search

Mahdi-zarei / nekoray

Qt based cross-platform GUI proxy configuration manager (backend: sing-box)
GNU General Public License v3.0
480 stars 32 forks source link

Why isn't Remote DNS working? #205

Open ndiruhniu opened 2 weeks ago

ndiruhniu commented 2 weeks ago

I have these parameters: pic1

And only the wireguard protocol uses them. For example, a couple of lines from the log when connecting via wireguard:

INFO[0404] [3775256041 0ms] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:55022 INFO[0404] [3775256041 0ms] inbound/mixed[mixed-in]: inbound connection to github.com:443 INFO[0404] [3775256041 1ms] outbound/wireguard[proxy]: outbound connection to 116.202.176.26:853 INFO[0404] [3775256041 213ms] dns: exchanged github.com A github.com. 51 IN A 140.82.121.4 INFO[0404] [3775256041 214ms] dns: lookup succeed for github.com: 140.82.121.4 INFO[0404] [3775256041 214ms] outbound/wireguard[proxy]: outbound connection to 140.82.121.4:443 INFO[0405] [4125654795 0ms] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:55024 INFO[0405] [4125654795 0ms] inbound/mixed[mixed-in]: inbound connection to api.github.com:443 INFO[0405] [4125654795 1ms] outbound/wireguard[proxy]: outbound connection to 116.202.176.26:853 INFO[0406] [4125654795 329ms] dns: exchanged api.github.com A api.github.com. 24 IN A 140.82.121.6 INFO[0406] [4125654795 329ms] dns: lookup succeed for api.github.com: 140.82.121.6 INFO[0406] [4125654795 329ms] outbound/wireguard[proxy]: outbound connection to 140.82.121.6:443

And now via shadowsocks:

INFO[0003] [1880060277 0ms] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:41704 INFO[0003] [1880060277 0ms] inbound/mixed[mixed-in]: inbound connection to github.com:443 INFO[0003] [1880060277 1ms] outbound/shadowsocks[proxy]: outbound connection to github.com:443 INFO[0004] [3964320041 0ms] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:41712 INFO[0004] [3964320041 0ms] inbound/mixed[mixed-in]: inbound connection to api.github.com:443 INFO[0004] [3964320041 1ms] outbound/shadowsocks[proxy]: outbound connection to api.github.com:443

Am I doing something wrong? If so, what?

Restia-Ashbell commented 2 weeks ago

When using only the system proxy, if no domain strategy is specified, the domains used for the proxy will not be resolved and sent directly to the remote server. WireGuard does not allow passing domains, so they must be resolved in advance.

ndiruhniu commented 2 weeks ago

But why is nothing resolving at all? It also causes a DNS leak.

ndiruhniu commented 2 weeks ago

Let me rephrase the question: how can I use my DNS on other protocols in proxy mode (since in Tun Mode the DNS works fine)?

Mahdi-zarei commented 2 weeks ago

Let me rephrase the question: how can I use my DNS on other protocols in proxy mode (since in Tun Mode the DNS works fine)?

Set inbound domain strategy.

ndiruhniu commented 2 weeks ago

Yes, that's how it works, but I still don't understand why. That is, why in Tun Mode inbound domain strategy doesn't need to be touched and DNS requests will go through, but not in Proxy?