Skip to content
GProxy
Sign up
Proxy Types 3 Connection Type: 1 views

SOCKS4a proxy

SOCKS4a is an extension of SOCKS4 with support for DNS resolution on the proxy side. Differences from SOCKS4 and SOCKS5, usage and configuration.

SOCKS4a Proxy

What is SOCKS4a

SOCKS4a is an extension of the SOCKS4 protocol, proposed by Ying-Da Lee. The key difference from the original SOCKS4 is that the client can send a domain name instead of an IP address, and DNS resolution occurs on the proxy server side.

In standard SOCKS4, the client must resolve the domain name to an IP address itself before sending the request. This creates a problem: the DNS query goes directly from the client, revealing information about the websites being visited. SOCKS4a solves this issue.

The SOCKS4 DNS Problem

How SOCKS4 Works

  1. The client wants to connect to example.com
  2. The client makes a DNS query directly (not through the proxy)
  3. It receives IP 93.184.216.34
  4. It sends a command to the proxy: "connect to 93.184.216.34:80"
  5. The proxy establishes a TCP connection

Problem: The DNS query in step 2 is visible to the ISP, the DNS server, and anyone monitoring the traffic. This is a DNS leak.

How SOCKS4a Works

  1. The client wants to connect to example.com
  2. The client sends a command to the proxy: "connect to example.com:80"
  3. The proxy itself resolves example.com to an IP
  4. The proxy establishes a TCP connection

The DNS query is completely hidden behind the proxy.

Technical Implementation

SOCKS4 Request Format

Field Size Description
VER 1 byte Version (0x04)
CMD 1 byte Command (0x01 = CONNECT)
DSTPORT 2 bytes Destination Port
DSTIP 4 bytes Destination IP
USERID variable Identifier String
NULL 1 byte 0x00 (termination)

SOCKS4a Request Format

The format is the same, but with a trick: the DSTIP field contains an invalid IP of the form 0.0.0.x (where x > 0). After the USERID's NULL terminator, the domain name is appended:

Field Size Description
VER 1 byte 0x04
CMD 1 byte 0x01
DSTPORT 2 bytes Destination Port
DSTIP 4 bytes 0.0.0.1 (SOCKS4a marker)
USERID variable Identifier String
NULL 1 byte 0x00
DOMAIN variable Domain Name (example.com)
NULL 1 byte 0x00

The proxy sees an IP of the form 0.0.0.x and understands that a domain name for resolution follows after the USERID.

SOCKS4 vs SOCKS4a vs SOCKS5

Parameter SOCKS4 SOCKS4a SOCKS5
DNS on proxy side No Yes Yes
Authentication No No Yes
UDP No No Yes
IPv6 No No Yes
BIND Command Yes Yes Yes
ASSOCIATE Command No No Yes

Advantages of SOCKS4a

1. Eliminates DNS Leak

The main advantage is that the client does not make DNS queries directly. All DNS activity is hidden behind the proxy.

2. Protocol Simplicity

SOCKS4a is simpler to implement than SOCKS5. There is no authentication phase, no UDP support — only TCP CONNECT.

3. Backward Compatibility

A SOCKS4a client can work with a SOCKS4a proxy, and the request format is backward compatible with SOCKS4.

4. Access to .onion and Internal Domains

Since DNS is resolved on the proxy side, SOCKS4a can be used to access domains that are not resolved by public DNS (e.g., .onion via Tor).

Limitations

1. No Authentication

SOCKS4a does not support authentication. Anyone who knows the proxy address can use it.

2. No UDP

Only TCP connections are supported. DNS queries, VoIP, and gaming traffic via UDP are not supported.

3. No IPv6

The DSTIP field is 4 bytes, only for IPv4.

4. Obsolete Protocol

SOCKS5 superseded SOCKS4a, providing all its capabilities plus authentication, UDP, and IPv6.

When to Use SOCKS4a

  • Legacy systems — older software that does not support SOCKS5
  • Simple scenarios — when authentication and UDP are not needed
  • Tor connections — Tor supports SOCKS4a for .onion resolution
  • Minimal overhead — when minimal protocol latency is important

Software Support

Program SOCKS4a
curl Yes (--socks4a)
Tor Yes (primary protocol)
ProxyChains Yes
Firefox Via network.proxy.socks_remote_dns
PuTTY Yes

Conclusion

SOCKS4a was an important evolutionary step from SOCKS4, solving the problem of DNS leaks. Although SOCKS5 is the standard today, understanding SOCKS4a is useful for working with legacy systems and for comprehending the evolution of proxy protocols.

Auto-update: 06.03.2026
All Categories

View Plans

Proxy Types 3 Type

Xray and Sing-box – Modern Proxy Cores

Xray and Sing-box are universal next-generation proxy platforms. Support for VLESS, VMess, Trojan, Shadowsocks, and multi-protocol routing.
Proxy Types 3 Type

VLESS and VMess Proxy Protocols

VLESS and VMess are modern proxy protocols from V2Ray. DPI circumvention, encryption, traffic obfuscation, and comparison with SOCKS5 and Shadowsocks.
Proxy Types 3 Type

I2P proxy

I2P (Invisible Internet Project) — a hidden network for anonymous communication. Differences from Tor, garlic routing, and use as a proxy.
Proxy Types 3 Type

Tor Exit Nodes as Proxy

Using Tor exit nodes as a proxy: how the Tor network works, advantages of anonymity, speed limitations, and legal aspects.
Proxy Types 3 Type

Cloud Functions as proxy (AWS Lambda, Cloudflare Workers)

Using cloud functions (AWS Lambda, Cloudflare Workers, Google Cloud Functions) as proxy servers. Dynamic IPs, scalability, and limitations.
Proxy Types 3 Type

Decentralized proxies (dVPN)

Decentralized proxies and dVPNs: blockchain networks for anonymous access, tokenomics, project examples, and comparison with traditional proxies.

Advantages of our proxies

25,000+ proxies from 120+ countries

Unlimited Proxies Residential Proxies