireGuard servers within 300 kilometers:

$ mullvad-closest --max-distance 300 --server-type wireguard Country City Type IP Hostname Distance Latency ----------- ---------- --------- -------------- ------------- ---------- --------- Netherlands Amsterdam wireguard 193.32.249.70 nl-ams-wg-005 31.3219 18.8773 Netherlands Amsterdam wireguard 193.32.249.69 nl-ams-wg-004 31.3219 18.9524 Netherlands Amsterdam wireguard 193.32.249.66 nl-ams-wg-001 31.3219 20.0162 Netherlands Amsterdam wireguard 169.150.196.15 nl-ams-wg-202 31.3219 21.9269 Netherlands Amsterdam wireguard 185.65.134.83 nl-ams-wg-003 31.3219 22.2118 Netherlands Amsterdam wireguard 169.150.196.28 nl-ams-wg-203 31.3219 22.5372 Netherlands Amsterdam wireguard 169.150.196.2 nl-ams-wg-201 31.3219 22.8589 Netherlands Amsterdam wireguard 185.65.134.86 nl-ams-wg-006 31.3219 22.8741 Netherlands Amsterdam wireguard 185.65.134.82 nl-ams-wg-002 31.3219 22.9678 Germany Dusseldorf wireguard 185.254.75.5 de-dus-wg-003 150.785 24.272 Germany Dusseldorf wireguard 185.254.75.3 de-dus-wg-001 150.785 24.287 Luxembourg Luxembourg wireguard 92.223.89.181 lu-lux-wg-001 285.289 24.3261 Luxembourg Luxembourg wireguard 92.223.89.165 lu-lux-wg-002 285.289 24.3518 Germany Dusseldorf wireguard 185.254.75.4 de-dus-wg-002 150.785 25.2352 Belgium Brussels wireguard 91.90.123.2 be-bru-wg-101 149.609 25.6422 Netherlands Amsterdam wireguard 92.60.40.209 nl-ams-wg-102 31.3219 25.7621 Netherlands Amsterdam wireguard 92.60.40.239 nl-ams-wg-104 31.3219 26.2949 Netherlands Amsterdam wireguard 92.60.40.194 nl-ams-wg-101 31.3219 26.3009 Netherlands Amsterdam wireguard 92.60.40.224 nl-ams-wg-103 31.3219 26.3679 Belgium Brussels wireguard 194.110.115.34 be-bru-wg-102 149.609 28.5451 Belgium Brussels wireguard 194.110.115.2 be-bru-wg-103 149.609 28.6839 

About

Find Mullvad servers with the lowest latency at your location

Server list updated with provider and ownership

Our server list has been updated to contain the following two major additions:

1. Provider – The name of the hosting provider that we rent the server or server space from
2. Ownership – A flag describing if Mullvad owns or rents the server

With the updated server list in place, you as a customer can make a more informed decision about which server(s) you want to use. At the moment we have two kinds of servers, rented and hardware that we own ourselves.

Before we go into details about these two kinds of servers, it’s important to understand that for all VPN servers we use encryption to secure their data. You cannot simply unplug a server and boot it up and mount the disk to copy any keys, unless you know the encryption passwords. The encryption passwords are only known and accessible to relevant Mullvad staff. Furthermore, each server has unique encryption passwords, as well as certificates and private keys for their VPN tunnels. This means that in the unlikely event that any of these were to be extracted from a server, they would only affect that one individual server.

Ownership

Rented servers

We rent dedicated servers only. No virtual servers. In order to ensure sound and secure deployment procedures we always perform hardening and sanity checks on all servers before provisioning our own software and letting customers connect to them.

Remote management software (IPMI/iLO/iDRAC/KVM)

1. If the server has remote management, it should be on a dedicated port only accessible via or by the hosting provider and not available on the public Internet.
2. We recheck our configurations regularly to ensure that no public addresses are attached to our IPMI interfaces.

On which level and for what purposes do external parties have access to rented servers?

Hosting providers do the initial operating system installations (most often through the remote management software), after that we remove their access from the server. After this they may have access to the remote management software of the servers, so that they may aid in rebooting and reinstalling faulty servers, but they have no direct access to the operating system or the software running on the server itself.

Mullvads own servers

Remote management software (IPMI/iLO/iDRAC/KVM)

On our own servers, remote management resides behind bastion hosts (a special-purpose computer on a network specifically designed and configured to withstand attacks). In order to use the remote management software on these servers you first have to connect to a bastion host. Apart from requiring access through a bastion, each server has their own specific network port for remote management that resides on a LAN that is separate from the rest of the network. Some hosting providers have KVMs that they can enable if we ask them to, if the remote management should for some reason be unavailable.

On which level and for what purposes do external parties have access to our own servers?

For hosting providers where we host our own servers, most of the time we troubleshoot, reinstall or do initial operating system installation ourselves through the remote management behind the bastion. On a few occasions, hosting providers may be asked to troubleshoot hardware issues or reinstall servers that are not working as intended, but in contrast to rented providers, they will either have to enable and use their KVM (if available) or physically plug themselves into the server.

The hosting provider 31173
A special focus on network performance and connectivity for all servers hosted at 31173’s locations exist. We actively invest time into making sure the network runs well, and that connectivity between locations have fiber wavelengths to other locations. For instance there are wavelengths from Amsterdam to Malmö, London, and Frankfurt to improve performance and reduce latency, and also to ensure that the users traffic can travel as far as possible within 31173’s network without using other network providers.

Future management of servers

The management software provided by computer manufacturers are closed source and riddled with bugs and security vulnerabilities, therefore we are active in these two projects: