v2ray-core
v2ray-core copied to clipboard
v2fly
透明代理 dns异常
你正在使用哪个版本的 V2Ray?
v5.14.1
你的使用场景是什么?
v2ray透明代理
你看到的异常现象是什么?
异常1. 终端设备dns设置为8.8.8.8,1.1.1.1,等非大陆dns时,出现大量如下警告:
[Warning] [3269249056] app/dispatcher: default route for tcp:b1sync.zemanta.com:443
异常2. 终端设备dns设置为223.5.5.5,192.168.1.254,等大陆dns或任意内网ip时,出现大量如下警告:
[Warning] [3970399347] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: [dial tcp “vmess服务器地址:端口”: operation was canceled] > common/retry: all retry attempts failed
出现警告时访问所有网站及应用均无问题,同样的配置文件在xray-core下无上述警告
异常1测试:域名“b1sync.zemanta.com”经过其他网络环境多个dns测试下可以解析出ip。rule有完整的ip匹配规则,在当前配置下v2ray并没有解析出此域名的ip,导致走默认出站代理。
异常2测试:添加多个vmess出站配置,并将dns-out的proxySettings分别设置为不同的出站,并将rule下域名和ip匹配规则的出站设置为与dns-out proxySettings相反,发现警告是由dns-out导致的。
你期待看到的正常表现是怎样的?
无警告
请附上你的配置
客户端v2ray配置:
{
"inbounds": [
{
"tag":"transparent",
"listen": "127.0.0.1",
"port": 12345,
"protocol": "dokodemo-door",
"settings": {
"network": "tcp,udp",
"followRedirect": true
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
]
},
"streamSettings": {
"sockopt": {
"tproxy": "tproxy"
}
}
}
],
"outbounds": [
{
"tag": "direct",
"protocol": "freedom",
"settings": {
"domainStrategy": "UseIPv4"
}
},
{
"tag": "proxy",
"protocol": "vmess",
"vmess参数",
"streamSettings": {
"network": "tcp"
}
},
{
"tag": "dns-out",
"protocol": "dns",
"settings": {
"network": "udp",
"address": "8.8.8.8",
"port": 53
},
"proxySettings": {
"tag": "proxy"
}
}
],
"dns": {
"queryStrategy": "UseIPv4",
"servers": [
"8.8.8.8",
{
"address": "223.5.5.5",
"domains": ["geosite:cn"],
"skipFallback": true
}
]
},
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": [
{
"type": "field",
"inboundTag": ["transparent"],
"port": 53,
"outboundTag": "dns-out"
},
{
"type": "field",
"domain": ["geosite:cn"],
"outboundTag": "direct"
},
{
"type": "field",
"domain": ["geosite:geolocation-!cn"],
"outboundTag": "proxy"
},
{
"type": "field",
"ip": ["geoip:cn"],
"outboundTag": "direct"
},
{
"type": "field",
"ip": ["geoip:!cn"],
"outboundTag": "proxy"
}
]
}
}
客户端路由及防火墙配置:
# “helper_lan” 规则容器链,钩子在prerouting,匹配入口设备为br_lan
ip rule add fwmark 50 table 50
ip route add local 0.0.0.0/0 dev lo table 50
nft add rule inet fw4 helper_lan meta nfproto !=ipv4 return
nft add rule inet fw4 helper_lan meta l4proto udp ip daddr { 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 } udp dport != 53 return
nft add rule inet fw4 helper_lan meta l4proto tcp ip daddr { 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 } tcp dport != 53 return
nft add rule inet fw4 helper_lan meta l4proto {tcp, udp} meta mark set 50 tproxy ip to 127.0.0.1:12345 accept
试试解答问题(1)
[Warning] [3269249056] app/dispatcher: default route for tcp:b1sync.zemanta.com:443
试试修改 routing
由
{
"type": "field",
"domain": ["geosite:cn"],
"outboundTag": "direct"
},
{
"type": "field",
"domain": ["geosite:geolocation-!cn"],
"outboundTag": "proxy"
},
到
{
"type": "field",
"domains": ["geosite:cn"],
"outboundTag": "direct"
},
{
"type": "field",
"domains": ["geosite:geolocation-!cn"],
"outboundTag": "proxy"
},
改: "domain -> domains
试试解答问题(2)
[Warning] [3970399347] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: [dial tcp “vmess服务器地址:端口”: operation was canceled] > common/retry: all retry attempts failed
看是dns不能解释 试试在dns内加入host纪录 如vmess address 是 vps.address.com
"hosts": {
"vps.address.com": "x.x.x.x"
},
This issue is stale because it has been open 120 days with no activity. Remove stale label or comment or this will be closed in 5 days
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}