Cannot resolve DNS (maybe due to urltest)

PiggyRan commented 6 months ago

Operating system

Linux

System version

OpenWrt 23.05.0-rc4

Installation type

Original sing-box Command Line

If you are using a graphical client, please provide the version of the client.

No response

Version

sing-box version 1.8.0-rc.8

Environment: go1.21.5 linux/amd64
Tags: with_gvisor,with_quic,with_dhcp,with_wireguard,with_ech,with_utls,with_reality_server,with_acme,with_clash_api
Revision: 6372629aa193362a86308a1f32fc89df007ef50e
CGO: disabled

Description

curl report DNS error:

% curl google.com
curl: (6) Could not resolve host: google.com

Reproduction

This issue happens randomly and I cannot reproduce it. How ever, if I use clash dashboard ui to "test speed", it will recover from this situation.

my configuration:

{
  "log": {
    "level": "info",
    "timestamp": true
  },
  "dns": {
    "independent_cache": true,
    "final": "dns_direct",
    "strategy": "ipv4_only",
    "rules": [
      {
        "rule_set": "geosite-category-ads-all",
        "server": "dns_block",
        "disable_cache": true
      },
      {
        "domain": [ "google.com" ],
        "server": "dns_remote"
      },
      {
        "outbound": "any",
        "server": "dns_direct"
      }
    ],
    "servers": [
      {
        "address": "8.8.4.4",
        "tag": "dns_remote",
        "detour": "proxy"
      },
      {
        "address": "168.126.63.1",
        "detour": "direct",
        "tag": "dns_direct"
      },
      {
        "address": "rcode://success",
        "tag": "dns_block"
      }
    ]
  },
  "inbounds": [
    {
      "domain_strategy": "ipv4_only",
      "endpoint_independent_nat": false,
      "interface_name": "singboxtun0",
      "inet4_address": "172.19.0.1/28",
      "sniff": true,
      "sniff_override_destination": false,
      "stack": "system",
      "auto_route": true,
      "strict_route": false,
      "tag": "tun-in",
      "type": "tun"
    }
  ],
  "outbounds": [
    {
      "tag": "direct",
      "type": "direct"
    },
    {
      "tag": "block",
      "type": "block"
    },
    {
      "tag": "dns",
      "type": "dns"
    },
    {
      "tag": "auto",
      "type": "urltest",
      "url": "http://www.gstatic.com/generate_204",
      "interval": "10m",
      "tolerance": 50,
      "outbounds": [ "p1", "p2", "p3" ]
    },
    {
      "tag": "proxy",
      "type": "selector",
      "default": "auto",
      "outbounds": [ "direct", "auto", "p1", "p2", "p3" ]
    },
    {
      "tag": "p1",
      "type": "vless",
      "server": "1xx.1xx.1xx.1xx",
      "server_port": 443,
      "packet_encoding": "",
      "uuid": "xxxxx-xxxx-xxxx-xx-xxxxxxx",
      "flow": "xtls-rprx-vision",
      "tls": {
        "enabled": true,
        "insecure": false,
        "reality": {
          "enabled": true,
          "public_key": "xxxxxxx",
          "short_id": "xxxx"
        },
        "server_name": "xxxxx.xx.xx",
        "utls": {
          "enabled": true,
          "fingerprint": "chrome"
        }
      }
    },
    {
      "tag": "p2",
      "type": "vless",
      "server": "1xx.1xx.1xx.1xx",
      "server_port": 443,
      "packet_encoding": "",
      "uuid": "xxxxx-xxxx-xxxx-xx-xxxxxxx",
      "flow": "xtls-rprx-vision",
      "tls": {
        "enabled": true,
        "insecure": false,
        "reality": {
          "enabled": true,
          "public_key": "xxxxxxx",
          "short_id": "xxxx"
        },
        "server_name": "xxxxx.xx.xx",
        "utls": {
          "enabled": true,
          "fingerprint": "chrome"
        }
      }
    },
    {
      "tag": "p3",
      "type": "vless",
      "server": "1xx.1xx.1xx.1xx",
      "server_port": 443,
      "packet_encoding": "",
      "uuid": "xxxxx-xxxx-xxxx-xx-xxxxxxx",
      "flow": "xtls-rprx-vision",
      "tls": {
        "enabled": true,
        "insecure": false,
        "reality": {
          "enabled": true,
          "public_key": "xxxxxxx",
          "short_id": "xxxx"
        },
        "server_name": "xxxxx.xx.xx",
        "utls": {
          "enabled": true,
          "fingerprint": "chrome"
        }
      }
    }
  ],
  "route": {
    "auto_detect_interface": true,
    "rules": [
      {
        "protocol": "dns",
        "outbound": "dns"
      },
      {
        "ip_cidr": [ "224.0.0.0/3", "ff00::/8" ],
        "source_ip_cidr": [ "224.0.0.0/3", "ff00::/8" ],
        "outbound": "block"
      },
      {
        "ip_is_private": true,
        "outbound": "direct"
      },
      {
        "rule_set": "geosite-category-ads-all",
        "outbound": "block"
      },
      {
        "clash_mode": "direct",
        "outbound": "direct"
      },
      {
        "clash_mode": "global",
        "outbound": "proxy"
      },
      {
        "domain": [ "google.com" ],
        "outbound": "proxy"
      }
    ],
    "final": "direct"
  },
  "experimental": {
    "cache_file": {
      "enabled": true,
      "path": "cache.db"
    },
    "clash_api": {
      "external_controller": "1xx.1xx.0.1:9090",
      "external_ui": "./dashboard"
    }
  }
}

Logs

[2023-12-30 15:00:51][ERROR] dns: exchange failed for outlook.live.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for www.google.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for www.youtube.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for www.youtube.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for signaler-pa.clients6.google.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for github.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for addons-pa.clients6.google.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for outlook.live.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for www.google.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for addons-pa.clients6.google.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for ocsp2.apple.com. IN HTTPS: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for ocsp2.apple.com. IN HTTPS: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for ocsp2.apple.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for ocsp2.apple.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for p42-fmfmobile.icloud.com. IN A: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for p42-fmfmobile.icloud.com. IN HTTPS: context canceled
[2023-12-30 15:00:51][ERROR] dns: exchange failed for p42-fmfmobile.icloud.com. IN A: context canceled

Integrity requirements

[X] I confirm that I have read the documentation, understand the meaning of all the configuration items I wrote, and did not pile up seemingly useful options or default values.
[X] I confirm that I have provided the server and client configuration files and process that can be reproduced locally, instead of a complicated client configuration file that has been stripped of sensitive data.
[X] I confirm that I have provided the simplest configuration that can be used to reproduce the error I reported, instead of depending on remote servers, TUN, graphical interface clients, or other closed-source software.
[ ] I confirm that I have provided the complete configuration files and logs, rather than just providing parts I think are useful out of confidence in my own intelligence.

PiggyRan commented 6 months ago

It happens again and this time I cannot recovery it by click "test speed" button.

PiggyRan commented 6 months ago

I think it may caused by something when "urltest" works.

good-bay commented 6 months ago

I think it may caused by something when "urltest" works.我认为这可能是由“urltest”工作时的某些原因引起的。

我也是这样的问题,你解决了吗?

PiggyRan commented 6 months ago

I think it may caused by something when "urltest" works.我认为这可能是由“urltest”工作时的某些原因引起的。

我也是这样的问题,你解决了吗?

No, I removed the urltest outbound now.

XhstormR commented 5 months ago

DNS rules have priority, so the order of the rules is very important.

I think you should put the "outbound": "any" rule at the beginning and it should solve the problem.

PiggyRan commented 5 months ago

DNS rules have priority, so the order of the rules is very important.

I think you should put the "outbound": "any" rule at the beginning and it should solve the problem.

Thanks for your reply.

But I have a question about your answer. If I put the "outbound": "any" rule at the beginning, the "google.com" domain will be resolved by using dns_direct, right? But this is not my intention.

XhstormR commented 5 months ago

No, the outbound rule only apply to outbound tag, the "google.com" domain will not match the outbound rule.

https://sing-box.sagernet.org/configuration/dns/rule/#outbound

PiggyRan commented 5 months ago

No, the outbound rule only apply to outbound tag, the "google.com" domain will not match the outbound rule.

https://sing-box.sagernet.org/configuration/dns/rule/#outbound

Thanks. Let me try.

github-actions[bot] commented 3 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 5 days

SagerNet / sing-box