Xray-core
Xray-core copied to clipboard
XTLS
Reality可能引起對IP的嚴重限速
日志无任何warning或error等级的信息 服务器位置:日本 我的位置:广东 服务器为Misaka和Vultr的 目标域名非跳转用,属于可直连且不太有名气的日本网站, 搭建是否完善:是,转发80TCP与443UDP并禁回国流量。对外表现经测试与端口转发一致。 我在1月二日晚于MisakaVPS搭好Reality,但只是测试了一下,传输了很少数据。1月3日正式使用,日间平均速率在5MB/s以上,但到了接近九点的时候速度突然从6MB/s瞬间降到7000kbps左右,于是尝试其他运营商的网络,但没有差别,一样慢。尝试其他协议连其他端口,速率无任何改善。直到十一点又突然升至接近6MB/s。1.4日间没怎么用,晚七点又出现了严重限速,在两三小时后解除。又使用了一小时,限速又突然出现,约一小时后解除。十二点又有一次,持续十分钟。今天则上午十点使用十分钟就限速,于是断开連接。十二点连接半小时后速度瞬间达到7MB/s。过后又有数次限速。为了排除第一次搭Reality过程中失败連接可能的影响,我又租了一台Vultr的机器测试。这次没有任何失误,一遍就通了。但使用十分钟后即出现限速。 限速的特点:发生与解除的时间摆动很大,难以看出规律,且观察到过限速或恢复在瞬间或数秒内完成,与我以前见过的限速都完全不同。
这家对电信的回程记得是走ntt,线路爆炸是日常。用电信应该优选cn2gia。日本中国或许选双向9929比较好 我主要用联通。「这家」是指Misaka吗?Vultr的IP我知道连通性不好。
我主要用联通。「这家」是指Misaka吗?Vultr的IP我知道连通性不好。
这种情况你应该双向测一下mtr,看看丢包率。是哪级路由器丢包的,不过估计是国内省级丢的,晚高峰时被QoS很正常。
被限速根本与Reality无关
这种限速与用以前用别的协议时的限速区别明显,突然限,突然解除,自然有理由怀疑是针对Reality的。如果能针对,就说明Reality已被分析出一些特征了。 VPS部署的具体方案和限速乃至封禁当然有关系。容易被识别的就容易导致VPS被限速或封禁,像Vmess+WS+TLS就是众所周知的易封。
被限速根本与Reality无关
这种限速与用以前用别的协议时的限速区别明显,突然限,突然解除,自然有理由怀疑是针对Reality的。如果能针对,就说明Reality已被分析出一些特征了。 VPS部署的具体方案和限速乃至封禁当然有关系。容易被识别的就容易导致VPS被限速或封禁,像Vmess+WS+TLS就是众所周知的易封。
这样的结论没什么有力的依据,完全基于你个人的使用结果来推测。 Linode和Vultr的线路本来连国内就一塌糊涂,线路间歇性炸是常态。而且你也没有测试其他协议,没有任何对比。
@iKira 如果是偷大厂域名有可能会限速和暂时阻断,目前个人只在电信网络下遇到过,暂时阻断vps的任何端口都不通,大概二三十分钟解除,监守自盗并没有发现这现象
@h2ch reality可以在不改dest的情况下,随意更改客户端使用的SNI,客户端所使用的SNI只要 在reality服务器配置servernames列表里存在即可,客户端所使用的SNI不需要在 目标网站证书里存在。
一开始我对这一条 issues 感觉很可笑 直到我也开始遭遇这种情况,我用的是 CloudCone 服务器 之前一直是跑满带宽,现在速度几乎没有了
我也是cc之前能跑15万,现在稳定8万
一开始我对这一条 issues 感觉很可笑 直到我也开始遭遇这种情况,我用的是 CloudCone 服务器 之前一直是跑满带宽,现在速度几乎没有了
我也是cc之前能跑15万,现在稳定8万
I'm using Cloudcone as well. 3 day ago I downloaded about 100GB of data with reality+vision using suggested config in xray-examples (also with "stealing oneself" configurations), and I found a noticeable reduction in speed and latency with this protocol combination a day after. Previously I can keep a rtt of ~1500ms on first connection immediately, but now it exceeded 2500ms and requires about 10 seconds to be usable, with random connection drops. And the speed is also limited to around 5mb/s from originally 18mb/s. I also tested other proxies like hysteria2 and naiveproxy, but they seems to be working fine. I don't know if it's targeted at reality or is due to the unstable network traffic at the DC.
I think that the limitations are based on usage. I switched to hysteria2 for the whole day and the speed became normal now. Anyway we should wait for more evidence than guessing here XD. Because I also have some evidence about network problems of my vps provider when using hysteria so I can't make a conclusion.
My problem was solved after changing the fingerprint setting in RealityObject. I think that should be it.
Update: setting it to random almost solved the issue. So I guess the GFW or censor is targeting at chrome fingerprint as it was default in many clients.
My problem was solved after changing the
fingerprintsetting inRealityObject. I think that should be it. Update: setting it torandomalmost solved the issue. So I guess the GFW or censor is targeting at chrome fingerprint as it was default in many clients.
well i changed the fingerprint ,it looks better than before,but it also very slow thanks for your idea! it doesn't work for me,but it may work for others
More details after 2 days of observation: when using the chrome fingerprint, the speed to my vps is being limited to 100-50 kb/s. While with random settings, the speed limit no longer appears, except once I assumed it picked chrome one in random and got limit again. So maybe GFW thinks using chrome to establish a long tls connection is suspicious?
More details after 2 days of observation: when using the chrome fingerprint, the speed to my vps is being limited to 100-50 kb/s. While with random settings, the speed limit no longer appears, except once I assumed it picked chrome one in random and got limit again. So maybe GFW thinks using chrome to establish a long tls connection is suspicious?
Maybe, just today I found out that my restrictions were lifted, although I always use random, it's very baffling all in all, use random or randomized
My problem was solved after changing the
fingerprintsetting inRealityObject. I think that should be it. Update: setting it torandomalmost solved the issue. So I guess the GFW or censor is targeting at chrome fingerprint as it was default in many clients.well i changed the fingerprint ,it looks better than before,but it also very slow thanks for your idea! it doesn't work for me,but it may work for others
Now I'm in the same situation like yours, idk why it seems that I am getting speed limits not only for xtls but also other protocols like naiveproxy and hysteria. All are limited to around 8mpbs. Extremely slow. Xray logs didn't show anything besides xtls padding infos. Also changing fp doesn't work for now.
My problem was solved after changing the
fingerprintsetting inRealityObject. I think that should be it. Update: setting it torandomalmost solved the issue. So I guess the GFW or censor is targeting at chrome fingerprint as it was default in many clients.well i changed the fingerprint ,it looks better than before,but it also very slow thanks for your idea! it doesn't work for me,but it may work for others
Now I'm in the same situation like yours, idk why it seems that I am getting speed limits not only for xtls but also other protocols like naiveproxy and hysteria. All are limited to around 8mpbs. Extremely slow. Xray logs didn't show anything besides xtls padding infos. Also changing fp doesn't work for now.
I feel sorry for your situation. Currently, my hysteria2 is unrestricted, and reality fluctuates unpredictably, with no discernible pattern. If Hysteria is experiencing speed restrictions, it might be due to your ISP implementing QoS. Trying to enable port hopping could potentially improve the situation.
My problem was solved after changing the
fingerprintsetting inRealityObject. I think that should be it. Update: setting it torandomalmost solved the issue. So I guess the GFW or censor is targeting at chrome fingerprint as it was default in many clients.well i changed the fingerprint ,it looks better than before,but it also very slow thanks for your idea! it doesn't work for me,but it may work for others
Now I'm in the same situation like yours, idk why it seems that I am getting speed limits not only for xtls but also other protocols like naiveproxy and hysteria. All are limited to around 8mpbs. Extremely slow. Xray logs didn't show anything besides xtls padding infos. Also changing fp doesn't work for now.
I feel sorry for your situation. Currently, my hysteria2 is unrestricted, and reality fluctuates unpredictably, with no discernible pattern. If Hysteria is experiencing speed restrictions, it might be due to your ISP implementing QoS. Trying to enable port hopping could potentially improve the situation.
Port hopping doesn't work either 😔, already set interval to 5secs but still getting qos. The same goes to mieru udp. Ig the only thing I can do is to wait.
好线路,偷自己,n个机,没遇到
I took a look at my neighbours at Cloudcone DC1 LAX, and here's what i got. Ig I probably doesn't meet the requirement "good network line" you said. The ip range is already very suspicious.
我也沒有遇到使用reality會遭到GFW限速的問題,不同商家(名氣大小均有)+ 不同位置(遠到los近到hk)+ 不同路線(163-cn2/9929)都已經測試 如果只是個別出現的現象,那就是個別人本身的問題
~~R佬多次強調在你經過驗證,100%確認是reality的問題之前,不要總想起個聳動的標題搞個大新聞。~~
我也沒有遇到使用reality會遭到GFW限速的問題,不同商家(名氣大小均有)+不同位置(遠到los近到hk)都已經測試 如果只是個別出現的現象,那就是個別人本身的問題
~R佬多次強調在你經過驗證,100%確認是reality的問題之前,不要總想起個聳動的標題搞個大新聞。~
所以issue的提出者才希望大家这下面讨论,看看是只有自己这样还是大家都这样不是吗? 另外标题带有“可能”两个字,不知道这算什么耸动的标题搞新闻