-
Notifications
You must be signed in to change notification settings - Fork 170
Route Traffic Through Domestic Server
Hirbod Behnam edited this page Aug 8, 2019
·
2 revisions
You can route your traffic through a domestic server to evade the DPI scans.
So in Iran if you tunnel your proxy with iptables (plain route) your servers(Both) will be blocked. If you were to obfuscate the routed traffic, you would have a better chance against censorship. Here is a small diagram to explain how it used to work and will work with obfuscating programs:
Without obfuscating programs:
Client -(MTProto Traffic)-> Domestic Server -(MTProto Traffic)-> Firewall (DPI and other stuff) -(MTProto Traffic)-> Foreign Server -> Telegram Servers
As you can see, traffic passed through Firewall is MTProto packets and can be easily identified even with random padding. More info here
What happens with obfuscating programs?
Client -(MTProto Traffic)-> Domestic Server -(Obfuscated Traffic)-> Firewall (DPI and other stuff) -(Obfuscated Traffic)-> Foreign Server -(MTProto Traffic)-> Telegram Servers
BTW this method does not work anymore in Iran; Your domestic server will be throttled.
I don't know but here is a small cons and pros:
Pros:
- Fast
- Not detectable
- Nearly easy to setup
Cons
- Not designed for tunneling
Pros:
- Super easy to setup
- Can setup SOCKS5 with it
Cons:
- Very slow speed with a lot of users
Pros:
- Very Fast (At least in my computer)
- Just like normal HTTPS
Cons
- Hard to setup
- Cannot handle a lot of connections
Pros:
- Designed for forwarding
- Easy to setup
Cons
- Your country may throttle the connection