How does VPN work with GOS?

Stewart

Hi,

I'd like to know how local VPN works on GOS?

Before switching to GOS, I used to use the RethinkDNS application in order to change DNS provider, configure a firewall to remove ads and trackers, as well as Orbot for messaging applications. But since I switched to GOS, I don't get any more notifications and I don't receive any messages from messaging applications.

Orbot alone, configured to work only with Signal, Whatsapp and Telegram crashes all the apps, the phone becomes unusable and the same when I tried with AdAway which is a simple basic ad blocker.

Can you explain how the VPN works? Does GOS block or restrict its use?

[deleted]

Stewart It works like a VPN. It is a recommended way (along with Private DNS) to perform content filtering (if your provider supports it) on GrapheneOS. With Always-on VPN and Block connections without VPN it's set and forget.

ignoramous

rdns dev here

[deleted] It works like a VPN. It is a recommended way (along with Private DNS)

That recommendation needs a disclaimer.

Android apps can (and do) themselves bypass Private DNS (Telegram, Instagram, Signal, and WhatsApp). I've already seen a couple trackerware SDKs (Gamooga, InMobi) do so, as well.

Rethink can trap and/or block such apps from doing so. On its own, Private DNS can't. More here: https://discuss.grapheneos.org/d/7930-rethinkdns-needed-on-grapheneos/8

Stewart

Thanks a lot, I didn't even think about reading the doc, I was able to find all the information I wanted in the end. Orbot works great, by default it was on "block connections without VPN", which blocked everything and I was able to remove ads and trackers from apps with Mullvad DNS.

Stewart

ignoramous I don't know why but I have the impression that RethinkDNS doesn't work with GOS, I don't receive notifications from applications. Problems that I didn't have with Android. I know because as soon as I deactivate it I get all the day's notifications at once. I had to stop using it.

ignoramous

Stewart ignoramous I don't know why but I have the impression that RethinkDNS doesn't work with GOS, I don't receive notifications from applications. Problems that I didn't have with Android. I know because as soon as I deactivate it I get all the day's notifications at once. I had to stop using it.

A few people have complained that on Android 14, notifications don't flow through, and suspect either Google has broken something (as with apparently ALL VPN apps, notifications don't work) or Rethink needs to fix something. We're yet to get to the bottom of it. If you're technical enough, do let us know if you find anything: https://github.com/celzero/rethink-app/issues/1115