[ggm]

I used SSH SOCKS tunnels with stubby to keep myself online inside China's state firewall two recent trips. commercial VPN are routinely slowed down or blocked, if you have the luxury of an SSH enabled host "outside" you can use, Stubby and this are good, to get around DNS rewriting tricks and port/ip filters.

Yes, you have have slower paths, trombone paths. But in the circumstances I was in, Stubby was a godsend.

Also check out the dns security option in Android Pie.

[computerfriend]

This is surprising, as I've had my SSH connection throttled from within China.

[bogomipz]

Interesting. Can I ask what you used for your SSH host so that latency was bearable?

[ggm]

A node in Brisbane. I checked path, the AS path was pretty tight, china-telecom to telstra-reach and then into the IX where I have a FreeBSD host. I was testing web speeds to the company on non-SSH/SOCKS paths, they were pretty bad oddly, quite heavily asymmetric, via the US and Japan and in some cases Europe. China-Australia via Europe is not very optimal.

It has to be said if you're trying to bypass DPI, speed isn't your main concern. I tolerated pretty low packet rates. If I had to VOIP it would have been awful