During the recent holiday, I reorganized the home network with the goal of streaming 4K content without buffering. Since I was rebuilding the server anyway, I decided to migrate from the old setup to the new shadowsocks-rust implementation.
System Update#
1
| sudo apt update && sudo apt upgrade
|
Installing and Configuring SS#
Option 1: Build from Source via Cargo#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| # Install Rust toolchain
curl https://sh.rustup.rs -sSf | sh
# Configure Cargo environment (add to .profile / .bash_profile)
# CARGO_HOME sets the installation path
# target-cpu=native lets rustc optimize for the current CPU
CARGO_HOME=/root/cargo
RUSTFLAGS="-C target-cpu=native"
source .profile
# Install build dependencies
sudo apt install build-essential
# Install shadowsocks-rust
cargo install shadowsocks-rust
|
Option 2: Download Prebuilt Binary#
1
2
3
4
| wget https://github.com/shadowsocks/shadowsocks-rust/releases/download/v1.14.3/shadowsocks-v1.14.3.x86_64-unknown-linux-gnu.tar.xz
tar -xf shadowsocks-v1.14.3.x86_64-unknown-linux-gnu.tar.xz
cp ssserver /usr/local/bin
chmod a+x /usr/local/bin/ssserver
|
Configuration#
1
2
| mkdir /etc/shadowsocks
vi /etc/shadowsocks/config.json
|
1
2
3
4
5
6
| {
"server": "::",
"server_port": 8888,
"method": "aes-256-gcm",
"password": "pw"
}
|
Test the server:
1
| ssserver -c /etc/shadowsocks/config.json
|
Setting Up Auto-Start#
1
| vi /etc/systemd/system/shadowsocks-server.service
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| [Unit]
Description=shadowsocks-rust service
After=network.target
[Service]
Type=simple
ExecStart=ssserver -c /etc/shadowsocks/config.json
ExecStop=/usr/bin/killall ssserver
Restart=always
RestartSec=10
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=ssserver
User=root
Group=root
[Install]
WantedBy=multi-user.target
|
1
| systemctl enable /etc/systemd/system/shadowsocks-server.service
|
Network Optimization (BBR)#
BBR (Bottleneck Bandwidth and Round-trip propagation time) is a TCP congestion control algorithm developed by Google. It estimates the bottleneck bandwidth and minimum RTT to dynamically adjust the sending rate, outperforming traditional loss-based algorithms in high-latency, high-throughput scenarios.
1
2
3
4
5
6
7
8
9
| # Check if BBR is already enabled
lsmod | grep bbr
# If not enabled, run the following
modprobe tcp_bbr
echo "tcp_bbr" >> /etc/modules-load.d/modules.conf
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
sysctl -p
|
BBR should be used with the fq (Fair Queue) qdisc for optimal performance.
Starting the Service#
1
2
3
4
5
6
7
8
9
10
11
| sysctl --system
systemctl start shadowsocks-server
systemctl enable shadowsocks-server
# Reload after config changes
systemctl daemon-reload
systemctl restart shadowsocks-server
# Verify status
systemctl status shadowsocks-server
netstat -tunlp
|
Alternative: x-ui#
I discovered x-ui through discussions — it’s more convenient for most users. Here’s a quick setup:
1
2
| # Install x-ui, visit http://ip:54321
bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/x-ui/master/install.sh)
|
1
2
3
4
| # Install acme.sh and create HTTPS certificate
curl https://get.acme.sh | sh -s email=your@email.com
~/.acme.sh/acme.sh --register-account -m your@email.com
~/.acme.sh/acme.sh --issue -d yourdomain --standalone
|
References#