VPNRanker

VPN Glossary: Every Term Explained

VPN technology can be confusing. This glossary explains every important VPN term in plain English, from encryption standards to protocol names to privacy features.

ABCDEFGIJKLMNOPRSTVW

A

AES-256
Advanced Encryption Standard with a 256-bit key, the strongest widely-used symmetric encryption algorithm. Used by governments and militaries worldwide, AES-256 would take billions of years to crack with current technology. This is the encryption standard used by virtually all reputable VPN providers.
Related:EncryptionChaCha20

B

Bandwidth
The maximum rate at which data can be transferred over a network connection, typically measured in Mbps (megabits per second) or Gbps (gigabits per second). VPNs can reduce available bandwidth due to encryption overhead, though modern protocols like WireGuard minimize this impact.
Related:ThrottlingSpeed Test

C

ChaCha20
A symmetric encryption cipher used by WireGuard and some VPN providers as an alternative to AES-256. ChaCha20 is particularly efficient on mobile devices and processors without AES hardware acceleration, making it ideal for smartphones and tablets.
Related:AES-256WireGuardEncryption
CIDR
Classless Inter-Domain Routing, a method for allocating IP addresses and routing. VPN providers use CIDR notation to manage their IP address ranges across server networks.
Related:IP AddressSubnet
Cipher
An algorithm used for encryption and decryption. VPN protocols use ciphers like AES-256-GCM, ChaCha20-Poly1305, and others to encrypt your internet traffic, making it unreadable to anyone intercepting it.
Related:AES-256ChaCha20Encryption

D

Data Retention
Laws or policies requiring organizations to store user data for a specified period. Many countries require ISPs to retain browsing data. For example, the UK requires 12 months and Australia requires 2 years. VPN usage prevents your ISP from having meaningful data to retain.
Related:No-Logs PolicyPrivacyJurisdiction
DDoS Attack
Distributed Denial of Service attack, where multiple systems flood a target with traffic to overwhelm it. Gamers and streamers are common targets. A VPN prevents DDoS attacks by hiding your real IP address from potential attackers.
Related:IP AddressGaming VPN
Deep Packet Inspection (DPI)
A network analysis technique that examines the full content of data packets, not just headers. Governments like China use DPI to detect and block VPN traffic. VPNs counter this with obfuscation technology that disguises VPN traffic as regular HTTPS.
Related:ObfuscationGreat FirewallCensorship
DNS
Domain Name System, the internet's phone book that translates domain names (like google.com) into IP addresses. VPNs run their own DNS servers to prevent your DNS queries from being intercepted or logged by your ISP, a vulnerability known as DNS leak.
Related:DNS LeakIP Address
DNS Leak
A security flaw where DNS queries are sent outside the VPN tunnel to your ISP's DNS servers, revealing which websites you visit despite being connected to a VPN. Reputable VPNs prevent DNS leaks by running private DNS servers and forcing all DNS queries through the encrypted tunnel.
Related:DNSIP LeakKill Switch
Double VPN
A feature that routes your traffic through two VPN servers instead of one, encrypting your data twice. Also called Multi-Hop. This adds an extra layer of privacy because even if one server is compromised, your traffic is still encrypted. NordVPN, Surfshark, and Proton VPN offer this feature.
Related:Multi-HopEncryption

E

Encryption
The process of converting readable data into an unreadable format using mathematical algorithms. VPNs use encryption to make your internet traffic unreadable to anyone who intercepts it, including your ISP, hackers on public Wi-Fi, and government surveillance.
Related:AES-256ChaCha20Cipher

F

Five Eyes
An intelligence-sharing alliance between the US, UK, Canada, Australia, and New Zealand. These countries share surveillance data with each other. VPN providers based in Five Eyes countries may face more government pressure to hand over user data, though a verified no-logs policy means there is nothing to share.
Related:JurisdictionNo-Logs PolicyPrivacy

G

Geo-Blocking
The practice of restricting access to content based on the user's geographic location, determined by their IP address. Streaming services like Netflix, Hulu, and BBC iPlayer use geo-blocking to enforce content licensing agreements. VPNs bypass geo-blocking by changing your apparent location.
Related:IP AddressStreamingUnblocking
Great Firewall
China's sophisticated internet censorship system that blocks access to many foreign websites and services including Google, Facebook, YouTube, and most VPN providers. It uses deep packet inspection, DNS poisoning, and IP blocking. VPNs with obfuscation can bypass the Great Firewall.
Related:Deep Packet InspectionObfuscationCensorship

I

IKEv2/IPSec
Internet Key Exchange version 2 with Internet Protocol Security. A VPN protocol known for stability and fast reconnection, particularly on mobile devices. Its MOBIKE extension seamlessly handles network changes between Wi-Fi and cellular data.
Related:VPN ProtocolWireGuardOpenVPN
IP Address
A unique numerical label assigned to every device connected to the internet (e.g., 192.168.1.1 for IPv4 or 2001:db8::1 for IPv6). Your IP address reveals your approximate location, ISP, and can be used to track your online activity. A VPN replaces your IP with the VPN server's IP.
Related:DNSIP LeakGeo-Blocking
IP Leak
A security vulnerability where your real IP address is exposed despite being connected to a VPN. This can happen through WebRTC leaks, DNS leaks, or IPv6 leaks. Reputable VPNs include leak protection for all three vectors.
Related:DNS LeakWebRTC LeakKill Switch

J

Jurisdiction
The country where a VPN company is legally incorporated, which determines what laws apply to user data handling. Privacy-friendly jurisdictions include Panama (NordVPN), British Virgin Islands (ExpressVPN), Switzerland (Proton VPN), and Romania (CyberGhost). These countries have no mandatory data retention laws.
Related:Five EyesNo-Logs PolicyData Retention

K

Kill Switch
A VPN feature that automatically cuts your internet connection if the VPN drops, preventing your real IP address from being exposed. Essential for torrenting and any activity where IP exposure could be harmful. Both network-level and app-level kill switches exist.
Related:IP LeakDNS LeakTorrenting

L

Latency
The time delay between sending a request and receiving a response, measured in milliseconds (ms). Also called ping. VPNs add some latency due to the extra routing hop, typically 2-15ms for nearby servers and 30-80ms for distant servers. Lower latency is critical for gaming.
Related:PingSpeed TestGaming VPN

M

Multi-Hop
Routing your VPN connection through two or more servers for additional privacy. Same concept as Double VPN. If the first server is compromised, your traffic is still encrypted by the second server. Surfshark, NordVPN, and Proton VPN offer multi-hop connections.
Related:Double VPNEncryptionPrivacy

N

No-Logs Policy
A VPN provider's commitment to not record any user activity, connection timestamps, IP addresses, or browsing data. The strongest no-logs claims are verified by independent audits (NordVPN, ExpressVPN, Surfshark) or proven in court (PIA). Always verify claims through audit reports.
Related:PrivacyJurisdictionAudit

O

Obfuscation
Technology that disguises VPN traffic as regular HTTPS traffic, making it undetectable by deep packet inspection. Essential for using VPNs in countries that block VPN connections like China, Russia, and Iran. NordVPN, ExpressVPN, and Surfshark offer obfuscated servers.
Related:Deep Packet InspectionGreat FirewallCensorship
OpenVPN
An open-source VPN protocol that has been the industry standard since 2001. Supports both TCP (reliable, firewall-friendly) and UDP (faster) modes. With 600,000+ lines of code, it is more complex than WireGuard but has a longer track record and more versatility.
Related:VPN ProtocolWireGuardTCPUDP

P

P2P
Peer-to-peer networking, where devices communicate directly without a central server. Used in BitTorrent file sharing. P2P exposes your IP address to other peers, making a VPN essential for privacy. Not all VPN servers support P2P traffic -- look for P2P-optimized servers.
Related:TorrentingPort ForwardingKill Switch
Ping
The round-trip time for data to travel from your device to a server and back, measured in milliseconds. Lower ping is better, especially for gaming. VPNs typically add 2-15ms of ping to nearby servers.
Related:LatencySpeed TestGaming VPN
Port Forwarding
Allowing incoming connections to reach your device through the VPN. Useful for torrenting (increases download speeds), hosting game servers, and remote access. PIA and Windscribe offer port forwarding. NordVPN and ExpressVPN do not.
Related:P2PTorrentingNAT

R

RAM-Only Servers
VPN servers that run entirely in RAM with no hard drives. All data is wiped when the server is rebooted, making it physically impossible to extract stored user data. ExpressVPN (TrustedServer), NordVPN, and Surfshark use RAM-only servers.
Related:No-Logs PolicyPrivacySecurity

S

Smart DNS
A technology that reroutes only your DNS queries to change your apparent location, without encrypting your traffic. Faster than a VPN for streaming but provides no encryption, privacy, or security. Some VPNs include Smart DNS as a feature (ExpressVPN MediaStreamer).
Related:DNSStreamingGeo-Blocking
Split Tunneling
A VPN feature that lets you choose which apps or websites use the VPN and which use your regular connection. Useful for accessing local services (banking, printers) while keeping other traffic encrypted. Most major VPNs support split tunneling on Windows and Android.
Related:VPNEncryption
SSL/TLS
Secure Sockets Layer / Transport Layer Security, encryption protocols used to secure web traffic (HTTPS). While SSL/TLS protects individual website connections, a VPN encrypts all your internet traffic and hides your IP address, providing more comprehensive protection.
Related:EncryptionHTTPSOpenVPN

T

Throttling
When your ISP deliberately slows down certain types of traffic, such as streaming, torrenting, or gaming. ISPs throttle to manage network congestion or discourage bandwidth-heavy activities. A VPN prevents throttling by encrypting your traffic so your ISP cannot identify what you are doing.
Related:BandwidthISPSpeed

V

VPN
Virtual Private Network, a service that encrypts your internet traffic and routes it through a server in a location of your choice. This hides your IP address, prevents ISP tracking, secures public Wi-Fi connections, and allows access to geo-restricted content. VPNs use protocols like WireGuard, OpenVPN, and IKEv2.
Related:EncryptionIP AddressVPN Protocol
VPN Protocol
The set of rules and methods a VPN uses to create the encrypted tunnel. Major protocols include WireGuard (fastest), OpenVPN (most versatile), IKEv2/IPSec (best for mobile), Lightway (ExpressVPN), and NordLynx (NordVPN). Each has different trade-offs between speed, security, and compatibility.
Related:WireGuardOpenVPNIKEv2/IPSec

W

WebRTC Leak
A browser vulnerability where WebRTC (Web Real-Time Communication) can expose your real IP address even when connected to a VPN. Firefox, Chrome, and Edge are susceptible. Most VPN browser extensions block WebRTC leaks, or you can disable WebRTC manually in browser settings.
Related:IP LeakDNS LeakBrowser Extension
WireGuard
The newest and fastest VPN protocol, using only 4,000 lines of code compared to OpenVPN's 600,000+. Built into the Linux kernel since 2020, WireGuard uses modern cryptography (ChaCha20, Curve25519) and delivers 2-3x faster speeds than OpenVPN. It is the default protocol for most major VPNs in 2026.
Related:VPN ProtocolChaCha20OpenVPNNordLynx

Learn More

VPN protocols explainedVPN guidesVPN reviewsBest VPN for privacy