search

2dust / v2rayN

A GUI client for Windows, support Xray core and v2fly core and others
https://1.2345345.xyz
GNU General Public License v3.0
69.33k stars 11.48k forks source link

[Feature request]: 改善 sing-box 的DNS设置与 DNS rule #4908

Closed choicky closed 7 months ago

choicky commented 7 months ago

相关问题

默认DNS方案定义了remote和local的DNS服务器,但实际上绝大部分域名都走了local_local

描述你希望的解决方案

设置合理的rule,让国内走local,国外走remote

描述你所考虑的替代方案

设置合理的rule,让国内走local,国外走remote

我确认已查询历史issues

choicky commented 7 months ago

v2rayN 使用 sing-box 核心,启用 tun 之后,将某个服务器的设置导出来作为客户端设置,就看到如下内容:

  "dns": {
    "servers": [
      {
        "tag": "remote",
        "address": "脱敏",
        "detour": "proxy"
      },
      {
        "tag": "local",
        "address": "脱敏",
        "detour": "direct"
      },
      {
        "tag": "block",
        "address": "rcode://success"
      },
      {
        "tag": "local_local",
        "address": "脱敏",
        "detour": "direct"
      }
    ],
    "rules": [
      {
        "server": "local",
        "disable_cache": true,
        "geosite": [
          "cn"
        ]
      },
      {
        "server": "block",
        "disable_cache": true,
        "geosite": [
          "category-ads-all"
        ]
      },
      {
        "outbound": "any",
        "server": "local_local"
      }
    ],
    "strategy": "ipv4_only"
  }

相当于虽然设置了 remotelocal 的服务器,但主用的依然是 local_local,不太合理的样子。 我的理解是, remotelocal 可以填写 DOH 之类的,然后 local_local 仅用于解析 remotelocal 的DOH。

但是, local_local 是系统内置的,即使我手动定制 dns ,最终也依然是这个规则。

2dust commented 7 months ago

您可以提供一个更好的rule 测试后没有问题可以作为默认rule加入

2dust commented 7 months ago

参考这里 https://github.com/chika0801/sing-box-examples/tree/main/Tun

choicky commented 7 months ago 
{
    "servers": [
        {
            "tag": "local-dns",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },
        {
            "tag": "block",
            "address": "rcode://success"
        },
        {
            "tag": "dns-resolver",
            "address": "223.5.5.5",
            "detour": "direct"
        }
    ],
    "rules": [
        {
            "rule_set": [
                "geosite-wechat",
                "geosite-bilibili",
                "geosite-tencent",
                "geosite-cn",
                "geosite-geolocation-cn"
            ],
            "server": "local-dns"
        },
        {
            "outbound": "any",
            "server": "local-dns"
        }
    ],
    "final": "remote-dns",
    "strategy": "prefer_ipv4"
}
2dust commented 7 months ago 

{
    "servers": [
        {
            "tag": "local-dns",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },
        {
            "tag": "block",
            "address": "rcode://success"
        },
        {
            "tag": "dns-resolver",
            "address": "223.5.5.5",
            "detour": "direct"
        }
    ],
    "rules": [
        {
            "rule_set": [
                "geosite-wechat",
                "geosite-bilibili",
                "geosite-tencent",
                "geosite-cn",
                "geosite-geolocation-cn"
            ],
            "server": "local-dns"
        },
        {
            "outbound": "any",
            "server": "local-dns"
        }
    ],
    "final": "remote-dns",
    "strategy": "prefer_ipv4"
}

把你这个dns中的rule_set改成geosite,然后贴入是可以运行的。 但是下面这个规则将导致后面的 final 不起作用

{
        "outbound": "any",
        "server": "local-dns"
      },
2dust commented 7 months ago

如下的规则可能可以

{
    "servers": [
        {
            "tag": "local-dns",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },
        {
            "tag": "block",
            "address": "rcode://success"
        },
        {
            "tag": "dns-resolver",
            "address": "223.5.5.5",
            "detour": "direct"
        }
    ],
    "rules": [
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns"
        },
        {
            "outbound": "any",
            "server": "local-dns"
        }
    ],
    "final": "remote-dns",
    "strategy": "prefer_ipv4"
}
dNEryno commented 7 months ago

我也是想改一下DNS,就发现了这个帖子。顶一个。

dNEryno commented 7 months ago

如下的规则可能可以

{
    "servers": [
        {
            "tag": "local-dns",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },
        {
            "tag": "block",
            "address": "rcode://success"
        },
        {
            "tag": "dns-resolver",
            "address": "223.5.5.5",
            "detour": "direct"
        }
    ],
    "rules": [
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns"
        },
        {
            "outbound": "any",
            "server": "local-dns"
        }
    ],
    "final": "remote-dns",
    "strategy": "prefer_ipv4"
}

如果想加多一个本地还有远程DNS,怎么修改呢?

dNEryno commented 7 months ago

{ "servers": [ { "tag": "local-dns", "address": ["tls://dns.alidns.com","tls://dot.pub"], "address_resolver":"dns-resolver", "detour": "direct" }, { "tag": "remote-dns", "address": ["tls://dns.quad9.net","tls://security.cloudflare-dns.com"], "address_resolver": "dns-resolver", "detour": "proxy" }, { "tag": "block", "address": "rcode://success" }, { "tag": "dns-resolver", "address": "223.5.5.5", "detour": "direct" } ], "rules": [ { "geosite": ["geolocation-!cn"], "server": ["remote-dns"] }, { "outbound": "any", "server": ["local-dns"] } ], "final": "remote-dns", "strategy": "prefer_ipv4" }

不对

choicky commented 7 months ago

我查了一下资料,目前不太明白 dns 里面的 finaldns-rule 里面的 outbound 的关系... 如果这两者是冲突的,是不是只设置其中之一即可?

把你这个dns中的rule_set改成geosite,然后贴入是可以运行的。 但是下面这个规则将导致后面的 final 不起作用

{
       "outbound": "any",
       "server": "local-dns"
     },
choicky commented 7 months ago

如果想加多一个本地还有远程DNS,怎么修改呢?

{ "servers": [ { "tag": "local-dns", "address": ["tls://dns.alidns.com","tls://dot.pub"], "address_resolver":"dns-resolver", "detour": "direct" }, { "tag": "remote-dns", "address": ["tls://dns.quad9.net","tls://security.cloudflare-dns.com"], "address_resolver": "dns-resolver", "detour": "proxy" }, { "tag": "block", "address": "rcode://success" }, { "tag": "dns-resolver", "address": "223.5.5.5", "detour": "direct" } ], "rules": [ { "geosite": ["geolocation-!cn"], "server": ["remote-dns"] }, { "outbound": "any", "server": ["local-dns"] } ], "final": "remote-dns", "strategy": "prefer_ipv4" }

不对

我也尝试过每个 address 配置两个服务器,即使用 sing-box run 来测试,也是报错的。可能 sing-boxdnsserver 目前尚未支持。

2dust commented 7 months ago

address 只能是一个地址,不能多个 如下面的这样可以,但是rules是从上到下顺序,第二个不会被匹配到


{
    "servers": [
        {
            "tag": "local-dns",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },{
            "tag": "local-dns2",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns2",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },
        {
            "tag": "block",
            "address": "rcode://success"
        },
        {
            "tag": "dns-resolver",
            "address": "223.5.5.5",
            "detour": "direct"
        }
    ],
    "rules": [
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns"
        },
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns2"
        },
        {
            "outbound": "any",
            "server": "local-dns"
        }
    ],
    "final": "remote-dns",
    "strategy": "prefer_ipv4"
}
dNEryno commented 7 months ago

address 只能是一个地址,不能多个 如下面的这样可以,但是rules是从上到下顺序,第二个不会被匹配到


{
    "servers": [
        {
            "tag": "local-dns",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },{
            "tag": "local-dns2",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns2",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },
        {
            "tag": "block",
            "address": "rcode://success"
        },
        {
            "tag": "dns-resolver",
            "address": "223.5.5.5",
            "detour": "direct"
        }
    ],
    "rules": [
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns"
        },
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns2"
        },
        {
            "outbound": "any",
            "server": "local-dns"
        }
    ],
    "final": "remote-dns",
    "strategy": "prefer_ipv4"
}

意思就是如果remote1可以用,remote2就没生效吗?

2dust commented 7 months ago

是的,sing-box和clash系不同,只有一个dns生效就够了

dNEryno commented 7 months ago

是的,sing-box和clash系不同,只有一个dns生效就够了

好的,另外斗鱼啥的都走代理,我规则里也有geosite:cn 是direct ,为啥还走代理呀。。

choicky commented 7 months ago

是的,sing-box和clash系不同,只有一个dns生效就够了

好的,另外斗鱼啥的都走代理,我规则里也有geosite:cn 是direct ,为啥还走代理呀。。

我也遇到设置了 geosite:cngeoip:cn 直连、其他proxy的情况下,有些国内网站依然走proxy的情况。我发现把 geosite:geolocation-cn 也列入直连之后,基本上能避免那个问题。

另外,sing-box 1.8 之后,官方就推荐使用 rule_set 而不是 geosite了。希望 v2rayN 后续能跟进。 ref: https://sing-box.sagernet.org/zh/configuration/route/geosite/

2dust commented 7 months ago

在pc上,rule_set并没有太多好处,很可能会因为下载srs文件失败导致很多问题

GibMeMyPacket commented 7 months ago

Geosite doesn't work anymore with the latest versions of Singbox and so routing is not working much in V2rayN Tun mode, We need to use rule_set to use the geosite files.

2dust commented 7 months ago

https://github.com/2dust/v2rayN/releases/tag/6.43

paladin4fan commented 5 months ago

address 只能是一个地址,不能多个 如下面的这样可以,但是rules是从上到下顺序,第二个不会被匹配到


{
    "servers": [
        {
            "tag": "local-dns",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },{
            "tag": "local-dns2",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns2",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },
        {
            "tag": "block",
            "address": "rcode://success"
        },
        {
            "tag": "dns-resolver",
            "address": "223.5.5.5",
            "detour": "direct"
        }
    ],
    "rules": [
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns"
        },
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns2"
        },
        {
            "outbound": "any",
            "server": "local-dns"
        }
    ],
    "final": "remote-dns",
    "strategy": "prefer_ipv4"
}

应该是在rule里面用logical and把两个规则连起来 而不是上下关系 但是不得不说这样的写法确实不如在一个dns tag里面写多个地址并发查询来的快

kilvn commented 1 month ago

address 只能是一个地址,不能多个 如下面的这样可以,但是rules是从上到下顺序,第二个不会被匹配到


{
    "servers": [
        {
            "tag": "local-dns",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },{
            "tag": "local-dns2",
            "address": "https://dns.alidns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "direct"
        },
        {
            "tag": "remote-dns2",
            "address": "https://cloudflare-dns.com/dns-query",
            "address_resolver": "dns-resolver",
            "detour": "proxy"
        },
        {
            "tag": "block",
            "address": "rcode://success"
        },
        {
            "tag": "dns-resolver",
            "address": "223.5.5.5",
            "detour": "direct"
        }
    ],
    "rules": [
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns"
        },
        {
            "geosite": [
                "geolocation-!cn"
            ],
            "server": "remote-dns2"
        },
        {
            "outbound": "any",
            "server": "local-dns"
        }
    ],
    "final": "remote-dns",
    "strategy": "prefer_ipv4"
}

应该是在rule里面用logical and把两个规则连起来 而不是上下关系 但是不得不说这样的写法确实不如在一个dns tag里面写多个地址并发查询来的快

照猫画虎写了份,愣是没看懂rules里面一模一样的2个remote-dns起了什么作用

{
  "servers": [
    {
      "tag": "remote",
      "address": "https://cloudflare-dns.com/dns-query",
      "address_resolver": "dns-resolver",
      "detour": "proxy"
    },
    {
      "tag": "local",
      "address": "https://dns.alidns.com/dns-query",
      "address_resolver": "dns-resolver",
      "detour": "direct"
    },
    {
      "tag": "block",
      "address": "rcode://success"
    },
    {
      "tag": "dns-resolver",
      "address": "223.5.5.5",
      "detour": "direct"
    }
  ],
  "rules": [
    {
      "rule_set": [
        "geosite-geolocation-!cn"
      ],
      "server": "remote"
    },
    {
      "outbound": "any",
      "server": "local"
    },
    {
      "rule_set": [
        "geosite-category-ads-all"
      ],
      "server": "block"
    }
  ],
  "final": "remote",
  "strategy": "prefer_ipv6"
}
choicky commented 1 month ago

我最近发现官方的 mannual 示例就挺好的,且不存在 Google Play 无法下载app的问题。

Ref: https://sing-box.sagernet.org/manual/proxy/client/

choicky commented 1 month ago

按我之前查到的资料,下面这个 any 只用于节点的域名解析;所以,你目前的 rule 很可能导致其他域名全部都是用 remote 解析了,因为你没有定义 direct 负责解析的域名范围。

    {
      "outbound": "any",
      "server": "local"
    },

照猫画虎写了份,愣是没看懂rules里面一模一样的2个remote-dns起了什么作用

{
  "servers": [
    {
      "tag": "remote",
      "address": "https://cloudflare-dns.com/dns-query",
      "address_resolver": "dns-resolver",
      "detour": "proxy"
    },
    {
      "tag": "local",
      "address": "https://dns.alidns.com/dns-query",
      "address_resolver": "dns-resolver",
      "detour": "direct"
    },
    {
      "tag": "block",
      "address": "rcode://success"
    },
    {
      "tag": "dns-resolver",
      "address": "223.5.5.5",
      "detour": "direct"
    }
  ],
  "rules": [
    {
      "rule_set": [
        "geosite-geolocation-!cn"
      ],
      "server": "remote"
    },
    {
      "outbound": "any",
      "server": "local"
    },
    {
      "rule_set": [
        "geosite-category-ads-all"
      ],
      "server": "block"
    }
  ],
  "final": "remote",
  "strategy": "prefer_ipv6"
}
kilvn commented 1 month ago

按我之前查到的资料,下面这个 any 只用于节点的域名解析;所以,你目前的 rule 很可能导致其他域名全部都是用 remote 解析了,因为你没有定义 direct 负责解析的域名范围。

   {
     "outbound": "any",
     "server": "local"
   },

照猫画虎写了份,愣是没看懂rules里面一模一样的2个remote-dns起了什么作用

{
  "servers": [
    {
      "tag": "remote",
      "address": "https://cloudflare-dns.com/dns-query",
      "address_resolver": "dns-resolver",
      "detour": "proxy"
    },
    {
      "tag": "local",
      "address": "https://dns.alidns.com/dns-query",
      "address_resolver": "dns-resolver",
      "detour": "direct"
    },
    {
      "tag": "block",
      "address": "rcode://success"
    },
    {
      "tag": "dns-resolver",
      "address": "223.5.5.5",
      "detour": "direct"
    }
  ],
  "rules": [
    {
      "rule_set": [
        "geosite-geolocation-!cn"
      ],
      "server": "remote"
    },
    {
      "outbound": "any",
      "server": "local"
    },
    {
      "rule_set": [
        "geosite-category-ads-all"
      ],
      "server": "block"
    }
  ],
  "final": "remote",
  "strategy": "prefer_ipv6"
}

谢谢回复,明白了