Question (this is not a bug)

[AKotov-dev]

Hello, friends. Thank you for your great work. I do not have a bug report, however, if it is not too much of a burden to you, given your vast experience, I would like to get advice on the following issues...

In Russia, along with the blocking of OpenVPN/WireGuard/free media/etc, there is also a blocking of vital resources (Intel, LinkedIn, etc). For this they even invited a group of 40 Chinese comrades. Therefore, the majority of still sane people are increasingly looking towards XRay-Core and everyone is saving themselves from insanity as best they can, and I am no exception.

For myself and my family I made a kind of gateway on LiveUSB - SocksGW (DNSCrypt+XRay+Tun2Socks+iptables+etc) with the possibility of installation and I want to know the following:

1. In China, how often do you have to change the connection from one server to another (or change the connection protocol/configuration) as a result of blocking? I’ll rephrase the question if I don’t understand it (I have problems with English): how long can the connection work before it is blocked? How soon will it be blocked?

2. Is there a mechanism in XRay-Core that would allow automatic reconnection of working configurations from a certain list in case of blocking?

3. Which blocking is more powerful: in China or in Iran?

Perhaps these questions are naive, but for the overall picture of what is happening, I would very much like to know about this. Thank you.

Sincerely, Alex

[randomguy-on-internet]

good one brah!

[AKotov-dev]

@randomguy-on-internet Oops! I didn't really notice a separate section. Because of the many incomprehensible symbols, my eyes looked in different directions, then I experienced excitement and out of fear I published everything here. Thanks for pointing this out.

[chika0801]

Is there a mechanism in XRay-Core that would allow automatic reconnection of working configurations from a certain list in case of blocking?

The xray-core configuration should not have the features you want. You mean for example you are connecting to VPS1 with high latency and you want to automatically switch to your other VPS2. If it works like that, there are usually some users in China who use CLASH (CLASH-META) core as a client. There are such functions in here.

Which blocking is more powerful: in China or in Iran?

https://github.com/net4people/bbs/issues

Iran they have a number of internet operators, some with very tight blockades, and there are a number of discussion threads you can search for in the link above.

We think Iran has a tighter blockade than China.

In China, how often do you have to change the connection from one server to another (or change the connection protocol/configuration) as a result of blocking? I’ll rephrase the question if I don’t understand it (I have problems with English): how long can the connection work before it is blocked? How soon will it be blocked?

If you want to know when a VPS IP or port is blocked in mainland China in the form of what protocol (combination).

My opinion: SS+TCP Blocked fast, blocked IPs VMESS+TCP Same as above

Combination with TLS, encounter blocked ports, IP blocked with little feedback vmess+ws+tls trojan/vless+tcp+tls

UDP classes such as hysteria2 tuic are not widely reported at this time.

If you ask about the speed of VPS to mainland China from outside mainland China, there are a number of merchants selling VPS (usually Chinese are the owners). They advertise it as a line optimised for speed from abroad to mainland China. Some of the terms are CN2GIA AS9929 AS4837. Usually Chinese people will buy VPS with this optimisation to get more stable and fast speed.

If you don't use this type of VPS, TCP transport type of proxy protocol is not fast enough, we will try to use UDP type of protocol like hysteria2.

[AKotov-dev]

Hello, chika0801. Thank you very much for your detailed answer. This is very useful information and now I will need some time to study it in detail. Please understand that these questions are related to the fact that the Internet in Russia will most likely use the Chinese model, but we all have to prepare for the worst (Iran).

And the last question, if it doesn’t bother you, dear chika0801... Do you think that the 40 specialists who came from China will be able to make in Russia a complete analogue of the “Great Firewall of China” in Russia? In other words, is it realistic to implement from scratch in Russia an analogue of what exists in China today? Thank you.

[chika0801]

And the last question, if it doesn’t bother you, dear chika0801... Do you think that the 40 specialists who came from China will be able to make in Russia a complete analogue of the “Great Firewall of China” in Russia? In other words, is it realistic to implement from scratch in Russia an analogue of what exists in China today? Thank you.

I'm not sure if this type of information reported in your country (40 experts from China) is true.

In the time period around October last year, some people claiming to be Chinese firewall project providers let us (Chinese netizens) in on some information when they replied on telegram and github's net4people (provided you believe these people are telling the truth).

The information, which I now briefly recall, was that each large city (region) in China has a different level of firewall strictness, and each large city (region) has a different service provider. China's firewalls are divided into large cities (regions) level, and international export level (national projects) and so on. An interesting piece of information at the time was that some of these service providers said that they had purchased some of the technology (algorithms) from Russian companies. This is a huge market and there are business opportunities out there.

If you are in a city area with a lot of foreign trade business, multinational international companies business, the strictness may be less. Too strict a blockade in China has some mutual conflict with economic growth. Each local city extracts a different percentage of traffic, and similarly strict areas extract a higher percentage of traffic.

Maybe some of the more powerful netizens in your country will develop your own proxy protocols in the future.

In addition, when it comes to business opportunities, there are many ordinary netizens in mainland China who don't know how to buy a VPS by themselves, install a proxy programme by themselves, and don't know the basics of LINUX operation, and they buy some proxy services provided by other private individuals. We call this kind of service "airport", and the owner is called "airport owner".

This type of service, the use of the type of protocol is SS/VMESS TCP and so on. Usually the user connects to a VPS in mainland China using the above mentioned protocols. This VPS is connecting to a region outside mainland China. This VPS we call transit. Clients use the CLASH kernel a little more, because the CLASH kernel is more suitable for airports this kind of service merchants, merchants will be I provide many countries as the final server for the selling point to promote.

The remaining very small part of the Chinese netizens, is to buy their own VPS, domain name, their own LINUX foundation to install and maintain their own.

Large companies that apply to the government for international internet access through formalities are not in the situation I mentioned above. (Usually, the average Chinese people can rarely use this kind of formal Internet access power).

Of course China's public security police agencies have been arresting, and cracking down on, such airports and airport owners. But because the benefits are so great, many new airports continue to open to solicit customers.

[AKotov-dev]

It's amazing. Thank you, I learned a lot of interesting and useful things. I will definitely share this information among our users so that they have a general idea and what to prepare for. I apologize for posting my questions in the Issue section. Thanks again for the answers. I wish you success in the development of your projects. All the best.

Sincerely, Alex

p.s. I probably won’t close the topic myself, since you will most likely move it somewhere or delete it. 再见！

[RPRX]

Combination with TLS, encounter blocked ports, IP blocked with little feedback

这句英文有歧义，建议加个分隔词