Why can we directly access Google from the web when Google cannot be pinged (SSR is turned on)
SSR visit Google
Because GFW restrictions make it impossible to directly access Google in China, why can SSR bypass the restrictions and directly access Google? First of all, we must first understand the working principle of SSR
SSR is based on SS (Shadowsocks) developed encryption agent software is actually very simple principle is to use socks5 proxy.
The socks proxy simply transmits data packets without worrying about the protocol, so the socks proxy is much faster than other application layer proxies. The socks5 proxy is to pass your network data request through a channel (the channel between you and the proxy server), which is forwarded by the server to the destination. In this process, you do not go through a dedicated channel, just the data packet is sent out, and then Received by the proxy server without additional processing in the whole process
In layman’s terms: now you have a proxy server in Hong Kong. For example, if you want to access google now, your computer sends a request, and the traffic is sent to your server in Hong Kong through the socks5 connection, and then your server in Hong Kong visits google, and then send the visit results back to your computer, so that you can overcome the wall.
After talking about this, it seems that all of this seems to have nothing to do with ping Google, don’t worry, let’s get to the point now~
As mentioned above, the core of SSR is the socks proxy, so what is socks?
###socks proxy SOCKS is a network transmission protocol, mainly used for intermediate communication between the client and the external network server. (Definition) The original purpose of the socks protocol was designed to allow authorized users to pass through the firewall restrictions (penetrating firewall)
The above are some simple introductions of socks. It doesn’t matter if you understand it or not, but the most important point is that the SOCKS protocol is the transport layer (the fourth layer). The ICMP protocol is the network layer (the third layer).
ping ==> ICMP protocol
OSI seven-layer network protocol
##Summary The reason why we can access google is to use the web through the http protocol application layer (layer 7) . The socks proxy of ssr is between the transport layer (layer 4) and the session layer (layer 5) while we are pinging , Is based on the network layer (layer 3)
As we all know: the agent of the upper layer protocol has no effect on the lower layer~
So when we try to ping Google, of course the ping fails.
But it can be accessed through http, here is a
curl demonstration after using proxy ssr
Now that we talked about this issue, why not think about how to ping Google?
When it comes to this, I have to mention VPN. When it comes to VPN, what comes to our minds is whether it’s over the wall, but it’s not. FQ is just a small function of VPN~ The main function of VPN : build a private network on a public network, Encrypted communication. The main purpose of VPN : to directly transmit encrypted data to the corporate intranet , the most important thing is security
After the computer uses VPN, all network communication goes through the proxy. Suitable for all scenarios. VPN controls the entire network of your computer
Closer to home, if we want to ping Google, it can actually be achieved through a VPN proxy.
vpn VS ssr
Features: SSR pays more attention to traffic obfuscation and privacy , while VPN pays more attention to encryption security .
Configuring VPN has certain performance requirements for the server, which is easy to be attacked and easy to be blocked. high cost. SSR has very low requirements for servers and can be built with 64M memory, which is more concealed. The cost is very low.