Shadowsocks on GCP with Debian 9
Prepare your GCP account
Get your own Gmail account registered.
Get a Credit Card VISA/Master/AE
login to console.cloud.google.com
Agree to the T&C
On Getting Started, click TRY FREE banner.
Choose Country and Agree ToS
Choose Account Type to Individual
Fill in Address
Fill in Credit Card info for verification
By now your GCP account been activated.
Create Firewall Rules
on left menu, find VPC network under NETWORKING
Click on Firewall rules, it will take a while to get ready the Compute Engine
Create a Firewall rule
assign a Name
change Targets to All instances in the network
Source IP ranges to 0.0.0.0/0
Protocols and ports: tcp: 7788 udp:7788 (or any number between 1024-65535) except 8388
Create VM instances
Click on Navigation menu, choose Compute Engine -> VM instances, Click Create
Assign a Name for your VM
Region: asia-east1 or asia-east2
Machine type: g1-small
Boot disk: Debian GNU/Linux 9 (stretch)
under Firewall session, click on blue expand down double arrow, click on Networking tag. Click the pencil under Network interfaces, with expended Network interface, click Ephemeral under External IP, Select Create IP address. Assign a Name for the static IP, then click reserve. Click Done with Network interface. Click Create
After few seconds, your VM instance been created.
Your public IP address can be found under External IP.
Install Shadowsocks
Click SSH on the right to your new VM instance.
enable interactive root access
sudo -i
Enable backports
nano /etc/apt/sources.list
add the following line at the bottom of the file.
deb http://ftp.debian.org/debian stretch-backports main
press Ctrl+X then Y, Enter to save the updates
apt update
update the system
apt-get update
apt-get upgrade
Press Y, Enter
Install rng-tools
apt-get install rng-tools
Modify RND devices
nano /etc/default/rng-tools
add to last line
HRNGDEVICE=/dev/urandom
Press Ctrl+x, Y Enter to save
Reboot system
reboot
Wait for few mins, press enter
enable interactive root access
sudo -i
Install Shadowsocks-libev
apt -t stretch-backports install shadowsocks-libev
Press Y, Enter
Modify the configuration file
nano /etc/shadowsocks-libev/config.json
Replace with your own server port (the one you assigned in Firewall Rules) and your own password
{
"server":"0.0.0.0",
"mode":"tcp_and_udp",
"server_port":7788,
"local_port":1080,
"password":"Y0ur0p@$$w0rd",
"timeout":60,
"method":"aes-256-cfb"
}
Save and exit by Ctrl+x, Y and Enter
Restart the shadwosocks then check the status
systemctl restart shadowsocks-libev
systemctl status shadowsocks-libev
enable auto-start at boot time
systemctl enable shadowsocks-libev
Now your Shadowsocks on GCP shall work.
Something more - Enable BBR
Remain in the sudo mode
echo "net.core.default_qdisc=fq">>/etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr">>/etc/sysctl.conf
take the change active
sysctl -p
To Check the result
sysctl net.ipv4.tcp_available_congestion_control
The result should looks like
net.ipv4.tcp_available_congestion_control = bbr cubic reno