search

Mahdi-zarei / nekoray

Qt based cross-platform GUI proxy configuration manager (backend: sing-box)
GNU General Public License v3.0
526 stars 33 forks source link

Why isn't Remote DNS working? #205

Open ndiruhniu opened 1 month ago

ndiruhniu commented 1 month ago

I have these parameters: pic1

And only the wireguard protocol uses them. For example, a couple of lines from the log when connecting via wireguard:

INFO[0404] [3775256041 0ms] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:55022 INFO[0404] [3775256041 0ms] inbound/mixed[mixed-in]: inbound connection to github.com:443 INFO[0404] [3775256041 1ms] outbound/wireguard[proxy]: outbound connection to 116.202.176.26:853 INFO[0404] [3775256041 213ms] dns: exchanged github.com A github.com. 51 IN A 140.82.121.4 INFO[0404] [3775256041 214ms] dns: lookup succeed for github.com: 140.82.121.4 INFO[0404] [3775256041 214ms] outbound/wireguard[proxy]: outbound connection to 140.82.121.4:443 INFO[0405] [4125654795 0ms] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:55024 INFO[0405] [4125654795 0ms] inbound/mixed[mixed-in]: inbound connection to api.github.com:443 INFO[0405] [4125654795 1ms] outbound/wireguard[proxy]: outbound connection to 116.202.176.26:853 INFO[0406] [4125654795 329ms] dns: exchanged api.github.com A api.github.com. 24 IN A 140.82.121.6 INFO[0406] [4125654795 329ms] dns: lookup succeed for api.github.com: 140.82.121.6 INFO[0406] [4125654795 329ms] outbound/wireguard[proxy]: outbound connection to 140.82.121.6:443

And now via shadowsocks:

INFO[0003] [1880060277 0ms] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:41704 INFO[0003] [1880060277 0ms] inbound/mixed[mixed-in]: inbound connection to github.com:443 INFO[0003] [1880060277 1ms] outbound/shadowsocks[proxy]: outbound connection to github.com:443 INFO[0004] [3964320041 0ms] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:41712 INFO[0004] [3964320041 0ms] inbound/mixed[mixed-in]: inbound connection to api.github.com:443 INFO[0004] [3964320041 1ms] outbound/shadowsocks[proxy]: outbound connection to api.github.com:443

Am I doing something wrong? If so, what?

Restia-Ashbell commented 1 month ago

When using only the system proxy, if no domain strategy is specified, the domains used for the proxy will not be resolved and sent directly to the remote server. WireGuard does not allow passing domains, so they must be resolved in advance.

ndiruhniu commented 1 month ago

But why is nothing resolving at all? It also causes a DNS leak.

ndiruhniu commented 1 month ago

Let me rephrase the question: how can I use my DNS on other protocols in proxy mode (since in Tun Mode the DNS works fine)?

Mahdi-zarei commented 1 month ago

Let me rephrase the question: how can I use my DNS on other protocols in proxy mode (since in Tun Mode the DNS works fine)?

Set inbound domain strategy.

ndiruhniu commented 1 month ago

Yes, that's how it works, but I still don't understand why. That is, why in Tun Mode inbound domain strategy doesn't need to be touched and DNS requests will go through, but not in Proxy?