QUICstep successfully circumvents the GFW's QUIC SNI censorship (active since April 2024) in live testing. Using an Alibaba VM in mainland China as client and an AWS instance in North Virginia as server, a native QUIC client was blocked after several fetches of youtube.com SNI, while QUICstep consistently succeeded across 50 consecutive fetches. 7 tiktokcdn.com subdomains that were QUIC-SNI blocked were also reliably accessible via QUICstep. The approach routes only QUIC long-header (handshake) packets through a WireGuard tunnel; all subsequent short-header (data) packets travel the native path.

As of October 2024, 22% (~220K) of Tranco top-1M domains support QUIC; of those, only 12.8% (~28K) are fully QUICstep-compatible (support IP-address migration). However, port-migration support grew 20% in 3 months (26,234 → 31,262 domains from August to late September 2024). Cloudflare hosts 74.6% of QUIC-supporting domains but only 0.2% support connection migration; if Cloudflare enabled it, 87.2% of QUIC-supporting domains would become compatible. Among QUIC-SNI-blocked domains in China (28,458 total), 2,404 (8.45%) support QUIC and 828 (34.4%) of those are QUICstep-compatible today.

§4.2, Table 1, Fig 3 deployment

A censor attempting to block QUICstep by dropping all QUIC connections that arrive without a preceding Initial/Handshake packet would cause significant collateral damage. Analysis of 24-hour campus traces (3,786,050 unique QUIC connections) found 29.1% (1,100,439 connections) lacked QUIC Initial or Handshake packets—representing legitimate connection migration from mobile handoffs and similar events. This high baseline rate means blanket "no handshake" blocking would disrupt roughly 1-in-3 QUIC connections unrelated to circumvention.

§5 (Blocking all QUIC connection migrated traffic) detection

QUICstep reduces proxy (handshake channel) traffic by a median of 93% across 100 tested domains compared to full VPN tunneling. For www.youtube.com specifically, proxy traffic dropped from 3.634 MB (full VPN) to 96 KB (QUICstep), a 97.4% reduction. Page load time improved by up to 84% versus full VPN. Performance gain is greatest when the handshake channel is bandwidth-limited (1–5 Mbps): QUICstep/VPN ratios of 0.07–0.09 at 1 Mbps, 0.34–0.46 at 5 Mbps from London to nearby proxies. Psiphon's free tier (2 Mbps) and Tor (~10 Mbps median) are both well within the bandwidth regime where QUICstep provides substantial gains.

§4.4.3, Fig 7, Table 2 evaluation

Since April 7, 2024, the GFW decrypts every QUIC client Initial packet at China's national border and blocks connections whose TLS ClientHello SNI matches a QUIC-specific blocklist. Blocking takes the form of dropping all subsequent UDP packets sharing the same (src-IP, dst-IP, dst-port) 3-tuple for 180 seconds—with no RST injection. The GFW applies a source-port heuristic: packets with src-port ≤ dst-port are not inspected, capturing >92% of real QUIC client Initials while processing only ~30% of all UDP traffic. The QUIC blocklist contains 58,207 unique FQDNs (Tranco, Oct 2024– Jan 2025), approximately 60% of the DNS blocklist in size; 33% of blocked FQDNs do not actually support QUIC, suggesting the list was derived from an existing domain-name blocklist rather than live QUIC service discovery.

2025-zohaib-quic-sni §3 / §3.1 / §3.3 / §4 http3-quic-blockdpisni-blocking

Russia's TSPU ("Средства противодействия угрозам") system is deployed inline at individual ISP edges rather than at centralized internet exchange points, producing substantial per-ISP heterogeneity: some providers apply layer-7 SNI/Host filtering while others rely primarily on IP-prefix blocklists, and QUIC/HTTP3 is blocked at several major providers. Rollout timing and enforcement depth vary measurably across autonomous systems, meaning a single "Russia passes/fails" test fixture systematically underestimates blocking coverage.

2024-xue-tspu-russia §4–§5 sni-blockingdpihttp3-quic-blockip-blocking

The paper identifies a fundamental architectural vulnerability in single-IP circumvention designs: a relay must generate new observable flows (via DNS or TLS SNI) to reach end services after receiving client connections, creating a detectable server-and-client behavioral contrast. A relay accessing user-facing domains (news, social media) scores high on a Relay Suspicion Score (w=0.9) versus infrastructure domains (w=0.1). The paper argues this host-level signal is censorship-invariant and cannot be concealed by link obfuscation.

2026-almutairi-server §2.4, §4 traffic-shapedpisni-blocking

Article 19 documents that Iran's National Information Network (NIN / SHOMA) was designed with explicit reference to China's Great Firewall as a model, with institutional mirroring: Iran's Supreme Council of Cyberspace parallels China's Cyberspace Administration of China, and both governments share a "cyber sovereignty" doctrine used to justify domestic content controls and cross-border technology transfer. The report frames Iran's filtering infrastructure as deliberately architected to replicate GFW capabilities, not as an independently developed system.

2026-article19-tightening-the-net §2, §3 dpisni-blockingdns-poisoningip-blockingbgp-hijackthrottling

The report maps specific Belt and Road Initiative Digital Silk Road projects through which Chinese technology vendors have transferred censorship and surveillance infrastructure to Iran, including fiber backbone investments, data-center co-location agreements, and equipment supply chains. Specific vendors named include Huawei and ZTE as network infrastructure providers, with the report noting that equipment exports include filtering-capable hardware that Iran's ISPs have deployed at network choke points.

2026-article19-tightening-the-net §4, §5 dpisni-blockingthrottling

The largest single source of censored domains in the GNL is MESA lab's SNI monitoring dataset (E21-SNI-Top200w.txt) containing 57,362 censored domains, and E21-SNI-Top120W-20221020.txt with 36,467 domains—totaling over 93K domains from network tap data alone for a single country (E21 = Ethiopia per InterSecLab attribution). A separate Xinjiang dataset (XJ-CUCC-SNI-Top200w.txt) contains 13,604 domains. These datasets "do not seem to come from popular domain lists, and instead appear to be gathered from network taps," confirming that Geedge builds censorship target lists directly from passive traffic observation.

2026-sheffey-geedge §4.2, Table 3 dpisni-blockingmeasurement-platform