WingNews logo WingNews
top | item 41173646

(no title)

elisbce | 1 year ago

Unfortunately it's not gonna work. The GFW periodically disturbs/resets any persistent or large-enough traffic to IPs outside of China and bans them. That's why even if you have the best obfuscation protocol (like setting up your own server outside with truly indistinguishable traffic like a normal HTTPS), you still cannot have stable connections with large traffic. The current reliable ways of evading GFW are using IPs inside China via non-GFW controlled IEPL connections. These are loopholes deliberately left by GFW in order for certain legit use cases to bypass them (like research / big international corps etc.)

discuss

order

iforgotpassword|1 year ago

Might depend on provider? I have a single endpoint and no such issues. Transferring multiple GBs on some days. I'm using a custom protocol though that's basically udp but with the tcp protocol number in the ip next protocol field. I'm simply ignoring any injected rst packets etc.

elisbce|1 year ago

Yes, depends on a lot of factors like provider (different telecoms have different network settings/policies), location (GFW is multi-tiered with at least provincial boundaries, certain cities/provinces might have tighter control/policies), time/date (e.g. sensitive periods), etc. But what I'm saying is that traffic analysis is really effective. A single IP with multiple GBs on a day is on the low end and thus probably fine. GFW target potential VPN-like services which have much higher aggregate traffic over a period of time. If you have higher traffic it could trigger IP bans regardless of your custom protocol. I had custom servers setup like yours before and they die mysteriously sometimes so I had to rotate once in a while on new IPs.

codedokode|1 year ago

Can VPN providers rotate used IPs faster than they are blocked or it is too expensive?

elisbce|1 year ago

I'm sure they have monitoring services to detect banned IPs and rotate on new IPs. However, in my experience, the most popular VPN providers are actually not specialized in evading GFW despite what they claim. During sensitive periods of time, most of the them couldn't be connected reliably. Those providers specializing in providing GFW evasion are called 'airports' or 'ladders' in the Chinese community and they use custom non-VPN protocols and tools for their services.

EVa5I7bHFq9mnYK|1 year ago

How much is "large", ballpark?

elisbce|1 year ago

I had custom servers banned randomly in the ballpark of 100 GB / day, but your mileage may vary.