Protocol comparison: the full breakdown.

Not all VPN protocols are created equal. In China, the protocol IS the product. Here's every protocol that matters, with real-world data.

At a Glance

Quick comparison

Protocol GFW Detectability Speed China Success Rate
VLESS+Reality+Vision Undetectable Excellent ~98%
Hysteria2 (QUIC) Low Very Good ~81%
Trojan Low-Medium Good ~75%
Shadowsocks (AEAD) Medium Good ~60%
WireGuard High Excellent <20%
OpenVPN Very High Moderate <10%
Deep Dive

Protocol by protocol

VLESS + Reality + Vision

2022+ TCP (port 443) ~98% success

The gold standard. Reality replaces TLS certificates with the real target site's cert, making connections cryptographically identical to normal HTTPS. Vision adds flow control to match browsing patterns. Active probes get forwarded to the real destination.

Strengths

  • Undetectable by DPI
  • Active probe immune
  • Near-native speed
  • No custom certs needed
  • Uses TCP port 443 (standard HTTPS)

Weaknesses

  • Newer protocol -- smaller community
  • Requires Xray-core on server
  • TCP head-of-line blocking (minor)
Used by: KookVPN

Hysteria2 (QUIC)

2023+ UDP (QUIC) ~81% success

Uses QUIC (UDP-based) for multiplexed, encrypted connections. Fast and resilient to packet loss. However, China ISPs heavily throttle UDP traffic, especially China Mobile. Best as a fallback protocol.

Strengths

  • Multiplexed connections
  • Fast on reliable networks
  • Good packet loss handling
  • Built-in congestion control

Weaknesses

  • UDP is throttled/blocked by ISPs
  • QUIC fingerprint detectable
  • Struggles on China Mobile
  • Less reliable than TCP protocols
Used by: Some self-hosted users

Trojan

2020+ TCP (TLS) ~75% success

Mimics HTTPS traffic by wrapping the proxy inside a real TLS connection. Effective against passive DPI but vulnerable to active probing -- the server responds differently than a real web server.

Strengths

  • Good DPI bypass
  • Looks like HTTPS
  • Moderate speed overhead
  • Wide client support

Weaknesses

  • Vulnerable to active probing
  • Uses custom TLS certs (detectable)
  • Server fingerprint differs from real sites
  • Declining effectiveness in China
Used by: Various proxy providers

Shadowsocks (AEAD)

2015+ TCP/UDP ~60% success

The original Chinese censorship circumvention tool. Was effective 2015-2020 but the GFW now detects it via statistical traffic analysis and replay attacks. Still works intermittently but no longer reliable.

Strengths

  • Lightweight
  • Good speed
  • Large community
  • Many clients available

Weaknesses

  • Detectable via statistical analysis
  • Vulnerable to replay attacks
  • Active probing defeats it
  • Declining success rate year over year
Used by: Legacy proxy users, outline

WireGuard

2018+ UDP (custom) <20% success

Technically superior protocol with excellent speed and modern cryptography. However, its unique UDP handshake pattern is trivially identifiable by DPI. Gets IPs burned within hours in China.

Strengths

  • Fastest VPN protocol
  • Modern cryptography
  • Small codebase
  • Low overhead

Weaknesses

  • Instantly detected by GFW
  • Unique handshake pattern
  • Burns IPs within hours
  • Not designed for censorship bypass
Used by: NordVPN (NordLynx), Surfshark, Mullvad

OpenVPN

2001+ TCP/UDP <10% success

The oldest and most widely deployed VPN protocol. Its traffic signature has been in the GFW's blocklist since 2018. Heavy encryption overhead and well-known packet structure make it the easiest protocol to detect and block.

Strengths

  • Battle-tested
  • Widely supported
  • Configurable
  • Open source

Weaknesses

  • Blocked in China since 2018
  • Heavy overhead
  • Known signature
  • Slow on mobile
Used by: Most commercial VPNs as fallback

Use the protocol that actually works.

VLESS+Reality+Vision. 98% success rate. 7-day money-back guarantee.

Get KookVPN Now See How It Works