clash icon indicating copy to clipboard operation
clash copied to clipboard

Published 20 hours ago verified publisher icon Dreamacro

[Bug] Windows上dns from dhcp在tun模式下不能正常工作

Open ElemenTP opened this issue 2 years ago • 8 comments

Verify steps

  • [X] 如果你可以自己 debug 并解决的话,提交 PR 吧 Is this something you can debug and fix? Send a pull request! Bug fixes and documentation fixes are welcome.
  • [X] 我已经在 Issue Tracker 中找过我要提出的问题 I have searched on the issue tracker for a related issue.
  • [X] 我已经使用 dev 分支版本测试过,问题依旧存在 I have tested using the dev branch, and the issue still exists.
  • [X] 我已经仔细看过 Documentation 并无法自行解决问题 I have read the documentation and was unable to solve the issue.
  • [X] 这是 Clash 核心的问题,并非我所使用的 Clash 衍生版本(如 OpenClash、KoolClash 等)的特定问题 This is an issue of the Clash core per se, not to the derivatives of Clash, like OpenClash or KoolClash.

Clash version

Clash 2022.04.17 windows amd64 v3, wintun 14.1

What OS are you seeing the problem on?

Windows

Clash config

mixed-port: 11455
external-controller: 127.0.0.1:9090
log-level: debug
profile:
  store-selected: true
  tracing: false
ipv6: false
mode: Rule
hosts:
  services.googleapis.cn: 216.58.200.67
  www.google.cn: 216.58.200.67
dns:
  enable: true
  ipv6: false
  enhanced-mode: fake-ip
  use-hosts: false
  nameserver:
    - dhcp://以太网
  fake-ip-range: 198.18.0.1/16
  fake-ip-filter:
    - "*.lan"
    - stun.*.*.*
    - stun.*.*
    - time.windows.com
    - time.nist.gov
    - time.apple.com
    - time.asia.apple.com
    - "*.ntp.org.cn"
    - "*.openwrt.pool.ntp.org"
    - time1.cloud.tencent.com
    - time.ustc.edu.cn
    - pool.ntp.org
    - ntp.ubuntu.com
    - ntp.aliyun.com
    - ntp1.aliyun.com
    - ntp2.aliyun.com
    - ntp3.aliyun.com
    - ntp4.aliyun.com
    - ntp5.aliyun.com
    - ntp6.aliyun.com
    - ntp7.aliyun.com
    - time1.aliyun.com
    - time2.aliyun.com
    - time3.aliyun.com
    - time4.aliyun.com
    - time5.aliyun.com
    - time6.aliyun.com
    - time7.aliyun.com
    - "*.time.edu.cn"
    - time1.apple.com
    - time2.apple.com
    - time3.apple.com
    - time4.apple.com
    - time5.apple.com
    - time6.apple.com
    - time7.apple.com
    - time1.google.com
    - time2.google.com
    - time3.google.com
    - time4.google.com
    - music.163.com
    - "*.music.163.com"
    - "*.126.net"
    - musicapi.taihe.com
    - music.taihe.com
    - songsearch.kugou.com
    - trackercdn.kugou.com
    - "*.kuwo.cn"
    - api-jooxtt.sanook.com
    - api.joox.com
    - joox.com
    - y.qq.com
    - "*.y.qq.com"
    - streamoc.music.tc.qq.com
    - mobileoc.music.tc.qq.com
    - isure.stream.qqmusic.qq.com
    - dl.stream.qqmusic.qq.com
    - aqqmusic.tc.qq.com
    - amobile.music.tc.qq.com
    - "*.xiami.com"
    - "*.music.migu.cn"
    - music.migu.cn
    - "*.msftconnecttest.com"
    - "*.msftncsi.com"
    - localhost.ptlogin2.qq.com
    - "*.*.*.srv.nintendo.net"
    - "*.*.stun.playstation.net"
    - xbox.*.*.microsoft.com
    - "*.ipv6.microsoft.com"
    - "*.*.xboxlive.com"
    - speedtest.cros.wr.pvp.net
tun:
  enable: true
  stack: system
  dns-hijack:
    - 198.18.0.2:53
  auto-route: true
  auto-detect-interface: true
proxies:
  - 省略
proxy-groups:
  - 省略
rules:
  - 省略

Clash log

见下文

Description

Windows上dns from dhcp在tun模式下不能正常工作。
clash使用类似上文所示的配置文件,dns nameserver中仅使用dns from dhcp,开启tun模式。以管理员权限启动clash
tun模式开启后,无法访问任何网页。查看clash log,原因是dns解析失败:

time="2022-05-14T21:03:28+08:00" level=debug msg="Generate GUID: {330EAEF8-7578-5DF2-D97B-8DADC0EA85CB}"
time="2022-05-14T21:03:28+08:00" level=info msg="Tun Proxy listening at: Clash(198.18.0.1)"
time="2022-05-14T21:03:28+08:00" level=debug msg="[Stack] Failed to dummy bind, retry in 1 second... (1/10)"
time="2022-05-14T21:03:29+08:00" level=debug msg="[Stack] Failed to dummy bind, retry in 1 second... (2/10)"
time="2022-05-14T21:03:32+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:33+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:34+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:36+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:37+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:37+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:37+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:37+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:40+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:42+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:42+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:42+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files\\Microsoft VS Code\\Code.exe"
time="2022-05-14T21:03:43+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:44+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:44+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:45+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:45+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:46+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:46+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:47+08:00" level=debug msg="[DNS Server] Exchange ;ipv6.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:47+08:00" level=debug msg="[DNS Server] Exchange ;ipv6.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:47+08:00" level=debug msg="[DNS Server] Exchange ;ipv6.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:47+08:00" level=debug msg="[DNS Server] Exchange ;ipv6.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:47+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:03:48+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:49+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:49+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:49+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:49+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:50+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:52+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:443 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:52+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:55+08:00" level=debug msg="[DNS Server] Exchange ;ipv6.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:57+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:03:58+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:03:58+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files\\Microsoft VS Code\\Code.exe"
time="2022-05-14T21:04:03+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:04:08+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:443 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:13+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:13+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files\\Microsoft VS Code\\Code.exe"
time="2022-05-14T21:04:18+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:04:18+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:18+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:19+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:19+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:20+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:20+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:22+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:22+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:23+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:443 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:23+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:23+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:23+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:23+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:23+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:23+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:23+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:23+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:26+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:26+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:28+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:28+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files\\Microsoft VS Code\\Code.exe"
time="2022-05-14T21:04:30+08:00" level=debug msg="[Process] 2.18.212.161 from process \\Device\\HarddiskVolume3\\Windows\\System32\\svchost.exe"
time="2022-05-14T21:04:31+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:31+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: context deadline exceeded"
time="2022-05-14T21:04:32+08:00" level=warning msg="[TCP] dial Final (match Match/) to 2.18.212.161:80 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:04:32+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:04:32+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:443 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:04:44+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:44+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files\\Microsoft VS Code\\Code.exe"
time="2022-05-14T21:04:44+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:04:44+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:443 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:04:59+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:04:59+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files\\Microsoft VS Code\\Code.exe"
time="2022-05-14T21:04:59+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:04:59+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:443 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:04+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:04+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:04+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:04+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:05+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:05+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:05+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:05+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:06+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:06+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:06+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:06+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:08+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:08+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:08+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:08+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:12+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:12+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:12+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:12+08:00" level=debug msg="[DNS Server] Exchange ;www.msftconnecttest.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:15+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:15+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files\\Microsoft VS Code\\Code.exe"
time="2022-05-14T21:05:15+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:05:15+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:443 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:16+08:00" level=debug msg="[Process] 95.101.180.19 from process \\Device\\HarddiskVolume3\\Windows\\System32\\svchost.exe"
time="2022-05-14T21:05:16+08:00" level=warning msg="[TCP] dial Final (match Match/) to 95.101.180.19:80 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:30+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:30+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files\\Microsoft VS Code\\Code.exe"
time="2022-05-14T21:05:30+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:05:30+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:443 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:39+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:39+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:40+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:40+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:41+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:41+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:43+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:43+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:46+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:46+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files\\Microsoft VS Code\\Code.exe"
time="2022-05-14T21:05:46+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:05:46+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:443 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:47+08:00" level=debug msg="[TUN] hijack udp dns: 198.18.0.2:53"
time="2022-05-14T21:05:47+08:00" level=debug msg="[DNS Server] Exchange ;dns.msftncsi.com.\tIN\t A failed: all DNS requests failed, first error: DHCP not responding"
time="2022-05-14T21:05:51+08:00" level=debug msg="[Process] mobile.events.data.microsoft.com from process \\Device\\HarddiskVolume3\\Windows\\System32\\svchost.exe"
time="2022-05-14T21:05:51+08:00" level=debug msg="[DNS] resolve mobile.events.data.microsoft.com error: couldn't find ip"
time="2022-05-14T21:05:51+08:00" level=warning msg="[TCP] dial 🖥 Microsoft (match DomainSuffix/microsoft.com) to mobile.events.data.microsoft.com:53 error: 4df3a7ab.vfzgvm.sbs:12001 connect error: all DNS requests failed, first error: DHCP not responding"

使用wireshark抓取出口网卡,发现clash从dhcp正常获取了dns服务器地址,正常发送了解析请求,dns服务器也正常回复了解析结果,但由于未知原因,clash并没有收到解析结果。(192.168.1.1为dns服务器地址,192.168.1.20为测试主机地址) 屏幕截图 2022-05-14 211300 接下来仅将配置文件中的tun: enable从true改为false,上传给clash,将tun模式关闭。 此时开启Windows的系统代理,指向clash的http或mixed port,发现可以正常访问网页,查看clash log,dns正常工作。

time="2022-05-14T21:27:47+08:00" level=debug msg="[Process] config.edge.skype.com from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:47+08:00" level=debug msg="[DNS] config.edge.skype.com --> 13.107.42.16"
time="2022-05-14T21:27:47+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0x8fde, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:47+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0x8fde, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:47+08:00" level=info msg="[TCP] 127.0.0.1:64483 --> config.edge.skype.com:443 match DomainSuffix(skype.com) using 🖥 Microsoft[🇭🇰 HKG 01]"
time="2022-05-14T21:27:47+08:00" level=debug msg="[Process] c.msn.cn from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:47+08:00" level=debug msg="[Process] assets.msn.cn from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:47+08:00" level=debug msg="[Process] browser.events.data.msn.cn from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:47+08:00" level=debug msg="[DNS] c.msn.cn --> 52.231.207.240"
time="2022-05-14T21:27:47+08:00" level=debug msg="[DNS] assets.msn.cn --> 222.138.4.69"
time="2022-05-14T21:27:47+08:00" level=debug msg="[DNS] browser.events.data.msn.cn --> 20.189.173.4"
time="2022-05-14T21:27:47+08:00" level=info msg="[TCP] 127.0.0.1:64486 --> assets.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]"
time="2022-05-14T21:27:47+08:00" level=info msg="[TCP] 127.0.0.1:64485 --> c.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]"
time="2022-05-14T21:27:47+08:00" level=info msg="[TCP] 127.0.0.1:64487 --> browser.events.data.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]"
time="2022-05-14T21:27:47+08:00" level=debug msg="[Process] c.bing.com from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:47+08:00" level=debug msg="[DNS] c.bing.com --> 13.107.21.200"
time="2022-05-14T21:27:47+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0x6a08, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:47+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0x6a08, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:47+08:00" level=info msg="[TCP] 127.0.0.1:64491 --> c.bing.com:443 match DomainSuffix(bing.com) using 🖥 Microsoft[🇭🇰 HKG 01]"
time="2022-05-14T21:27:48+08:00" level=debug msg="[Process] browser.events.data.msn.cn from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:48+08:00" level=debug msg="[DNS] browser.events.data.msn.cn --> 20.189.173.4"
time="2022-05-14T21:27:48+08:00" level=debug msg="[Process] assets.msn.cn from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:48+08:00" level=debug msg="[DNS] assets.msn.cn --> 222.138.4.69"
time="2022-05-14T21:27:48+08:00" level=info msg="[TCP] 127.0.0.1:64495 --> assets.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]"
time="2022-05-14T21:27:48+08:00" level=info msg="[TCP] 127.0.0.1:64493 --> browser.events.data.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]"
time="2022-05-14T21:27:48+08:00" level=debug msg="[Process] browser.events.data.msn.cn from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:48+08:00" level=debug msg="[DNS] browser.events.data.msn.cn --> 20.189.173.4"
time="2022-05-14T21:27:48+08:00" level=debug msg="[Process] browser.events.data.msn.cn from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:48+08:00" level=debug msg="[DNS] browser.events.data.msn.cn --> 20.189.173.4"
time="2022-05-14T21:27:48+08:00" level=info msg="[TCP] 127.0.0.1:64497 --> browser.events.data.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]"
time="2022-05-14T21:27:48+08:00" level=info msg="[TCP] 127.0.0.1:64499 --> browser.events.data.msn.cn:443 match DomainSuffix(cn) using China-Websites[DIRECT]"
time="2022-05-14T21:27:49+08:00" level=debug msg="[Process] github.com from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] github.com --> 20.205.243.166"
time="2022-05-14T21:27:49+08:00" level=debug msg="[Process] nav.smartscreen.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:49+08:00" level=debug msg="[Process] nav.smartscreen.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0x1b52, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0x1b52, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] nav.smartscreen.microsoft.com --> 40.90.184.82"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] nav.smartscreen.microsoft.com --> 40.90.184.82"
time="2022-05-14T21:27:49+08:00" level=info msg="[TCP] 127.0.0.1:64501 --> github.com:443 match DomainKeyword(github) using Final[🇭🇰 HKG 01]"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0x6ded, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0x6ded, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:49+08:00" level=info msg="[TCP] 127.0.0.1:64504 --> nav.smartscreen.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 HKG 01]"
time="2022-05-14T21:27:49+08:00" level=info msg="[TCP] 127.0.0.1:64503 --> nav.smartscreen.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 HKG 01]"
time="2022-05-14T21:27:49+08:00" level=debug msg="[Process] smartscreen-prod.microsoft.com from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] smartscreen-prod.microsoft.com --> 40.90.184.82"
time="2022-05-14T21:27:49+08:00" level=debug msg="[Process] github.githubassets.com from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0xe859, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0xe859, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] github.githubassets.com --> 185.199.111.154"
time="2022-05-14T21:27:49+08:00" level=debug msg="[Process] avatars.githubusercontent.com from process \\Device\\HarddiskVolume3\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe"
time="2022-05-14T21:27:49+08:00" level=info msg="[TCP] 127.0.0.1:64507 --> smartscreen-prod.microsoft.com:443 match DomainSuffix(microsoft.com) using 🖥 Microsoft[🇭🇰 HKG 01]"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0xf09, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] response msg empty: &dns.Msg{MsgHdr:dns.MsgHdr{Id:0xf09, Response:true, Opcode:0, Authoritative:false, Truncated:false, RecursionDesired:true, RecursionAvailable:true, Zero:false, AuthenticatedData:false, CheckingDisabled:false, Rcode:0}, Compress:false, Question:[]dns.Question{dns.Question{Name:\"4df3a7ab.vfzgvm.sbs.\", Qtype:0x1c, Qclass:0x1}}, Answer:[]dns.RR(nil), Ns:[]dns.RR(nil), Extra:[]dns.RR(nil)}"
time="2022-05-14T21:27:49+08:00" level=debug msg="[DNS] avatars.githubusercontent.com --> 185.199.111.133"

dns from dhcp在非tun模式下可以正常工作。
此问题个人测试环境100%复现,测试电脑Windows版本为Windows 11 10.0.22000.675。在虚拟机中全新安装Windows 11 10.0.22000.613后进行测试,也可以复现。另外,premium release提供的S3 storage中的所有版本的clash premium都测试过,均可以复现。

ElemenTP avatar May 14 '22 16:05 ElemenTP

我也碰到了这个的问题,打开TUN模式,nameserver里只用dns from dhcp的话,log里会显示connect error: all DNS requests failed, first error: DHCP not responding,直接填DHCP的DNS地址,比如 192.168.1.1,是可以正常工作的

returnL avatar May 15 '22 04:05 returnL

我也碰到了这个的问题,打开TUN模式,nameserver里只用dns from dhcp的话,log里会显示connect error: all DNS requests failed, first error: DHCP not responding,直接填DHCP的DNS地址,比如 192.168.1.1,是可以正常工作的

我也一样,在nameserver里只填入dhcp提供的dns地址,tun模式下可以正常工作。2021年时期某些版本的premium core应该dns from dhcp在tun模式下能正常工作,但是我找不到旧版premium core了

ElemenTP avatar May 15 '22 06:05 ElemenTP

用很久的配置了一直都没出现过问题。

dns:
  enable: true
  listen: 0.0.0.0:53
  ipv6: true
  default-nameserver:
    - 1.1.1.1:53
    - 8.8.8.8:53
    - 9.9.9.9:53
  enhanced-mode: redir-host
  fake-ip-range: 198.19.0.1/16
  fake-ip-filter:
    - "*.lan"
    - "*.localdomain"
    - "*.example"
    - "*.invalid"
    - "*.localhost"
    - "*.test"
    - "*.local"
    - "*.home.arpa"
    - "time.*.com"
    - "time.*.gov"
    - "time.*.edu.cn"
    - "time.*.apple.com"
    - "time1.*.com"
    - "time2.*.com"
    - "time3.*.com"
    - "time4.*.com"
    - "time5.*.com"
    - "time6.*.com"
    - "time7.*.com"
    - "ntp.*.com"
    - "ntp1.*.com"
    - "ntp2.*.com"
    - "ntp3.*.com"
    - "ntp4.*.com"
    - "ntp5.*.com"
    - "ntp6.*.com"
    - "ntp7.*.com"
    - "*.time.edu.cn"
    - "*.ntp.org.cn"
    - "+.pool.ntp.org"
    - "time1.cloud.tencent.com"
    - "music.163.com"
    - "*.music.163.com"
    - "*.126.net"
    - "musicapi.taihe.com"
    - "music.taihe.com"
    - "songsearch.kugou.com"
    - "trackercdn.kugou.com"
    - "*.kuwo.cn"
    - "api-jooxtt.sanook.com"
    - "api.joox.com"
    - "joox.com"
    - "y.qq.com"
    - "*.y.qq.com"
    - "+.jd.com"
    - "streamoc.music.tc.qq.com"
    - "mobileoc.music.tc.qq.com"
    - "isure.stream.qqmusic.qq.com"
    - "dl.stream.qqmusic.qq.com"
    - "aqqmusic.tc.qq.com"
    - "amobile.music.tc.qq.com"
    - "*.xiami.com"
    - "*.music.migu.cn"
    - "music.migu.cn"
    - "*.msftconnecttest.com"
    - "*.msftncsi.com"
    - "msftconnecttest.com"
    - "msftncsi.com"
    - "localhost.ptlogin2.qq.com"
    - "localhost.sec.qq.com"
    - "+.srv.nintendo.net"
    - "+.stun.playstation.net"
    - "xbox.*.microsoft.com"
    - "xnotify.xboxlive.com"
    - "+.battlenet.com.cn"
    - "+.wotgame.cn"
    - "+.wggames.cn"
    - "+.wowsgame.cn"
    - "+.wargaming.net"
    - "proxy.golang.org"
    - "stun.*.*"
    - "stun.*.*.*"
    - "+.stun.*.*"
    - "+.stun.*.*.*"
    - "+.stun.*.*.*.*"
    - "heartbeat.belkin.com"
    - "*.linksys.com"
    - "*.linksyssmartwifi.com"
    - "*.router.asus.com"
    - "mesu.apple.com"
    - "swscan.apple.com"
    - "swquery.apple.com"
    - "swdownload.apple.com"
    - "swcdn.apple.com"
    - "swdist.apple.com"
    - "lens.l.google.com"
    - "stun.l.google.com"
    - "+.nflxvideo.net"
    - "*.square-enix.com"
    - "*.finalfantasyxiv.com"
    - "*.ffxiv.com"
    - "*.mcdn.bilivideo.cn"
  nameserver:
    - "https://doh.360.cn/dns-query"
    - "https://dns.pub/dns-query"
    - "https://dns.alidns.com/dns-query"
  fallback:
    - "https://dns.google/dns-query"
    - "https://dns.quad9.net/dns-query"
    - "https://dns.quad9.net/dns-query"
  fallback-filter:
    geoip: true
    geoip-code: CN
    ipcidr:
      - 0.0.0.0/8
      - 127.0.0.0/8
      - 169.254.0.0/16
      - 203.0.113.0/24
      - 224.0.0.0/4
      - 240.0.0.0/4
      - 255.255.255.255/32
    domain:
      - "+.google.com"
      - "+.facebook.com"
      - "+.youtube.com"
      - "+.githubusercontent.com"
      - "+.googlevideo.com"
      - "+.microsoft.com"
      - "+.githubusercontent.com"
      - "+.xn--ngstr-lra8j.com"

tun:
  enable: true
  stack: gvisor
  dns-hijack:
    - 198.19.0.2:53
    - any:53
    - tcp://any:53
  auto-route: true
  auto-detect-interface: true

qist avatar May 16 '22 07:05 qist

用很久的配置了一直都没出现过问题。

dns:
  enable: true
  listen: 0.0.0.0:53
  ipv6: true
  default-nameserver:
    - 1.1.1.1:53
    - 8.8.8.8:53
    - 9.9.9.9:53
  enhanced-mode: redir-host
  fake-ip-range: 198.19.0.1/16
  fake-ip-filter:
    - "*.lan"
    - "*.localdomain"
    - "*.example"
    - "*.invalid"
    - "*.localhost"
    - "*.test"
    - "*.local"
    - "*.home.arpa"
    - "time.*.com"
    - "time.*.gov"
    - "time.*.edu.cn"
    - "time.*.apple.com"
    - "time1.*.com"
    - "time2.*.com"
    - "time3.*.com"
    - "time4.*.com"
    - "time5.*.com"
    - "time6.*.com"
    - "time7.*.com"
    - "ntp.*.com"
    - "ntp1.*.com"
    - "ntp2.*.com"
    - "ntp3.*.com"
    - "ntp4.*.com"
    - "ntp5.*.com"
    - "ntp6.*.com"
    - "ntp7.*.com"
    - "*.time.edu.cn"
    - "*.ntp.org.cn"
    - "+.pool.ntp.org"
    - "time1.cloud.tencent.com"
    - "music.163.com"
    - "*.music.163.com"
    - "*.126.net"
    - "musicapi.taihe.com"
    - "music.taihe.com"
    - "songsearch.kugou.com"
    - "trackercdn.kugou.com"
    - "*.kuwo.cn"
    - "api-jooxtt.sanook.com"
    - "api.joox.com"
    - "joox.com"
    - "y.qq.com"
    - "*.y.qq.com"
    - "+.jd.com"
    - "streamoc.music.tc.qq.com"
    - "mobileoc.music.tc.qq.com"
    - "isure.stream.qqmusic.qq.com"
    - "dl.stream.qqmusic.qq.com"
    - "aqqmusic.tc.qq.com"
    - "amobile.music.tc.qq.com"
    - "*.xiami.com"
    - "*.music.migu.cn"
    - "music.migu.cn"
    - "*.msftconnecttest.com"
    - "*.msftncsi.com"
    - "msftconnecttest.com"
    - "msftncsi.com"
    - "localhost.ptlogin2.qq.com"
    - "localhost.sec.qq.com"
    - "+.srv.nintendo.net"
    - "+.stun.playstation.net"
    - "xbox.*.microsoft.com"
    - "xnotify.xboxlive.com"
    - "+.battlenet.com.cn"
    - "+.wotgame.cn"
    - "+.wggames.cn"
    - "+.wowsgame.cn"
    - "+.wargaming.net"
    - "proxy.golang.org"
    - "stun.*.*"
    - "stun.*.*.*"
    - "+.stun.*.*"
    - "+.stun.*.*.*"
    - "+.stun.*.*.*.*"
    - "heartbeat.belkin.com"
    - "*.linksys.com"
    - "*.linksyssmartwifi.com"
    - "*.router.asus.com"
    - "mesu.apple.com"
    - "swscan.apple.com"
    - "swquery.apple.com"
    - "swdownload.apple.com"
    - "swcdn.apple.com"
    - "swdist.apple.com"
    - "lens.l.google.com"
    - "stun.l.google.com"
    - "+.nflxvideo.net"
    - "*.square-enix.com"
    - "*.finalfantasyxiv.com"
    - "*.ffxiv.com"
    - "*.mcdn.bilivideo.cn"
  nameserver:
    - "https://doh.360.cn/dns-query"
    - "https://dns.pub/dns-query"
    - "https://dns.alidns.com/dns-query"
  fallback:
    - "https://dns.google/dns-query"
    - "https://dns.quad9.net/dns-query"
    - "https://dns.quad9.net/dns-query"
  fallback-filter:
    geoip: true
    geoip-code: CN
    ipcidr:
      - 0.0.0.0/8
      - 127.0.0.0/8
      - 169.254.0.0/16
      - 203.0.113.0/24
      - 224.0.0.0/4
      - 240.0.0.0/4
      - 255.255.255.255/32
    domain:
      - "+.google.com"
      - "+.facebook.com"
      - "+.youtube.com"
      - "+.githubusercontent.com"
      - "+.googlevideo.com"
      - "+.microsoft.com"
      - "+.githubusercontent.com"
      - "+.xn--ngstr-lra8j.com"

tun:
  enable: true
  stack: gvisor
  dns-hijack:
    - 198.19.0.2:53
    - any:53
    - tcp://any:53
  auto-route: true
  auto-detect-interface: true

感谢回复,我个人使用的配置文件中,dns的name server加入其他类型的dns服务器,clash也可以正常使用。只是我需要dns from dhcp以解析内网域名,目前dns from dhcp在tun模式下无法使用比较困扰。

ElemenTP avatar May 16 '22 17:05 ElemenTP

临时解决方案的话nameserver 改成内网dns 就可以了。然后你内网dns上游dns 改成安全dns也就可以了。

qist avatar May 17 '22 01:05 qist

我返回19.18版本,tun能正常.19.19和19.20都不行

okango88 avatar Jun 06 '22 10:06 okango88

更新一下,premium版本已经更新到2022.07.07,此bug仍然存在,有一些新的发现

使用wireshark抓取出口网卡,发现clash从dhcp正常获取了dns服务器地址,正常发送了解析请求,dns服务器也正常回复了解析结果,但由于未知原因,clash并没有收到解析结果。(192.168.1.1为dns服务器地址,192.168.1.20为测试主机地址)

这个判断是错误的,图中wireshark抓取的dns活动实际上是来自Windows的一个feature,自动跨所有网络发出 DNS 查询。https://github.com/Dreamacro/clash/issues/1177#issuecomment-758524782 https://github.com/Dreamacro/clash/issues/2136#issuecomment-1128410968

根据clash开源版本的代码的dns from dhcp部分(姑且认为这部分和premium版本是一致的),dns的dhcpClient在目标网卡上广播带DNS服务器option的dhcpv4的discover报文,并从收到的dhcp服务器返回的offer报文中解析dns服务器地址。解析到dns服务器地址后,dhcpClient才可以正常使用。

不开启tun模式的情况下,dns from dhcp正常使用的情况: 屏幕截图 2022-07-12 162811-1

开启tun模式,dns from dhcp无法正常使用的情况: 屏幕截图 2022-07-12 163118

从抓包结果可知,dns from dhcp在tun模式下不能正常工作的原因是dhcp discover包没有发出去,自然也收不到dhcp服务器的回复。而日志中DHCP not responding也确实说明clash没有收到dhcp服务器的回复。

但是,关闭tun模式使用系统代理,可以正常上网,之后再关闭系统代理,通过控制端口更新configs开启tun模式,此时tun模式下就可以正常上网了。 屏幕截图 2022-07-12 172659_1 从抓包结果可知,此时tun模式下dns from dhcp正常工作,正常发送了discover报文正常收到了offer报文。之后一段时间内无论是关闭重启clash、断网重连甚至是重启电脑,tun模式下dns from dhcp仍然能正常工作,越过某个时间点,tun模式下dns from dhcp不再能正常工作,此时需要再来一次这个操作,tun模式下dns from dhcp就可以重新正常工作。

我对这个现象大惑不解,直到近期发现ipconfig /release + ipconfig /renew可以重置这个状态,使得tun模式下dns from dhcp从可以正常工作变得不能正常工作,不能正常工作的表现仍然是无法发送discover报文。而上文提到的“一段时间”可能就是网卡IPv4地址的过期时间。

关闭Windows Defender、Windows 防火墙、DHCP客户端服务后仍然是一样的行为,更深层的原因暂未探知。

ElemenTP avatar Jul 12 '22 10:07 ElemenTP

撸了一个用于测试的工具,核心代码如下:

package cmd

import (
	"context"
	"fmt"
	"os"

	"github.com/Dreamacro/clash/component/dhcp"
	"github.com/spf13/cobra"
)

// rootCmd represents the base command when called without any subcommands
var rootCmd = &cobra.Command{
	Use:   "dhcptest",
	Short: "A small tool to test clash dns from dhcp",
	Args:  cobra.NoArgs,
	// Uncomment the following line if your bare application
	// has an action associated with it:
	Run: func(_ *cobra.Command, _ []string) {
		var ifacename string
		for {
			_, err := fmt.Scanln(&ifacename)
			if err != nil {
				fmt.Println(err)
				continue
			}
			ips, err := dhcp.ResolveDNSFromDHCP(context.Background(), ifacename)
			if err != nil {
				fmt.Println(err)
				continue
			}
			fmt.Println(ips)
		}
	},
}

发现,在Windows下,无论clash的tun模式是开启还是关闭,dns from dhcp是正常工作还是不能正常工作,这个程序都能正常运行并返回从dhcp服务器获取到的dns服务器的地址,而且也可以触发让clash的dns from dhcp在tun模式下可以正常工作的效果。

总之,clash、wintun和windows产生了奇妙的反应,出现了一个包含两个状态的状态机,第一个状态下只有开着tun模式的clash进程没有办法发出去discover报文,导致dns from dhcp用不了;一旦有程序成功发出了discover报文,进入另一个状态,此时开着tun模式的clash进程(需要关闭再开启tun模式)也可以正常发送discover报文,dns from dhcp恢复正常。过一段时间或者用ipconfig释放网卡的配置并从dhcp重新获取会回到第一个状态。

ElemenTP avatar Jul 12 '22 15:07 ElemenTP

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days

github-actions[bot] avatar Sep 11 '22 02:09 github-actions[bot]

this issue still exists on windows and linux dhcp dns not works when tun mode is in use on linux all DNS requests failed, first error: context deadline exceeded

on windows

all DNS requests failed, first error: DHCP not responding

when using socks5 proxy and disabling tun mode works .

iamtrazy avatar Sep 26 '22 04:09 iamtrazy

this issue still exists on windows and linux dhcp dns not works when tun mode is in use on linux all DNS requests failed, first error: context deadline exceeded

on windows

all DNS requests failed, first error: DHCP not responding

when using socks5 proxy and disabling tun mode works .

我没有在linux上使用过clash,不知道在linux上是否可复现。 dns from dhcp在macOS上完全正常(ClashX/Pro,没有试过bare core)。 dns from dhcp需要从特定的网卡发送dhcp discover包,clash在linux和macOS上都是把socket bind到网卡的fd上,按理说应该不会有Windows上这种奇怪的问题。

ElemenTP avatar Oct 19 '22 12:10 ElemenTP