Experts and users noticed that on May 30-31, 2023, Russian Internet providers across the country began to block connections using the OpenVPN protocol. The first to discover the issue were specialists from Roskomsoboda (the organization is recognized as a foreign agent in Russia), as well as specialists on the ntc.party forums. Reports of the blocking have been confirmed by sources in Internet and VPN providers, as well as numerous users in the comments on the posts.
It is known that not all providers currently have problems connecting via OpenVPN, but reports of issues have come from MTS clients (mobile Internet Moscow, home Internet Chelyabinsk), Beeline (home and mobile Internet in Moscow, Kazan, Krasnodar, Novosibirsk), MegaFon, MirTelecom, Yota, Tele2, Tattelecom, Wifire (Netbynet), Dom.Ru and so on.
According to some users, blocking occurs only when connecting to servers outside the Russian Federation, while others say that connections to servers inside the country are also subject to filtering. It is assumed that the presence or absence of blocking may depend on the equipment installed by providers (technical means of countering threats, TSPU). On Habré, it is suggested that perhaps “the new filtering rules have so far been applied only on some networks or only for certain groups of subscribers in test mode.”
On ntc.party, it is written that blocking is carried out by breaking the session after sending several packets. That is, the connection is fully established, but is interrupted after a few seconds. Previously, there were some local filters that seemed to block the connection statistically, when connections from different users to the same IP address and port were exceeded, but the blocking was applied only at this particular provider, and not globally. Perhaps this is the same algorithm, only with more stringent thresholds. Filters were also in the main Vnom on mobile operators and their wired companions.
Roskomsvoboda specialists note that if the blocking continues, then “most likely we will see problems in many corporate networks.” On the evening of May 31, according to user reports, some providers stopped blocking. There have been no official comments on the situation.
