Tell HN: Tailscale is giving 451s within Russia

9 pointsposted 9 months ago
by Humorist2290

Item id: 41717465

14 Comments

user

9 months ago

[deleted]

atlasduo

9 months ago

This has been going on for a while. A year or so ago I remember Tailscale was blocking downloads of their applications from Russian IPs. HTTP 451 means "unavailable for legal reasons" so I imagine this is Tailscale trying to cover its soft spots.

bez00m

9 months ago

Can confirm. Many paid VPNs are not reliable enough as Roskomnadzor is successfully targeting them. I though that by deploying Tailscale exit node on my own server I could overcome this. Alas, not anymore.

u_sama

9 months ago

For a functional VPN with all the telecom companies you should set up a v2ray/Xray node on a close VPS in a country near your area.

It is functional as I had to set up some for some people, if you need help I can guide you through it as there are not many good English guides.

bez00m

9 months ago

Thanks for an advice, I'll have a look. Was planning to setup a Wireguard server, but things are moving in this area.

borschkharcho

9 months ago

I successfully got Headscale working on a digital ocean droplet and all is back to normal for me. It’s not too difficult lmk if you need tips.

denis0

9 months ago

Me too, but I cannot find a field for Alternate Coordination Server on client Tailscale for IOS 1.74.0

borschkharcho

9 months ago

I have 1.74.2 and it’s in the actual Tailscale app settings (not iOS settings) under Login -> top right toolbar button

user

9 months ago

[deleted]

randomopining

9 months ago

Wait so can't you just use an encrypted connection to a physical host somewhere outside of russia and then basically haave access to everything?

Humorist2290

9 months ago

Sometimes this is possible, but generally VPNs are illegal (at least that's what I was told) in Russia. The government has become increasingly active in identifying and locking users out of them, and of course users risk being dragged into the Russian criminal system.

Doing some sort of SSH tunnel to a VPS hosted elsewhere might work, might not. Plain old wireguard might work, might not. Consumer tools for technically novice users seem to be the government's priority.

chupasaurus

9 months ago

DPI there detects and blocks a good number of VPN protocols.