CoinFeedWhere is the problem when you can't access Binance in China
Many friends ask why they can't access the Binance page directly in mainland China, and whether their browser is broken. First, try accessing the Binance official site using your mobile 4G network, then switch to your home WiFi and try again, so you can see at which layer the block occurs; meanwhile, install the Binance official App for comparison, as the App's connection method is not exactly the same as the browser. Refer to the iOS installation guide to get the client ready first. To give you the conclusion directly, the inability to open Binance in China is mainly determined by the superposition of three factors: DNS pollution at the domain layer will cause you to resolve an incorrect IP, GFW blocking at the IP layer will RESET TCP connections to overseas IPs, and SNI sniffing at the HTTPS layer will block it a second time. The mobile App is relatively stable because it uses its own long-connection channel which can partially bypass these points.
Which layers is the blocking divided into
Let's break down the entire access link into four layers to see the possible blocking mechanisms of each layer.
DNS Layer
The binance.com returned by the carrier may be tampered with into an invalid IP. The phenomenon you see is the browser reporting "Server not found" or "DNS_PROBE_FINISHED_NXDOMAIN".
TCP Layer
Even if the DNS is correct, the TCP packets from you to the overseas server may be reset with an RST by intermediate nodes. It is manifested as "Connection reset ERR_CONNECTION_RESET".
TLS Layer
After TCP is connected, the browser sends a ClientHello, which contains the SNI field in plaintext telling the man-in-the-middle which domain name you want to access. Some domain names will be blocked again at this step, which is manifested as "SSL handshake failed".
Application Layer
The carrier's QoS strategy may implement speed limits on traffic to specific domain names, manifested as "can connect but extremely slow".
The principle of mobile being more stable than PC
A rule of thumb is observed: under the same network, the App can often connect to Binance more easily than the browser. The reasons are as follows:
- The App uses a long-connection WebSocket, which is reused once established, without having to redo the handshake every time.
- The App usually comes with its own SNI camouflage or built-in DoH.
- The App has multiple fallback entrances api1/api2/api3, which automatically switch upon failure.
- When the App initiates a connection, the traffic features are different from the browser, and some traffic identification rules cannot hit it.
This also explains some phenomena
- The browser cannot be opened but the App can trade normally.
- The App is stable when first installed, but starts to time out after a few days (features are learned).
- The App gets stuck under WiFi, but recovers immediately when switched to 4G.
Comparison of performance in different network environments
| Network | Open Homepage | Login | Trading | K-line |
|---|---|---|---|---|
| Home China Telecom | Good and bad | Mostly fails | Often times out | Does not load |
| Home China Unicom | Relatively stable | Can log in | Occasional delay | Can load |
| Home China Mobile | Most unstable | Often fails | Basically impossible | Does not load |
| 4G/5G Cellular | Generally stable | Can log in | Basically smooth | Can load |
| Enterprise Network | Depends on exit policy | Mostly fails | Depends on audit rules | Depends on the situation |
Troubleshooting steps when it cannot be opened
Step 1: Determine whether it is the domain layer or IP layer
- Type nslookup binance.com in cmd or Terminal.
- If the returned IP is in reasonable segments like 47.x, 3.x, 13.x, the DNS is normal.
- If it returns 0.0.0.0, 127.0.0.1, or an obviously incorrect IP, then it is DNS pollution.
- If DNS is normal but it still cannot be opened, the problem is in the TCP/TLS layer.
Step 2: Change DNS
- Enable DoH in the browser: Find "Use secure DNS" in Chrome address bar chrome://settings/security.
- Set public DNS in system settings: 1.1.1.1 / 8.8.8.8.
- Configure DoT at the router level: Natively supported by MikroTik, OpenWrt, etc.
Step 3: Switch terminals
- If the PC cannot open it, try the mobile phone.
- If WiFi cannot open it, switch to 4G.
- If 4G doesn't work either, see if you are in arrears or speed limited.
- If none of them work, it indicates a more upstream policy issue.
Step 4: Compliance reminder
Using overseas financial services in China requires you to evaluate the compliance risks yourself. CoinFeed only analyzes the causes of blocking from a technical perspective. We do not provide any recommendations or links for anti-censorship tools, please make your own choices and bear the corresponding responsibilities.
Characteristics of each carrier
- China Telecom: The strictest IP layer blocking, and the most DNS pollution.
- China Unicom: Relatively stable outbound routes, occasional TLS layer blocking.
- China Mobile: Low outbound bandwidth, poor stability.
- Education Network: Basically blocks all overseas financial domain names.
- Enterprise Leased Line: Depends on the enterprise's own policy.
Some stability tips
- Overseas exits are congested during evening peak hours (20:00-23:00), try to avoid peak hours.
- Fixed use of IPv6 networks is actually unstable for overseas access, turning off IPv6 is sometimes better.
- Enabling "Smart DNS" or "DoT" on the router can filter out most DNS pollution.
- The WiFi calling feature on mobile phones will consume dual-stack resources and affect access speed.
FAQ
Q1: Why does entering binance.com in my browser directly jump to binance.us or a blank page? A: binance.us is an independent exchange for US users, not the main site. The jump is usually because your IP is identified as being in the US region, or the browser has an old redirection cache. After clearing the cache, just access www.binance.com directly.
Q2: Does directly binding the IP with the host file work? A: It works in the short term, but Binance IPs change frequently. More importantly, even if the IP is correct, TLS SNI will still be blocked, which treats the symptoms but not the root cause.
Q3: The Binance App can log in but the web page cannot, are they the same account? A: Yes, it is the same account. The web and App share the account system. Login differences are purely caused at the network level, so don't worry about account issues.
Q4: Can I open Binance by sharing my phone's hotspot with my PC? A: Yes. Because the PC goes through the mobile phone's 4G exit, which does not pass through home broadband. This is also a common emergency plan.
Q5: Do I need to configure anything to access Binance in Hong Kong and Macau? A: No special settings are required. The delay from Hong Kong and Macau to Binance nodes is usually within 50ms, so direct connection is fine.
Q6: Can I access Binance when my enterprise VPN returns to China? A: It depends on which domestic node you return to. If you return to a domestic network exit, it will also be blocked; if the VPN exit is overseas, you can actually access it.
Differences in performance of different carriers
Actual testing shows that the stability of the three major domestic carriers when accessing Binance is not exactly the same, which is why some people can open it with China Telecom but not with China Mobile. The table below provides a rough impression after multiple long-term observations, for reference only:
| Carrier | Web Access | App Quotes | Order Success Rate | Suggestion |
|---|---|---|---|---|
| China Telecom | Relatively stable | Stable | High | Preferred network |
| China Unicom | Relatively stable | Stable | High | Close to Telecom |
| China Mobile | Large fluctuations | Good and bad | Occasional timeout | Turning on IPv6 improves it |
| Broadcasting | Unstable | Poor | Low | Not recommended as main |
If you have Mobile broadband at home and your colleague uses Telecom home broadband to access Binance smoothly, it is a typical manifestation of routing differences. You can verify it by switching to mobile 4G or testing it on a friend's Telecom WiFi.
Conclusion
Not being able to open Binance in China is a systemic engineering issue. Any layer of DNS, IP, or TLS can become a bottleneck. General technical advice is: use DoH like 1.1.1.1 to override DNS pollution, prefer the App over the browser, switch well between 4G and WiFi, and avoid peak hour access. Regarding compliance, please evaluate it yourself according to local laws and regulations. Understanding which layer the blocking occurs at is more important than blindly switching tools. Knowing the reason can prevent repeatedly stepping into the same pit.