alvis/ai-xray
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f2a379e82239e5ea48f92a1a4b6066625af43532
ai-xray/improvement_results.md
Alvis c1bcf3d85e Add all project files, configs, scripts and results 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-08 07:09:56 +00:00

2.5 KiB
Raw Blame History

DPI Resistance Improvement Benchmark

Date: 2026-02-20 16:26 Baseline: VLESS+XHTTP+Reality, fingerprint=chrome, SNI=www.delfi.lv, path=/xt-6036d37d Latency samples per test: 20 Jitter: standard deviation of latency samples

Results

Test Avg ms P95 ms Jitter ms DL Mbps UL Mbps Notes
0-baseline 76ms 95ms 5ms 38.7 4.0 Current active config
1-fp-randomized 75ms 89ms 3ms 33.5 3.6 uTLS fingerprint rotated per connection
2-fp-firefox 73ms 76ms 0ms 24.5 2.8 Firefox uTLS profile
3-fragment-chain 75ms 79ms 2ms 30.4 3.2 TLS ClientHello split 100-200B + micro-frag 1-5B
4-host-header 74ms 77ms 1ms 27.6 3.8 HTTP Host header = www.delfi.lv
5-realistic-path 74ms 87ms 3ms 31.2 3.8 Path=/api/v2/stream + Host header
6-sni-eklase 73ms 78ms 1ms 30.7 2.3 SNI switched to e-klase.lv
7-sni-lmt 75ms 80ms 1ms 26.3 4.0 SNI switched to www.lmt.lv
8-bbr-enabled 74ms 82ms 2ms 31.3 3.4 BBR congestion control on remote

Applied Improvements

After benchmarking, the following were applied permanently to the local x-ui config:

  • juris-xhttp (chrome): host header www.delfi.lv — primary outbound
  • juris-xhttp-firefox (firefox): host header www.delfi.lv — low-jitter alternate
  • juris-xhttp-safari (safari): host header www.delfi.lv — fingerprint diversity

Note

: fingerprint=randomized was NOT applied. Reality's anti-probing rejects random TLS fingerprints (connection reset by peer). Only named browser profiles are accepted.

What Each Test Changes

  • fingerprint=randomized: uTLS fingerprint rotated per connection — defeats fingerprint-based blocking ⚠️ Incompatible with Reality — triggers anti-probing protection, connection reset
  • fingerprint=firefox: Firefox uTLS profile instead of Chrome
  • fragment chain: TLS ClientHello split into 100-200B chunks, then micro-fragmented 1-5B + noise — defeats handshake DPI
  • host header: Sets HTTP Host: header to match SNI — makes request look more legitimate
  • realistic path: Changes XHTTP path from synthetic to /api/v2/stream with matching host header
  • SNI e-klase.lv / lmt.lv: Alternative SNIs from previous benchmark (dest stays www.delfi.lv)
  • BBR: Linux BBR congestion control + larger TCP buffers on remote — improves throughput under loss
Reference in New Issue View Git Blame Copy Permalink