The NordLynx Protocol

Disclaimer: Affiliate links help us to continue bringing you new content. Learn more.

Back in July 2019, NordVPN rolled out an innovative protocol named “NordLynx,” designed to address the shortcomings of its predecessors.

This novel approach represents the next wave of VPN protocols, setting itself apart by delivering enhanced speed over traditional ones. In essence, it enhances WireGuard with its modernized approach.

The Driving Force Behind NordLynx’s Creation

If you use any VPN service, you’re likely familiar with standard VPN protocols and know that it’s quite normal for VPN providers to use OpenVPN as their default protocol. In recent years, WireGuard has become very popular too.

OpenVPN

They use OpenVPN because it works on nearly every platform and can be customized because it’s open-source. However, OpenVPN is very complex and can slow down VPN connection speeds.

WireGuard

WireGuard is not the modern answer that many expected. Yes, it’s very fast, but it’s just not safe enough. That makes it unsuitable for some tasks. For example, file sharing is considered risky when using the WireGuard protocol.

In this particular case, the problem was the static IP address assigned to the downloader. There was a chance of users being identified because of the unique IP address in the torrent swarm.

There was an obvious need to tweak the old protocol and come up with an improvement.

How Does the NordLynx Protocol Work?

NordLynx inherited the most impressive feature of the WireGuard protocol: its speed. For context, Wireguard has 4,000 lines of code powering it. OpenVPN has 100 times that amount of code, making WireGuard far leaner.

NordLynx corrects WireGuard’s security issues

The WireGuard VPN framework, while efficient, falls short in the privacy department, particularly when stacked against more intricate protocols like OpenVPN. However, NordLynx has stepped in to mitigate many of these privacy shortcomings.

NordLynx’s most significant security advantage over WireGuard is that it utilizes a double NAT system. Unlike WireGuard, NordLynx routes users’ traffic through randomized IP addresses.

WireGuard assigns each user a static IP address. Given this, there’s a significant risk that their traffic could be directly linked back to them, raising privacy concerns. That’s a major concern in the VPN world, and it’s why WireGuard was the target of so much criticism.

NordVPN cannot identify NordLynx users

The double Nat system also uses an external database, which handles user authentication. Each user is then assigned a temporary dynamic identity. Therefore, the VPN server won’t be aware of the user’s real IP addresses.

A Word of Caution

Though the first security and speed tests are promising, you should still be cautious when using NordLynx. A lot of testing still needs to be performed to assess its security.

So far, the results are positive, but security researchers build their careers on discovering new vulnerabilities. The more recent the software or protocol, the higher the likelihood of an unknown vulnerability.

We’re not advising you not to take advantage of NordVPN’s new protocol. But it’s important to remind our readers to play it safe. In any case, NordVPN has always been good at publishing research findings. A good example is the NordVPN logging audit performed in 2019. My point is that, in the case of a compromised protocol, you would probably receive an email from them.

NordLynx Advantages and Disadvantages

Just like every VPN protocol out there, NordLynx has its pros and cons:

Setting Up NordLynx

Activating NordLynx is very simple. In the NordVPN app, click on the settings icon. In the menu on the left, choose Auto-connect. Finally, select NordLynx from the drop-down menu.

What Devices does NordLynx work with?

The screenshot above shows how the Windows version looks, but NorLynx is also available for Mac, Linux, Android, and iOS. You can activate it on most of those platforms in a very similar way. Linux users must enter the command “NordVPN set technology NordLynx” to enable it.

Other Parts of this Update

This update is one of the biggest in NordVPN’s history. Since the main topic was the addition of NordLynx, much of the press is only about this part.

However, NordVPN did more than add a protocol. They also removed some older and less secure VPN protocols. It wasn’t a great idea to use these anyway. OpenVPN is the only “old” protocol you can still use from all the previously available protocols, both UDP and TCP.

The Deleted protocols

NordVPN removed three protocols in this update. Let’s have a look at the reasons why that happened.

SSTP

First, NordVPN used to offer SSTP. This protocol is closed-source and developed by Microsoft. However, none of its benchmarks are too remarkable, and it’s expensive. There were likely very few NordVPN users who were still connecting through SSTP.

PPTP

PPTP was a long-overdue removal. This protocol is, without a doubt, the worst to use on any front. Its speeds are usually poor, there’s a high packet drop rate, and it isn’t optimized for any activity.

It’s no longer being developed and has hundreds of known vulnerabilities. Due to leaked documents, there’s evidence that the NSA has cracked PPTP.

L2TP

Though the initial recommendation for PPTP users was to switch to L2TP, this was short-lived. In contrast to the other protocols we have discussed, L2TP requires an encryption suite. Since it fails to provide adequate protection by itself, it was also removed in this update.

Final Thoughts

We know that WireGuard is the most straightforward, lightweight, and fastest protocol in the VPN industry. But, as it was shown multiple times, it’s not very safe. That’s why NordLynx aims to provide the speed of WireGuard and the secure connection that other top VPN protocols offer, such as OpenVPN.

As such, NorthLynx can be seen as a technological improvement over WireGuard. If no problems come up after extensive testing, we are dealing with what could become the future industry standard.