rage2thenight - Tumblr blog

rage2thenight · 6 years ago

Text

make jigsaw’s outline work better in china

Outline is a VPN tool created by Google's Jigsaw. The difference between Outline and other VPN service is that, Outline is not a service. It’s a tool that helps you create your own VPN service. Thus, it’s more reliable and you have more control over it.

Especially in China. If you work in China, you may find VPN works slow all the time, or connection error may occur in certain times in a year, which makes it very hard for you to do your work. Also, it can cost a great amount of money to purchase vpn services like Astrill or NordVPN.

Here’s how you can set up a reliable and fast VPN service for yourself, with Jigsaw’s Outline and servers from Bandwagon, in a relatively low price.

i. Rent a server

Here’s something you need to notice before you rent a server outside China. If you rent a server from DigitalOcean, you may find the connection to china getting slower in months. It’s because the connection to the server is not optimized for China.

Speaking from personal experience, Bandwagon’s servers work faster and more reliable in China. Not every server, but those servers labeled as “CN2” or “CN2-GIA”.

Step 1:

To rent a server, first register an account on Bandwagon. Click the “Register” on the top-right corner of the webpage.

After you do so, click here to order a CN2 server.

It’s recommended that you order the server during Black Friday, so that you may pay a lower price.

Outline doesn’t require too much RAM. Even 256MB is fine.

Click “order now” to complete the order.

Step 2:

Click “my services” to find the server you just ordered. Click “kiwivm control”.

Click “install new os” and choose the newest version of Ubuntu.

Click "Root password modification” and generate a new password.

Save the password to a safe place (you will need it later).

Click “main control”. Copy your IP address and SSH port. You will need these info later.

ii. Install Shadowsocks on your server

Step 1:

Buy “hyperapp” on your iPhone. Click “servers” then click the red “+” button. Manually add the server, with the “IP address”, “SSH port”, username (type in “root”) and “password”. You may name the server however you want.

Step 2:

After you add the server, click “store” and "Shadowsocks-libev”. Select your sever and click “create”.

Port: type in a number from 0 to 65535.

Password: create a complicated password. You don’t need to remember it. You may create it with lastpass.

Encryption method: it’s recommended that you choose "chacha20-ietf-poly1305” because it’s more secure.

OBFS: choose tls. In the failover section, type in “bing.com” or some other foreign website that isn’t blocked in China.

Leave the other sections blank.

Step 3: click “apps”. Find “shadowsocks-libev” and click the server name. Choose “install”. Wait a few seconds till the installation is over.

Step 4: click the server name and select “QR code”. Long press the “ss://……” and copy it. Save it to a safe place as you will need it later.

iii. Some extra work

The service is ready to use now but here’s some steps you can make it faster and more reliable.

Step 1: install bbr on you server to make the connection faster.

Click “server” and select the second icon from left to right. The icon means terminal.

Type in (after each line, press “enter”):

sudo apt update

sudo apt upgrade

sudo apt-get install linux-generic-hwe-18.04

In "sudo apt-get install linux-generic-hwe-18.04”, “18.04” is the version of Ubuntu you installed. If the version is not “18.04”, feel free to change it.

Restart the server.

Type in (after each line, press “enter”):

sudo modprobe tcp_bbr

echo "tcp_bbr" | sudo tee -a /etc/modules-load.d/modules.conf

echo "net.core.default_qdisc=fq" | sudo tee -a /etc/sysctl.conf

echo "net.ipv4.tcp_congestion_control=bbr" | sudo tee -a /etc/sysctl.conf

sudo sysctl -p

sysctl net.ipv4.tcp_congestion_control

If you see "net.ipv4.tcp_congestion_control = bbr”, then it works now.

(Via imdx.me)

Step 2:

Install ftp manager from App Store. Add your server, find the file "/etc/sysctl.conf”, backup (duplicate) the current file and edit it.

Clear everything and paste the following lines:

# Kernel sysctl configuration file for Red Hat Linux # # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and # sysctl.conf(5) for more details. # # Use '/sbin/sysctl -a' to list all possible parameters.

# Controls IP packet forwarding net.ipv4.ip_forward = 0

# Controls source route verification net.ipv4.conf.default.rp_filter = 1

# Do not accept source routing net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1

# Controls the use of TCP syncookies net.ipv4.tcp_syncookies = 1

# Controls the default maxmimum size of a mesage queue kernel.msgmnb = 65536

# Controls the maximum size of a message, in bytes kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes kernel.shmmax = 4294967295

# Controls the maximum number of shared memory segments, in pages kernel.shmall = 268435456

net.core.default_qdisc=fq net.ipv4.tcp_congestion_control=bbr

net.ipv4.neigh.default.base_reachable_time_ms = 600000 net.ipv4.neigh.default.mcast_solicit = 20 net.ipv4.neigh.default.retrans_time_ms = 250

Via link

Restart the server in hyperapp.

iv. Install Outline on your device

Step 1:

Install Outline on your iPhone , Android phone, PC, Linux machine or MacBook.

Step 2:

Copy "ss://“ from hyperapp. Open Outline, it will notify you to add the server you just copied.

Step 3:

Click “connect”. You are all set!

-------

If you have any issues, feel free to contact me on Tumblr.

#Outline #VPN #Shadowsocks #China

0 notes