On April 1, 2026, something unprecedented happened across China's internet underground. Thousands of proxy service users woke up to find every single node offline. Not slow. Not intermittent. Completely dead. Telegram groups exploded with panic. YouTube tech channels scrambled to explain. The term spreading across Chinese social media: "the Great Unplug" (拔线潮).
This was not a routine firewall update. Chinese authorities physically disconnected servers from data center racks — cutting the power cables and network lines of machines used to relay VPN traffic. Entire service providers vanished overnight. Users who had paid for yearly subscriptions found themselves with nothing.
If your VPN died this week, this article explains exactly what happened, why it happened, and — critically — what kind of technology can survive this.
What Happened on April 1, 2026
Starting April 1, domestic data centers across China received enforcement orders to immediately disconnect servers flagged for unauthorized cross-border traffic. The operation was coordinated, simultaneous, and physical:
- Physical disconnection — not IP blocking, not throttling, but literally unplugging network cables and powering down machines in data center racks.
- Scope — multiple IDC (Internet Data Center) providers across Guangdong, Shanghai, Beijing, and other provinces. Even some Hong Kong relay nodes were affected.
- Method — authorities had previously purchased subscriptions to popular proxy services, extracted server IP lists, traced them to hosting providers via ISP reporting mechanisms, then ordered simultaneous disconnection.
- Result — proxy services relying on domestic relay infrastructure experienced 100% node failure within hours. No recovery possible — the hardware was physically offline.
This was not random. Investigations revealed that since May 2025, enforcement agencies had been systematically purchasing proxy subscriptions, mapping relay server locations, and building disconnection lists. April 1 was execution day.
Why Relay Proxy Services Died First
To understand the devastation, you need to understand how most Chinese proxy services (called "airports" or 机场) are built:
The relay model: User in China → domestic relay server → overseas exit node → open internet. The relay server sits inside a Chinese data center, providing fast connection speeds by keeping the China-to-server hop on the domestic network. This architecture delivers excellent speed at low cost.
The fatal flaw: That relay server is physically inside China. It is a machine in a rack, in a building, under Chinese jurisdiction. When authorities order the data center to unplug it, the entire service dies instantly. Every user connected through that relay loses access simultaneously.
This is why relay-based proxy services were hit hardest:
| Architecture | Speed | Cost | April 2026 Impact |
|---|---|---|---|
| Relay (中转) | Fast | Low | Total failure — servers physically unplugged |
| Leased line (IPLC/IEPL) | Fastest | High | Some Guangdong entry points affected |
| Direct (直连) | Medium | Medium | Minimal — no domestic infrastructure to seize |
The lesson is architectural: any service that depends on hardware inside China is one enforcement order away from total shutdown. The relay model that made proxy services fast and cheap is the exact same thing that made them fatally vulnerable.
The GFW Has Learned to Read Your Traffic
Even services that survived the physical unplug face a second, ongoing threat: the Great Firewall itself has gotten dramatically smarter.
In 2026, the GFW uses a layered detection system that makes older protocols increasingly dangerous to rely on:
- Statistical fingerprinting — The firewall analyzes the first packet's length, entropy, and byte distribution. Shadowsocks has a distinctive high-entropy first packet. V2Ray's VMess has recognizable handshake patterns. Even Trojan, designed to mimic TLS, has timing and packet-size distributions that differ from real HTTPS traffic.
- Active probing — When the firewall suspects a server, it sends its own test connections. If the server responds in a way inconsistent with a normal web server, it gets blacklisted. This kills most Shadowsocks and V2Ray servers within hours of deployment.
- Machine learning classification — The GFW now uses trained models that classify traffic flows based on temporal patterns, bidirectional ratios, and connection behavior. Standard VPN protocols (OpenVPN, WireGuard, IKEv2) are detected with near-100% accuracy. Even NordVPN and ProtonVPN have 0% success rates in China as of March 2026.
- Batch IP blocking — Every evening, the firewall runs batch operations that block newly discovered overseas IPs. Cloud platform IP ranges (AWS, GCP, Azure) are under constant surveillance.
The bottom line: protocol matters more than ever. If your VPN uses a protocol the firewall has seen before, it will be detected. It is not a question of if, but when.
Police Are Now Knocking on Doors
The April 2026 crackdown is not just technical — it is also legal. In March 2026, police in Hubei province raided individual homes and issued fines for VPN use. One person was fined 200 yuan (~$29) for accessing TikTok and X via VPN. Another was fined 500 yuan (~$73) for "illegally registering and using VPN software."
This marks a shift from blocking infrastructure to punishing individual users. While mass enforcement against casual users remains impractical, the message is clear: the authorities are willing to make examples.
This makes one thing critically important: your VPN should not know who you are. If a VPN requires your email, phone number, or payment details linked to your identity, that data exists somewhere — and can theoretically be accessed. A VPN that requires no registration and keeps zero logs has nothing to hand over, because there is nothing to hand over.
Why RelyVPN Still Works — The Technical Truth
While thousands of proxy services went dark in April 2026, RelyVPN users experienced zero downtime. This is not luck. It is architecture.
No domestic infrastructure
RelyVPN has no servers, no relay nodes, and no hardware of any kind inside China. Your device connects directly to overseas servers. There is nothing to unplug, nothing to raid, nothing to seize. The "Great Unplug" cannot reach what does not exist inside the border.
A protocol the firewall cannot distinguish from normal browsing
RelyVPN uses a proprietary protocol built on QUIC and HTTP/3 — the same technology that powers Google, YouTube, and billions of ordinary web connections every day. From the firewall's perspective, a RelyVPN connection looks statistically identical to someone browsing a normal website.
Key technical details:
- TLS 1.3 transport — all traffic is encrypted with TLS 1.3, the same standard used by every major website. The handshake, packet sizes, and timing patterns match normal HTTPS.
- Request padding — variable-length padding is added to every request, preventing the fixed-size patterns that let the GFW fingerprint other protocols.
- Failed auth = normal server — if the firewall probes a RelyVPN server, the server responds exactly like a standard HTTP/3 web server. Active probing reveals nothing.
- No SNI leakage — the connection does not expose the destination domain in the TLS handshake, removing another common detection vector.
Compare this to Shadowsocks (high-entropy first packets, detectable by statistical analysis), V2Ray/VMess (distinctive handshake patterns, vulnerable to active probing), or Trojan (real TLS but abnormal traffic distributions). RelyVPN's protocol was designed from the ground up to be invisible — not bolted onto an existing framework. For a deeper technical dive, see our protocol architecture article.
Anti-interference mode: automatic TCP fallback
When China's ISPs throttle or block UDP traffic (which targets QUIC connections), RelyVPN seamlessly switches to TCP with HTTP/2. The user experiences a brief reconnection, not a total failure. Most proxy services using QUIC-based protocols like Hysteria 2 have no fallback — when UDP is blocked, they simply stop working.
BBR Max: engineered for hostile networks
Cross-border connections from China suffer from extreme packet loss and latency jitter — partly from distance, partly from deliberate GFW interference. Standard congestion control algorithms (like TCP Cubic) interpret packet loss as congestion and aggressively slow down, making browsing unbearable.
RelyVPN uses BBR Max, a custom congestion control algorithm built on Google's BBR but optimized for adversarial conditions:
- Aggressive bandwidth probing at low speeds — recovers faster after packet loss events
- Ack-rate floor — prevents bandwidth estimates from collapsing to zero during GFW interference spikes
- Speed ceiling integration — works with the license system to ensure fair resource allocation
The result: YouTube streams at 1080p, video calls stay stable, and ChatGPT responds instantly — even when the firewall is actively interfering with your connection.
Resilient reconnection
Network changes are constant on mobile: switching between Wi-Fi and cellular, entering elevators, moving between cell towers. Each change can break a VPN connection. RelyVPN's architecture handles this at the system level:
- Every reconnection creates a fresh UDP socket — avoiding stale NAT mappings that cause permanent timeout loops
- Screen-aware reconnection — immediately retries on screen unlock, saves battery during sleep
- Cluster-level routing — automatic failover across server nodes without user intervention
Zero-knowledge architecture
RelyVPN requires no email, no phone number, no account of any kind. The license system is device-based, generating a local identifier that never leaves your device. There are no logs of what you access, when you connect, or how much data you use. If someone demanded our user records, there would be nothing to give — because we do not collect them.
What You Should Do Right Now
Whether your current VPN just died or you are preparing for the next crackdown, here is the practical advice:
- Stop paying yearly subscriptions to proxy services. The April 2026 unplug proves that relay-based services can disappear overnight with no refund. If you must use a proxy, pay monthly.
- Download RelyVPN now — before you need it. The free plan is permanent, not a trial. It uses the same protocol and servers as paid plans. Download here.
- Have a backup. No single tool is guaranteed to work forever in China. But a VPN with no domestic infrastructure, an undetectable protocol, and automatic fallback mechanisms is the most resilient option available today.
- Keep your tools updated. The firewall evolves constantly. So does RelyVPN. Always use the latest version.
- Avoid VPNs that know your identity. In an era of individual enforcement, the safest VPN is one that has no idea who you are.
Frequently Asked Questions
What happened to VPN proxy services in China in April 2026?
Starting April 1, 2026, Chinese authorities physically disconnected thousands of relay servers in domestic data centers. This caused mass outages across proxy services using Shadowsocks, V2Ray, Trojan, and similar protocols. The crackdown targeted the relay infrastructure that most budget proxy services depend on.
Why did relay-based proxy services fail while direct VPNs survived?
Relay proxy services route traffic through domestic Chinese servers before reaching overseas nodes. When authorities physically unplug these domestic servers, the entire service collapses. Direct VPNs like RelyVPN connect users straight to overseas servers with no domestic infrastructure to seize.
Can Shadowsocks and V2Ray still bypass the Great Firewall?
Increasingly difficult. The Great Firewall now uses machine learning to detect Shadowsocks, V2Ray, and Trojan traffic patterns even when wrapped in TLS. Combined with the April 2026 relay server seizures, these protocols are becoming unreliable for everyday use in China.
How does RelyVPN survive China's VPN crackdowns?
RelyVPN uses a proprietary protocol built on QUIC/HTTP3 that makes VPN traffic indistinguishable from normal web browsing. It has no domestic Chinese infrastructure to seize, uses a custom BBR Max congestion algorithm for high-latency links, and can automatically fall back to TCP/H2 when UDP is blocked.
Is it safe to use a VPN in China in 2026?
Using a VPN for personal purposes like accessing work tools, academic research, and communication remains common. However, enforcement has intensified in 2026 with some individual fines reported. RelyVPN requires no registration and keeps zero logs, meaning there is no account data to associate with your identity.
RelyVPN — Free Forever, No Ads, No Sign-Up
No relay servers to unplug. No protocol for the firewall to detect. No account data to compromise. Download now, before the next crackdown.
Get RelyVPN Free →