← Technical Lab • Updated 2026-03-02

Hysteria2:
The 4K/Gaming Solution

UDP-based protocol with aggressive congestion control. Designed for real-time applications that need low latency and high throughput — even when the network is fighting you.

Audience: Gamers, Streamers, Engineers

Reading Time: 10 minutes

Difficulty: Intermediate

Quick Summary — What Is This?

Think of it like this: Most circumvention protocols use TCP — the "polite" protocol that waits when the network is congested. Hysteria2 uses UDP, which is more like a firehose. When the GFW drops packets to slow you down, Hysteria2's built-in error correction and aggressive congestion control push through the losses instead of backing off.

What It Is

A UDP proxy that recovers from packet loss better than TCP alternatives

Why It Works

Aggressive congestion control ignores GFW-induced throttling

Who It's For

Gamers, 4K streamers, and anyone on mobile data needing speed

What Is the QUIC-Throttling Challenge?

In February 2026, Chinese ISPs — particularly China Telecom — deployed enhanced QUIC traffic classification. The GFW now extracts SNI information from the initial QUIC handshake and applies targeted throttling to unrecognized patterns. Standard Hysteria2 connections without obfuscation are now reliably identified within ~30 seconds on China Telecom backbone routes.

Technical Spec Hysteria2 Performance (Feb 2026)

Throttling Resistance 7 /10

Average Latency 110-150 ms

4K Streaming Capable

Gaming Jitter 15-25 ms

Mitigation

Enable Salamander obfuscation + UDP Noise to defeat QUIC classifiers

Source: Consensus Lab Methodology, Feb 2026

How Do Salamander Obfuscation and UDP Noise Work?

The key to making Hysteria2 work in 2026 is Salamander obfuscation. This mode wraps QUIC packets in a layer that disrupts the ISP's traffic classifier by injecting randomized "noise" packets alongside legitimate data. The classifier can't build a reliable traffic fingerprint when random data is mixed in.

sequenceDiagram
    participant Client as 📱 Client
    participant GFW as 🔥 GFW Classifier
    participant Server as 🖥️ Hysteria2 Server

    Note over Client,Server: Hysteria2 with UDP Noise

    rect rgb(220, 252, 231)
    Note over Client,Server: Handshake Phase
    Client->>Server: QUIC Initial (TLS 1.3)
    Server-->>Client: QUIC Handshake
    Client->>Server: Auth (password)
    Server-->>Client: Auth OK
    end

    rect rgb(219, 234, 254)
    Note over Client,Server: Data Phase + Noise
    Client->>Server: Real Data Packet
    Client->>GFW: Noise Packet (random size)
    Client->>Server: Real Data Packet
    Client->>GFW: Noise Packet (random timing)
    Client->>Server: Real Data Packet
    end

    GFW->>GFW: Classify traffic pattern
    GFW->>GFW: Pattern inconsistent ✗
    GFW->>GFW: Cannot reliably classify

    Note over GFW: Result: No confident match = No block

Hysteria2 with UDP Noise: random packets are injected alongside real data to prevent the GFW from building a reliable traffic fingerprint.

Pro Tip China Unicom IS Your Friend

China Unicom (AS4837) has significantly less aggressive UDP throttling compared to China Telecom. If you're on a mobile plan, switching your data carrier to China Unicom can improve Hysteria2 throughput by 40-60%. The AS4837 backbone has wider tolerance for unclassified UDP traffic.

How Should You Configure the Server?

The following configuration enables Salamander obfuscation with optimized QUIC window sizes for high-throughput scenarios. The bandwidth hints help Hysteria2 calibrate its congestion control.

JSON hysteria2-config.json

{
  "listen": ":443",
  "tls": {
    "cert": "/etc/hysteria/server.crt",
    "key": "/etc/hysteria/server.key"
  },
  "obfs": {
    "type": "salamander",
    "salamander": {
      "password": "YOUR_OBFUSCATION_PASSWORD"
    }
  },
  "quic": {
    "initStreamReceiveWindow": 16777216,
    "maxStreamReceiveWindow": 16777216,
    "initConnReceiveWindow": 33554432,
    "maxConnReceiveWindow": 33554432
  },
  "bandwidth": {
    "up": "200 mbps",
    "down": "1000 mbps"
  },
  "auth": {
    "type": "password",
    "password": "YOUR_AUTH_PASSWORD"
  }
}

⚠️ Configuration Notes

Bandwidth: Set the up and down values to approximately 80% of your actual line speed. Over-estimating causes packet loss; under-estimating limits throughput.
TLS Certificate: Use a real certificate (Let's Encrypt) — self-signed certs are flagged by the GFW's certificate transparency logs.
QUIC Window Sizes: The values above (16MB stream / 32MB connection) are optimized for 4K streaming. For gaming only, reduce to 4MB / 8MB to lower memory usage.

Which ISP Routes Are Recommended?

ISP	UDP Throttling	Hysteria2 Success	Notes
China Unicom	LOW	85%	Best ISP for Hysteria2. AS4837 route preferred.
China Mobile	MODERATE	65%	Obfuscation required. CMI routes have variable results.
China Telecom	AGGRESSIVE	40%	CN2 GIA routes only. Standard 163 backbone blocks UDP aggressively.

When Should You NOT Use Hysteria2?

✗ During Political Events: The GFW shifts to "whitelist mode" during sensitive periods. Only TCP-based protocols (VLESS-Reality) with whitelisted SNIs survive these crackdowns.
✗ On China Telecom without CN2 GIA: The standard 163 backbone throttles all unclassified UDP to ~1 Mbps during peak hours.
✗ If Stealth Is Priority: UDP protocols are inherently louder on the network. If you need to avoid detection entirely, use VLESS-Reality instead.

GFW Intelligence Team Protocol Analyst Consensus Lab Verified

Analysis of UDP-based circumvention protocols including Hysteria2, TUIC, and port-hopping strategies for China Mobile networks.

View Methodology | Transparency Report