[Bug] vless节点远程解析DNS概率连接异常

[msbtx]

Verify steps

• [X] 我已经阅读了 文档，了解所有我编写的配置文件项的含义，而不是大量堆砌看似有用的选项或默认值。
• [X] 我未仔细看过 文档 并解决问题
• [ ] 我未在 Issue Tracker 中寻找过我要提出的问题
• [X] 我已经使用最新的 Alpha 分支版本测试过，问题依旧存在
• [X] 我提供了可以在本地重现该问题的服务器、客户端配置文件与流程，而不是一个脱敏的复杂客户端配置文件。
• [X] 我提供了可用于重现我报告的错误的最简配置，而不是依赖远程服务器、TUN、图形界面客户端或者其他闭源软件。
• [X] 我提供了完整的配置文件与日志，而不是出于对自身智力的自信而仅提供了部分认为有用的部分。

操作系统

Linux

系统版本

Linux RT-AX86U-3C08 4.1.52 #2 SMP PREEMPT Sat Sep 28 19:20:15 CST 2024 aarch64 RT-AX86U_Koolcenter_mod

Mihomo 版本

Mihomo Meta v1.18.9 linux arm64 with go1.23.1 Sun Sep 29 09:46:07 UTC 2024 Use tags: with_gvisor

配置文件

proxies:
  - {name: 🇺🇸 US_DV, server: xxx, port: 443, client-fingerprint: safari, type: vless, uuid: xxx, tls: true, tfo: false, servername: xxx, skip-cert-verify: false, network: ws, ws-opts: {path: /xxx, headers: {Host: xxx}}, udp: true}

proxy-groups:
  - name: ♻️ 手动切换2
    type: select
    proxies:
      - 🇺🇸 US_DV

port: 3333
socks-port: 23456
redir-port: 23457
allow-lan: true
mode: rule
log-level: error
external-controller: 192.168.20.1:9990
experimental:
  ignore-resolve-fail: true
  quic-go-disable-ecn: true
external-ui: dashboard
external-ui-name: metacubexd
secret: "clash"
profile:
  store-selected: true
  store-fake-ip: true
ipv6: false

hosts:
  services.googleapis.cn: 74.125.193.94
  time.android.com: 203.107.6.88

routing-mark: 255

dns:
  enable: true
  ipv6: false
  listen: :23453
  enhanced-mode: redir-host
  prefer-h3: true
  nameserver-policy:
    "geosite:private,cn,apple-cn": 
      - 202.103.24.68
      - 202.103.44.150
    "geosite:netflix": 
      - 8.8.8.8#♻️ 手动切换3
      - 1.1.1.1#♻️ 手动切换3
  nameserver:
    - 8.8.8.8#♻️ 手动切换2
    - 1.1.1.1#♻️ 手动切换2

tproxy: true
tproxy-port: 23458

描述

这个问题的表现就是DNS解析偶尔卡顿，有的网站出现DNS泄露。同时log报warn：dial xxx error: new vless client error: read tcp

我只记得以前1.16版本是好的，具体什么版本出现的不清楚。

服务端nginx前置tls+ws转xray vless。xray版本：Xray 24.9.30 (Xray, Penetrates Everything.) 3b06af8 (go1.23.1 linux/amd64)

Mihomo报warning的时候，xray log里面可以同步看到异常打印：

重现方式

使用代理节点远程解析UDP类型DNS，较高概率出现

日志

24-10-18 00:12:02[ info ][TCP] 192.168.20.33:1409 --> ssl.gstatic.com:443 match DomainSuffix(gstatic.com) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:12:02[ info ][TCP] 192.168.20.33:1408 --> clients4.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:12:01[ debug ]use specified fingerprint:Safari 24-10-18 00:12:01[ debug ][DNS] ssl.gstatic.com --> [] HTTPS from udp://202.103.44.150:53 24-10-18 00:12:01[ debug ][DNS] ssl.gstatic.com --> [] HTTPS from udp://202.103.24.68:53 24-10-18 00:12:01[ debug ][Rule] use default rules 24-10-18 00:12:01[ debug ][DNS] resolve ssl.gstatic.com HTTPS from udp://202.103.24.68:53 24-10-18 00:12:01[ debug ][DNS] resolve ssl.gstatic.com HTTPS from udp://202.103.44.150:53 24-10-18 00:12:01[ debug ][DNS] cache hit ssl.gstatic.com --> [] HTTPS, expire at 2024-10-18 00:10:13 24-10-18 00:12:01[ debug ]use specified fingerprint:Safari 24-10-18 00:12:01[ debug ][Rule] use default rules 24-10-18 00:12:01[ debug ][DNS] ogs.google.com --> [] HTTPS from udp://1.1.1.1:53 24-10-18 00:12:01[ info ][TCP] 192.168.20.33:1404 --> ogs.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:12:01[ info ][UDP] mihomo --> 8.8.8.8:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:12:00[ info ][UDP] mihomo --> 1.1.1.1:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:12:00[ debug ]use specified fingerprint:Safari 24-10-18 00:12:00[ debug ]use specified fingerprint:Safari 24-10-18 00:12:00[ debug ]use specified fingerprint:Safari 24-10-18 00:12:00[ info ][TCP] 192.168.20.33:1407 --> dldir1v6.qq.com:443 match DomainSuffix(qq.com) using 🇨🇳 国内网站[DIRECT] 24-10-18 00:12:00[ debug ][DNS] cache hit dldir1v6.qq.com --> [58.42.63.107 58.42.59.234] A, expire at 2024-10-18 00:12:58 24-10-18 00:12:00[ debug ][Rule] use default rules 24-10-18 00:12:00[ debug ][DNS] dldir1v6.qq.com --> [1.194.172.175 1.194.172.174] A from udp://202.103.24.68:53 24-10-18 00:12:00[ debug ][DNS] dldir1v6.qq.com --> [58.42.63.107 58.42.59.234] A from udp://202.103.44.150:53 24-10-18 00:12:00[ debug ][Rule] use default rules 24-10-18 00:12:00[ debug ][DNS] resolve dldir1v6.qq.com A from udp://202.103.24.68:53 24-10-18 00:12:00[ debug ][DNS] resolve dldir1v6.qq.com A from udp://202.103.44.150:53 24-10-18 00:12:00[ debug ][DNS] resolve ogs.google.com HTTPS from udp://8.8.8.8:53 24-10-18 00:12:00[ debug ][DNS] resolve ogs.google.com HTTPS from udp://1.1.1.1:53 24-10-18 00:12:00[ debug ][DNS] cache hit ogs.google.com --> [] HTTPS, expire at 2024-10-18 00:09:23 24-10-18 00:11:58[ info ][TCP] 192.168.20.33:1400 --> play.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:58[ info ][TCP] 192.168.20.33:1402 --> play.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:58[ info ][TCP] 192.168.20.33:1401 --> play.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:58[ debug ][DNS] play.google.com --> [] HTTPS from udp://1.1.1.1:53 24-10-18 00:11:58[ debug ]use specified fingerprint:Safari 24-10-18 00:11:58[ debug ]use specified fingerprint:Safari 24-10-18 00:11:58[ debug ]use specified fingerprint:Safari 24-10-18 00:11:58[ info ][UDP] mihomo --> 8.8.8.8:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:58[ info ][UDP] mihomo --> 1.1.1.1:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:57[ info ][TCP] 192.168.20.33:1399 --> play.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:57[ debug ][Rule] use default rules 24-10-18 00:11:57[ debug ][Rule] use default rules 24-10-18 00:11:57[ debug ][Rule] use default rules 24-10-18 00:11:57[ debug ]use specified fingerprint:Safari 24-10-18 00:11:57[ debug ]use specified fingerprint:Safari 24-10-18 00:11:57[ debug ]use specified fingerprint:Safari 24-10-18 00:11:57[ warn ][UDP] dial ♻️ 手动切换2 mihomo --> 8.8.8.8:53 error: new vless client error: read tcp 27.16.208.60:38775->154.7.182.96:443: use of closed network connection 24-10-18 00:11:57[ debug ][DNS] accounts.google.com --> [] HTTPS from udp://1.1.1.1:53 24-10-18 00:11:57[ debug ][Rule] use default rules 24-10-18 00:11:57[ info ][TCP] 192.168.20.33:1398 --> accounts.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:57[ debug ][DNS] resolve play.google.com HTTPS from udp://1.1.1.1:53 24-10-18 00:11:57[ debug ][DNS] resolve play.google.com HTTPS from udp://8.8.8.8:53 24-10-18 00:11:57[ debug ][DNS] cache hit play.google.com --> [] HTTPS, expire at 2024-10-18 00:10:09 24-10-18 00:11:57[ info ][UDP] mihomo --> 1.1.1.1:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:57[ debug ]use specified fingerprint:Safari 24-10-18 00:11:57[ debug ]use specified fingerprint:Safari 24-10-18 00:11:57[ debug ]use specified fingerprint:Safari 24-10-18 00:11:57[ debug ][DNS] ogads-pa.clients6.google.com --> [] HTTPS from udp://1.1.1.1:53 24-10-18 00:11:57[ warn ][UDP] dial ♻️ 手动切换2 mihomo --> 8.8.8.8:53 error: new vless client error: read tcp 27.16.208.60:38770->154.7.182.96:443: use of closed network connection 24-10-18 00:11:57[ debug ][DNS] waa-pa.clients6.google.com --> [] HTTPS from udp://1.1.1.1:53 24-10-18 00:11:57[ debug ][DNS] ogads-pa.clients6.google.com --> [142.250.72.170] A from udp://1.1.1.1:53 24-10-18 00:11:57[ debug ][Rule] use default rules 24-10-18 00:11:57[ debug ][DNS] resolve accounts.google.com HTTPS from udp://8.8.8.8:53 24-10-18 00:11:57[ debug ][DNS] resolve accounts.google.com HTTPS from udp://1.1.1.1:53 24-10-18 00:11:57[ debug ][DNS] cache hit accounts.google.com --> [] HTTPS, expire at 2024-10-18 00:10:01 24-10-18 00:11:57[ info ][UDP] mihomo --> 8.8.8.8:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:57[ info ][TCP] 192.168.20.33:1397 --> waa-pa.clients6.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:57[ info ][TCP] 192.168.20.33:1396 --> ogads-pa.clients6.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:57[ info ][UDP] mihomo --> 1.1.1.1:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:57[ info ][UDP] mihomo --> 8.8.8.8:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:56[ info ][UDP] mihomo --> 1.1.1.1:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:56[ info ][UDP] mihomo --> 1.1.1.1:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:56[ debug ]use specified fingerprint:Safari 24-10-18 00:11:56[ debug ]use specified fingerprint:Safari 24-10-18 00:11:56[ debug ]use specified fingerprint:Safari 24-10-18 00:11:56[ debug ]use specified fingerprint:Safari 24-10-18 00:11:56[ debug ]use specified fingerprint:Safari 24-10-18 00:11:56[ debug ]use specified fingerprint:Safari 24-10-18 00:11:56[ debug ]use specified fingerprint:Safari 24-10-18 00:11:56[ debug ]use specified fingerprint:Safari 24-10-18 00:11:56[ debug ][Rule] use default rules 24-10-18 00:11:56[ debug ][Rule] use default rules 24-10-18 00:11:56[ debug ][DNS] resolve waa-pa.clients6.google.com HTTPS from udp://8.8.8.8:53 24-10-18 00:11:56[ debug ][DNS] resolve waa-pa.clients6.google.com HTTPS from udp://1.1.1.1:53 24-10-18 00:11:56[ debug ][DNS] cache hit waa-pa.clients6.google.com --> [] HTTPS, expire at 2024-10-18 00:09:38 24-10-18 00:11:56[ debug ][DNS] resolve ogads-pa.clients6.google.com A from udp://8.8.8.8:53 24-10-18 00:11:56[ debug ][DNS] resolve ogads-pa.clients6.google.com HTTPS from udp://8.8.8.8:53 24-10-18 00:11:56[ debug ][DNS] resolve ogads-pa.clients6.google.com HTTPS from udp://1.1.1.1:53 24-10-18 00:11:56[ debug ][DNS] resolve ogads-pa.clients6.google.com A from udp://1.1.1.1:53 24-10-18 00:11:56[ debug ][DNS] cache hit ogads-pa.clients6.google.com --> [142.250.72.170] A, expire at 2024-10-18 00:10:18 24-10-18 00:11:56[ debug ][DNS] cache hit ogads-pa.clients6.google.com --> [] HTTPS, expire at 2024-10-18 00:10:08 24-10-18 00:11:55[ info ][TCP] 192.168.20.33:1395 --> www.gstatic.com:443 match DomainSuffix(gstatic.com) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:55[ info ][TCP] 192.168.20.33:1394 --> www.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:55[ debug ][DNS] www.google.com --> [142.251.40.36] A from udp://1.1.1.1:53 24-10-18 00:11:55[ debug ]use specified fingerprint:Safari 24-10-18 00:11:55[ debug ]use specified fingerprint:Safari 24-10-18 00:11:55[ info ][UDP] mihomo --> 8.8.8.8:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:55[ info ][TCP] 192.168.20.33:1392 --> www.google.com:443 match DomainKeyword(google) using 🔍 谷歌服务[🇺🇸 US_DV] 24-10-18 00:11:55[ info ][UDP] mihomo --> 1.1.1.1:53 doesn't match any rule using 🇺🇸 US_DV 24-10-18 00:11:55[ debug ][Rule] use default rules 24-10-18 00:11:55[ debug ][Rule] use default rules 24-10-18 00:11:55[ debug ]use specified fingerprint:Safari 24-10-18 00:11:55[ debug ]use specified fingerprint:Safari 24-10-18 00:11:55[ debug ]use specified fingerprint:Safari 24-10-18 00:11:54[ debug ][Rule] use default rules 24-10-18 00:11:54[ debug ][DNS] resolve www.google.com A from udp://8.8.8.8:53 24-10-18 00:11:54[ debug ][DNS] resolve www.google.com A from udp://1.1.1.1:53 24-10-18 00:11:54[ debug ][DNS] cache hit www.google.com --> [142.250.68.4] A, expire at 2024-10-18 00:10:49 24-10-18 00:11:54[ debug ][DNS] cache hit www.google.com --> [] HTTPS, expire at 2024-10-18 05:23:29 24-10-18 00:11:54[ debug ][DNS] cache hit www.asusrouter.com --> [] HTTPS, expire at 2024-10-18 00:15:08

[msbtx]

配置写错了，DNS远程节点#前要空格