In 2026 China, Iran and Russia all block traditional VPN protocols within minutes of widespread adoption. WireGuard packets have a distinctive 4-byte header. OpenVPN has a specific handshake fingerprint. Even Shadowsocks gets caught once enough users adopt it. Reality is fundamentally different: it doesn't look like a VPN at all. It looks like an ordinary HTTPS connection to a real major website — and that's exactly the point.
What Reality actually is
Reality is a TLS 1.3 transport developed by the Xray-core project in 2023 as the successor to TLS-with-uTLS-fingerprinting. The core innovation: instead of trying to hide that you're using TLS, you use real TLS to a real website you don't own. The VPN server impersonates the TLS handshake of a third-party SNI target (commonly microsoft.com or cloudflare.com) using the target's actual certificate chain mid-handshake.
From the censor's perspective, your connection is indistinguishable from a real user browsing microsoft.com. DNS resolves to the real Microsoft IP space. The TCP SYN, TLS Client Hello, cipher suites, ALPN extensions, JA3 fingerprint — every byte matches what Chrome would emit. There is no proprietary handshake, no novel protocol identifier, no extra RTT. Application data is then encrypted to your real VPN server using a pre-shared ECDH key that only the real server possesses.
Why traditional protocols fail
WireGuard
WireGuard packets begin with a fixed 4-byte type marker (01 00 00 00 for handshake init). Any modern DPI box pattern-matches that in microseconds. China's Great Firewall has blocked vanilla WireGuard since 2022. RKN's TSPU boxes started dropping WireGuard at Russian ISPs in 2024. The protocol is excellent for what it was designed for (fast site-to-site VPN on friendly networks) — terrible for hostile networks.
OpenVPN
OpenVPN's TLS handshake uses a specific certificate format and ALPN profile that doesn't match real browsers. It's the most fingerprintable mainstream VPN protocol — blocked everywhere serious censorship exists.
Shadowsocks
Shadowsocks-2022 (AEAD) is reasonable when traffic volume is low. Once it crosses a few percent of ISP traffic, statistical analysis on packet-length distributions reveals it. China blocked widespread Shadowsocks in 2022-2023. Iran is catching up.
VLESS without Reality
Classic VLESS over TLS uses the VPN server's own certificate. The first request reveals the SNI of the actual VPN host — easy to block by allowlisting only commercial CDNs and known-good domains.
How Reality actually works (step by step)
- 1. Client picks SNI target (e.g., www.microsoft.com) from a rotating allowlist.
- 2. Client performs real DNS lookup → resolves to Microsoft's actual IP. But routes the TCP connection to the VPN server IP (the SNI mismatch is invisible to most DPI; some advanced setups use a proxy hop).
- 3. Client sends Client Hello with SNI=www.microsoft.com + a hidden short_id field embedded in the session ticket — the cryptographic proof that 'I know the Reality secret for this server.'
- 4. VPN server receives the Client Hello. Checks the short_id against its own private key + valid auth window.
- 5. If valid: server completes the TLS handshake using Microsoft's REAL certificate (fetched live via the server-side ECH/cert proxy) and then routes inner data as VPN traffic.
- 6. If invalid (probing or active scan): server transparently proxies the connection to the real microsoft.com — the probe sees Microsoft's real page, finds nothing to block.
Public key vs Short ID
Each Reality server has a long-lived Ed25519 public/private key pair. The public_key is shared with clients (in the subscription URL). The short_id is a per-account 8-byte identifier that lets the server multiplex many users on one Reality endpoint. NexTunnel rotates short_ids weekly so even passive long-term traffic correlation can't fingerprint individual users.
Why per-server keys matter
NexTunnel generates a unique Reality keypair per VPN server (Helsinki, Nuremberg, Dubai, USA, Mexico). If one server's private key were ever compromised, the blast radius is one server — not the entire fleet. Competitors that share Reality keys across servers (for ops simplicity) expose every server when one leaks.
Reality vs WireGuard — direct comparison
- Packet fingerprint: Reality = identical to real TLS; WireGuard = fixed 4-byte header marker
- Blocked by GFW (China): Reality NO, WireGuard YES (since 2022)
- Blocked by IRGC (Iran): Reality NO, WireGuard YES (since 2023)
- Blocked by RKN (Russia): Reality NO, WireGuard YES (since 2024)
- Transport: Reality = TCP (TLS over 443); WireGuard = UDP
- Speed on clean network: Reality ~85% line rate; WireGuard ~95% line rate
- Speed under DPI: Reality = full; WireGuard = blocked or throttled to dial-up
- Setup complexity: Reality = medium (client must support); WireGuard = low
Real-world performance from inside censored regions
NexTunnel runs automated tests from real Iranian ISPs (MCI, Irancell, RighTel mobile + Shatel, Asiatech fixed-line) every 6 hours and from Russian residential ASNs every 12 hours. As of 2026-05-24: Reality on our Helsinki, Dubai and Nuremberg servers maintains >99% connection success and >85% of line rate throughput in both regions. Vanilla WireGuard from the same ISPs is dropped at the perimeter — 0% success.
Limitations and honest tradeoffs
- Reality is TCP-only. Slightly higher latency than UDP protocols (Hysteria2, TUIC) on clean networks. Use Hysteria2 if your network isn't censored.
- Client must explicitly support Reality. The NexTunnel native app bundles it; otherwise use Hiddify, V2Box, or sing-box.
- The SNI target you mimic must exist and be reachable by the censor. Using microsoft.com works because Microsoft is rarely blocked; using a defunct domain breaks the disguise.
- Extreme case: if a country runs full-allowlist mode (e.g., Iran's National Information Network during protest blackouts), even Reality breaks because the SNI you'd need is no longer routable. That's where MasterDnsVPN DNS-tunnel mode takes over.
How to use Reality today
Sign up for any provider that supports Reality natively — NexTunnel runs it on every server, with per-server key rotation. The 3-day free trial requires no card. Install the NexTunnel native app (Windows/Linux/Android) or use any compatible client (Hiddify, V2Box, sing-box) with the subscription URL from your dashboard. Reality is enabled by default.
Closing
Reality represents the current frontier of anti-censorship transport. It's not perfect — but it's the protocol that actually works in countries where VPNs aren't a privacy luxury but a basic communication necessity. The 3-day NexTunnel trial gives you the chance to verify it from inside your network before subscribing.