I run a few webtunnel bridges and recently got feedback from users in Turkmenistan that the bridge stopped working. DNS resolution still works but users get “connection refused” when connecting. I quickly rotated the IP and it started working again. Every time I do that it seems to work for about 10 days before getting blocked again. My bridge is distributed via “setting”. It also offers fake/additional SNIs.
Not sure if they run some fingerprinting/DPI or if they discovered the DNS name. Is something known about that? Any idea what I should do? Changing DNS would cut off all users. Or do I just keep rotating the IP periodically?
I have too been asked to change IP on my web tunnels, not easy with some ISPs. Changing IPv6 easier but within the limited net-mask range they may well have blocked. I never heard if IPv6 connections work to get past the block,
One of webtunnels has escaped this blocking so far
I run bridges on domestic fiber connections which rotate all 30-90 days. But you can force it at any time.
The user I talked to does not seem to able to connect to IPv6 at all from TM. I asked him to check how large the block is but since it never works this does not seem to help.
Hello yes I’ve been helping someone too and it would appear that the DNS servers there are poisoned so I gave the person some mainstream DNS servers and it worked. Thing he couldn’t get was that he could get a ping response using an IP address but when connecting using the domain name it wouldn’t connect. He was happy
