Running a Snowflake proxy behind a VPN – consequences for Tor users

(I hope this is the correct forum for this type of question).
I am running a Snowflake proxy from a Raspberry Pi connected to my home network. My router is set up to force all traffic through a VPN server owned by the provider Mullvad.
A thought just struck me (and out of fear I have now closed the proxy). Say a user is connecting from an authoritarian country which forbids the use of VPN services for the purpose of censorship bypass. Will that user connecting to Tor through my snowflake proxy appear to be connecting to a VPN server?

They wouldn’t have any issue as your IP is encrypted within the snowflake proxy, the VPN would just stop your ISP from knowing that your bandwidth contributes towards helping Tor.

Edit: Thank you cecylia. I will close down the proxy until I can run it on a home network that is not behind a VPN.

Hey! First of all: thank you for your interest in running a Snowflake proxy!

If all of your outgoing and incoming traffic is sent through a VPN then it is true that connecting clients will be connecting to your proxy through an IP address in that VPN’s address space. Do you know whether your routing setup makes an exception for P2P traffic?

In general, we would recommend not running a proxy in this kind of network. The IP address space is more likely to be blocked, and the extra hop may adversely affect the connection quality.

6 Likes

You closed this thread, but I still have something to say about it, so I opened a new one.

cecylia wrote:

If all of your outgoing and incoming traffic is sent through a VPN then it is true that connecting clients will be connecting to your proxy through an IP address in that VPN’s address space. Do you know whether your routing setup makes an exception for P2P traffic?

In general, we would recommend not running a proxy in this kind of network. The IP address space is more likely to be blocked, and the extra hop may adversely affect the connection quality.

It depends on the VPN network structure. If entry IP (on the side of your ISP) matches with the exit IP (which is visible to sites), then in strictly authoritarian countries these IPs will be banned of course and direct connection will not be possible with them.
But I use VPN (not for snowflake, but just), I won’t name it, which has entry and exit IP different (i.e. server chain at VPN provider). And I have connections with users from China. They connect to my torrent client and download/upload (Olympics video’s and other). But I notice the fact that connection with them is usually unencrypted. Maybe the great Chinese firewall makes an exception for torrent traffic, which it can analyze.