Recently I’ve been looking at various proxy/tunneling options that can’t be easily detected by firewalls.
I’ve found a bunch of stuff, but I’m struggling to understand how everything work. I found dozens of differtent protocols, some open, other proprietary; some have multiple names while some names refer to multiple protocols… Most open source projects I found have a vague, non-technical description of what they are and do. And most “free proxys” I can find that use these protocols, don’t give enough details to let me configure my local endpoint (wtf?).
I’m a software engineer / Linux sysadmin and got a decent understanding of networking (protocols: IP, TCP, UDP, HTTP(S)… software: SSH, OpenVPN, WireGuard, iptables, Nginx, Apache… encryption: simmetric, asymmetric, certificates… routing, NATting, and so and so forth).
I’d like to understand how proxy-related technologies work; not in a super detailed way, just enough to understand what kind of data my proxy endpoint sends: is it encapsulated into any other application layer protocol? does it incapsulates other protocols’ data within its payload? how does it handle the routing?
Could anyone give me an overview of the various protocols, like: Shadowsocks (AFAIK it’s just a SOCKSv5 implementation that sends its data in the payload of an HTTP connection?), ShadowsocksR, V2Ray, XRay, XTLS, VMess, VLess, Trojan, Naive, Hysteria, Mieru, Psiphon, Eclipse, StealthVPN etc? Are there any others I should be aware of?
And to conclude, why is this stuff so complicated? The various protocols are considerably different from each others, or is this just a case of different people implementing similar things in different ways and thus resulting in an XKCD 927 sort of situation?