VPS Blocked by GFW

1 minute read

My VPS, located in San Jose, could not be reached in last Friday. Website, SSH as well as ping didn’t work. And all of them worked fine if connected to an VPN. It looked like having been blocked by GFW.

But I’d done more digging. I did a traceroute on my Mac to it, which got me a strange result: the time out occured on the 16th hop, against usually on the first one or two hops. And the timeout occured on a router with an ip starting with ‘172’. That’s an IP range for LAN! I wondered if there was a misconfiguration on that router. I asked an friend, who is a SA. He suggested it was that router’s problem.

Only until the day after was I told by another SA that private IP address range showing up in tracert wasn’t necessary a problem. There could be some private network connections between routers, though not very often seen. Then I tried to trace the next IP address to mine one. That IP worked, with the 172.x.x.x IP address in the path.

Actually it was GFW’s work. This article explains everything. The timeout happening in American router node was caused by the one-way block algorithm of GFW.

Categories: Internet, Tech