What Is a VPN Tunnel?
The short answer is that a VPN tunnel is an encrypted connection between you and your VPN. It makes it so neither your ISP nor the sites you visit can see what you’re doing unless they crack the encryption—which in practical terms is impossible. Tunnels add a great deal of security to your internet connection and many VPN services advertise them as the alpha and omega of online safety.
Of course, there’s a little more to it than that. For the long answer, we first need to go into a bit more detail on how the internet works. When accessing a site on the internet, you make a connection from your device to your ISP, which then relays the signal to the site you’re visiting. In this scenario, both your ISP as well as the site know where you’re located and can track how you move around the web.
A VPN, or virtual private network, prevents some of this tracking in two ways: first by rerouting your connection and then by encrypting it. Instead of going from your ISP to the site, it redirects your connection through one of its own servers. This changes your IP address to that of the server, making it appear like you’re in another location—making it harder to keep tabs on you, while helping you circumvent regional restrictions.
VPNs aren’t the only type of program that can reroute your connection: proxies do it, too, as does Tor. However, as we explain in our article comparing VPNs and proxies, VPNs are different from these two as they encrypt their connection using the secure tunnel. The advantage is that the encryption makes it so neither the site you visit nor your ISP knows what you’re doing.
How Does a VPN Tunnel Work?
When thinking about VPN tunnels, one handy way to visualize them is like you’re driving a car. When you’re driving on the open road, anybody can see you. The moment you drive into a tunnel, it becomes a lot harder. To take the analogy a little further, in the case of a VPN, the tunnel also has guards on each end and some kind of anti-surveillance protection while inside.
As a result, when you connect through a VPN server, all anybody can see of your activity is some random gibberish, a tell-tale sign for your ISP to see if you’re using a VPN—though it’s unlikely to care.
Protocols and Encryption
To encrypt your connection, a VPN uses what’s called a protocol, an agreement of sorts between two machines on how to “talk” to each other using specific rules. In the case of a VPN protocol, this sets certain requirements, like the type of encryption used and through which ports traffic is to be routed.
There are a lot of encryption options, but the most common one is called AES. It comes in two flavors, 128-bit and 256-bit, with the last one often advertised as “military-grade encryption.” In practice, though, there doesn’t seem to be much of a difference when it comes to security. Either variant will take a very long time—think millions to billions of years—to crack.
The type of protocol used can affect a number of factors, most importantly your speed. Generally speaking, the “heavier” the encryption, the slower your connection will be. We go into more detail on how all this works in our roundup of the best VPN protocols, but the best thing to look out for as a consumer is to make sure the VPN provider of your choice has OpenVPN enabled. This protocol is the best pick for most people in most situations.
What VPN Tunnels Do For You
The upshot is that a VPN tunnel is a good thing to have, though it’s far from perfect. The biggest downside is that it will slow down your connection. There’s no way around it, and using more tunnels — like in a double VPN connection — will slow it down even more.
Still, though, this is a small price to pay for improved online security and a degree of anonymity. While you’ll still need to use incognito mode to further obscure your digital tracks — as well as taking some common-sense precautions like not clicking suspicious links — a good VPN service will protect you from surveillance and other forms of intrusion.