search

SagerNet / sing-box

The universal proxy platform
https://sing-box.sagernet.org/
Other
20k stars 2.38k forks source link

sing-box tun模式 dns 无法上网 #1549

Closed ninepass closed 8 months ago

ninepass commented 8 months ago

Operating system

Mac os

System version

10.15.7

Installation type

Original sing-box Command Line

If you are using a graphical client, please provide the version of the client.

No response

Version

sing-box 1.9

Description

在mac上运行tun模式,如何将本机dns设为127.0.0.1 或者虚拟网卡地址 172.19.0.1 浏览器dns无法解析但其他软件可以访问

通过tun模式作为旁路由,将dns设为旁路由地址后,无法上网,只能设置成其他的如9.9.9.9

Reproduction

配置文件如下:

{ "log": { "level": "debug", "timestamp": true }, "dns": { "fakeip": { "enabled": true, "inet4_range": "198.18.0.0/15", "inet6_range": "fc00::/18" }, "servers": [ { "tag": "dns_proxy", "address": "h3://8.8.8.8/dns-query", "address_resolver": "dns_resolver", "strategy": "prefer_ipv4", "detour": "proxy-us" }, { "tag": "dns_local", "address": "https://223.5.5.5/dns-query", "strategy": "prefer_ipv4", "detour": "direct" }, { "tag": "dns_block", "address": "rcode://refused" }, { "tag": "dns_resolver", "address": "fakeip", "strategy": "ipv4_only", "detour": "direct" } ], "rules": [ { "outbound": [ "any" ], "server": "dns_local" }, { "domain":[ "www.cn.bing.com" ], "outbound": [ "direct" ], "server": "dns_local" }, { "domain":[ "www.youtube.com" ], "outbound": [ "proxy-us" ], "server": "dns_proxy" }, { "geoip": [ "cn" ], "outbound": [ "direct" ], "server": "dns_local", "disable_cache": false, "client_subnet": "127.0.0.1" }, { "outbound": [ "direct" ], "server": "dns_local", "disable_cache": false } ], "final": "dns_local", "strategy": "ipv4_only", "disable_cache": true, "disable_expire": false, "independent_cache": true }, "route": { "rules": [ { "port": 53, "outbound": "dns-out" }, { "protocol": "dns", "outbound": "dns-out" }, { "rule_set": "geosite-cn", "outbound": "direct" }, { "ip_is_private": true, "outbound": "direct" }, { "rule_set": "geoip-cn", "outbound": "direct" }, { "rule_set": "geoip-us", "rule_set_ipcidr_match_source": true, "outbound": "proxy-us" }, { "rule_set": "geosite-cn", "invert": true, "rule_set_ipcidr_match_source": true, "outbound": "proxy-us" }, { "rule_set": [ "geosite-category-ads-all" ], "outbound": "block" } ], "rule_set": [ { "tag": "geosite-cn", "type": "remote", "format": "binary", "url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-cn.srs", "download_detour": "proxy" }, { "tag": "geoip-cn", "type": "remote", "format": "binary", "url": "https://raw.githubusercontent.com/SagerNet/sing-geoip/rule-set/geoip-cn.srs", "download_detour": "proxy" }, { "tag": "geoip-us", "type": "remote", "format": "binary", "url": "https://raw.githubusercontent.com/SagerNet/sing-geoip/rule-set/geoip-us.srs", "download_detour": "proxy" }, { "tag": "geosite-category-ads-all", "type": "remote", "format": "binary", "url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-category-ads-all.srs", "download_detour": "direct" } ], "auto_detect_interface": true }, "experimental": { "cache_file": { "enabled": true } }, "inbounds": [ { "type": "mixed", "tag": "mixed-in", "listen": "::", "listen_port": 1085, "sniff": true, "sniff_override_destination": true }, { "type": "tun", "tag": "tun-in", "inet4_address": "172.19.0.1/30", "auto_route": true, "strict_route": false, "stack": "system", "sniff": true, "mtu": 9000, "sniff_override_destination": true } ], "outbounds": [ { "tag": "proxy", "type": "hysteria2", "server": "xxx", "server_port": 111, "up_mbps": 30, "down_mbps": 150, "password": "111", "network": "tcp", "tls": { "enabled": true, "server_name": "", "alpn": [ "h3" ] } }, { "tag": "proxy-us", "type": "hysteria2", "server": "xxx", "server_port": 123, "up_mbps": 30, "down_mbps": 150, "password": "111", "network": "tcp", "tls": { "enabled": true, "server_name": "", "alpn": [ "h3" ] } }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" }, { "type": "dns", "tag": "dns-out" } ] }

Logs

+0800 2024-03-07 18:03:59 DEBUG dns: exchange www.qq.com. IN A
+0800 2024-03-07 18:03:59 DEBUG dns: exchanged www.qq.com NOERROR 112
+0800 2024-03-07 18:03:59 INFO dns: exchanged www.qq.com CNAME www.qq.com. 112 IN CNAME ins-r23tsuuf.ias.tencent-cloud.net.
+0800 2024-03-07 18:03:59 INFO dns: exchanged www.qq.com A ins-r23tsuuf.ias.tencent-cloud.net. 112 IN A 101.91.22.57
+0800 2024-03-07 18:03:59 INFO dns: exchanged www.qq.com A ins-r23tsuuf.ias.tencent-cloud.net. 112 IN A 101.91.42.232
+0800 2024-03-07 18:03:59 INFO dns: exchanged www.qq.com OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x0070, udp: 4096
+0800 2024-03-07 18:03:59 DEBUG dns: exchange pacaio.match.qq.com. IN A
+0800 2024-03-07 18:03:59 DEBUG dns: exchange mat1.gtimg.com. IN A
+0800 2024-03-07 18:03:59 DEBUG dns: exchange vm.gtimg.cn. IN A
+0800 2024-03-07 18:03:59 DEBUG dns: exchanged pacaio.match.qq.com NOERROR 4
+0800 2024-03-07 18:03:59 INFO dns: exchanged pacaio.match.qq.com CNAME pacaio.match.qq.com. 4 IN CNAME ins-gwqy79ih.ias.tencent-cloud.net.
+0800 2024-03-07 18:03:59 INFO dns: exchanged pacaio.match.qq.com A ins-gwqy79ih.ias.tencent-cloud.net. 4 IN A 101.226.141.184
+0800 2024-03-07 18:03:59 INFO dns: exchanged pacaio.match.qq.com A ins-gwqy79ih.ias.tencent-cloud.net. 4 IN A 101.91.21.71
+0800 2024-03-07 18:03:59 INFO dns: exchanged pacaio.match.qq.com OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x0004, udp: 4096
+0800 2024-03-07 18:03:59 DEBUG dns: exchanged mat1.gtimg.com NOERROR 25
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com CNAME mat1.gtimg.com. 25 IN CNAME mat1.gtimg.com.cloud.tc.qq.com.
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com CNAME mat1.gtimg.com.cloud.tc.qq.com. 25 IN CNAME mat1.gtimg.mid.tdnsv6.com.
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com CNAME mat1.gtimg.mid.tdnsv6.com. 25 IN CNAME mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com.
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 25 IN A 122.228.0.139
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 25 IN A 122.228.66.197
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 25 IN A 183.131.133.57
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 25 IN A 122.228.66.194
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 25 IN A 61.164.142.156
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 25 IN A 122.228.66.189
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 25 IN A 122.228.66.200
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 25 IN A 122.246.12.244
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 25 IN A 183.131.133.56
+0800 2024-03-07 18:03:59 INFO dns: exchanged mat1.gtimg.com OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x0019, udp: 4096
+0800 2024-03-07 18:03:59 DEBUG dns: exchanged vm.gtimg.cn NOERROR 38
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn CNAME vm.gtimg.cn. 38 IN CNAME vm.gtimg.cn.cdn.dnsv1.com.cn.
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn CNAME vm.gtimg.cn.cdn.dnsv1.com.cn. 38 IN CNAME 301yjo64.sched.sma-dk.tdnsstic1.cn.
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn CNAME 301yjo64.sched.sma-dk.tdnsstic1.cn. 38 IN CNAME 301yjo64.60-61.cjt.cdn.uyun-cdn.com.
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 60.188.67.145
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 183.136.219.217
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 60.188.67.116
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 60.188.67.245
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 36.25.253.112
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 36.25.253.100
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 36.25.253.114
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 60.188.67.206
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 36.25.253.109
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 183.134.10.80
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 183.134.10.8
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 36.25.253.110
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 38 IN A 122.225.36.110
+0800 2024-03-07 18:03:59 INFO dns: exchanged vm.gtimg.cn OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x0026, udp: 4096
+0800 2024-03-07 18:04:00 INFO [3728185097 0ms] inbound/tun[tun-in]: inbound packet connection from 172.19.0.1:51336
+0800 2024-03-07 18:04:00 INFO [3728185097 0ms] inbound/tun[tun-in]: inbound packet connection to 172.19.0.1:53
+0800 2024-03-07 18:04:00 DEBUG [3728185097 0ms] router: sniffed packet protocol: dns
+0800 2024-03-07 18:04:00 DEBUG [3728185097 0ms] router: match[0] port=53 => dns-out
+0800 2024-03-07 18:04:00 DEBUG dns: exchange nexus.officeapps.live.com. IN A
+0800 2024-03-07 18:04:00 DEBUG dns: exchanged nexus.officeapps.live.com NOERROR 49
+0800 2024-03-07 18:04:00 INFO dns: exchanged nexus.officeapps.live.com CNAME nexus.officeapps.live.com. 49 IN CNAME prod-w.nexus.live.com.akadns.net.
+0800 2024-03-07 18:04:00 INFO dns: exchanged nexus.officeapps.live.com A prod-w.nexus.live.com.akadns.net. 49 IN A 52.111.229.50
+0800 2024-03-07 18:04:00 INFO dns: exchanged nexus.officeapps.live.com OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x0031, udp: 4096
+0800 2024-03-07 18:04:00 DEBUG [2417644241 9m54s] inbound/mixed[mixed-in]: connection closed: process connection from 127.0.0.1:60725: download: use of closed network connection
+0800 2024-03-07 18:04:01 DEBUG dns: exchange nexus.officeapps.live.com. IN A
+0800 2024-03-07 18:04:01 DEBUG dns: exchanged nexus.officeapps.live.com NOERROR 48
+0800 2024-03-07 18:04:01 INFO dns: exchanged nexus.officeapps.live.com CNAME nexus.officeapps.live.com. 48 IN CNAME prod-w.nexus.live.com.akadns.net.
+0800 2024-03-07 18:04:01 INFO dns: exchanged nexus.officeapps.live.com A prod-w.nexus.live.com.akadns.net. 48 IN A 52.111.229.50
+0800 2024-03-07 18:04:01 INFO dns: exchanged nexus.officeapps.live.com OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x0030, udp: 4096
+0800 2024-03-07 18:04:03 INFO [1652183576 0ms] inbound/mixed[mixed-in]: inbound connection from 127.0.0.1:60791
+0800 2024-03-07 18:04:03 INFO [1652183576 1ms] inbound/mixed[mixed-in]: inbound connection to accounts.google.com:443
+0800 2024-03-07 18:04:03 DEBUG [1652183576 2ms] router: sniffed protocol: tls, domain: accounts.google.com
+0800 2024-03-07 18:04:03 DEBUG [1652183576 2ms] router: match[6] !(rule_set=geosite-cn) => proxy-us
+0800 2024-03-07 18:04:03 INFO [1652183576 2ms] outbound/hysteria2[proxy-us]: outbound connection to accounts.google.com:443
+0800 2024-03-07 18:04:03 DEBUG dns: exchange nexus.officeapps.live.com. IN A
+0800 2024-03-07 18:04:03 DEBUG dns: exchanged nexus.officeapps.live.com NOERROR 46
+0800 2024-03-07 18:04:03 INFO dns: exchanged nexus.officeapps.live.com CNAME nexus.officeapps.live.com. 46 IN CNAME prod-w.nexus.live.com.akadns.net.
+0800 2024-03-07 18:04:03 INFO dns: exchanged nexus.officeapps.live.com A prod-w.nexus.live.com.akadns.net. 46 IN A 52.111.229.50
+0800 2024-03-07 18:04:03 INFO dns: exchanged nexus.officeapps.live.com OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x002e, udp: 4096
+0800 2024-03-07 18:04:03 DEBUG dns: exchange www.qq.com. IN A
+0800 2024-03-07 18:04:03 DEBUG dns: exchanged www.qq.com NOERROR 108
+0800 2024-03-07 18:04:03 INFO dns: exchanged www.qq.com CNAME www.qq.com. 108 IN CNAME ins-r23tsuuf.ias.tencent-cloud.net.
+0800 2024-03-07 18:04:03 INFO dns: exchanged www.qq.com A ins-r23tsuuf.ias.tencent-cloud.net. 108 IN A 101.91.42.232
+0800 2024-03-07 18:04:03 INFO dns: exchanged www.qq.com A ins-r23tsuuf.ias.tencent-cloud.net. 108 IN A 101.91.22.57
+0800 2024-03-07 18:04:03 INFO dns: exchanged www.qq.com OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x006c, udp: 4096
+0800 2024-03-07 18:04:03 DEBUG dns: exchange pacaio.match.qq.com. IN A
+0800 2024-03-07 18:04:03 DEBUG dns: exchange mat1.gtimg.com. IN A
+0800 2024-03-07 18:04:03 DEBUG dns: exchange vm.gtimg.cn. IN A
+0800 2024-03-07 18:04:03 DEBUG dns: exchanged pacaio.match.qq.com NOERROR 1
+0800 2024-03-07 18:04:03 INFO dns: exchanged pacaio.match.qq.com CNAME pacaio.match.qq.com. 1 IN CNAME ins-gwqy79ih.ias.tencent-cloud.net.
+0800 2024-03-07 18:04:03 INFO dns: exchanged pacaio.match.qq.com A ins-gwqy79ih.ias.tencent-cloud.net. 1 IN A 101.226.141.184
+0800 2024-03-07 18:04:03 INFO dns: exchanged pacaio.match.qq.com A ins-gwqy79ih.ias.tencent-cloud.net. 1 IN A 101.91.21.71
+0800 2024-03-07 18:04:03 INFO dns: exchanged pacaio.match.qq.com OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x0001, udp: 4096
+0800 2024-03-07 18:04:03 DEBUG dns: exchanged mat1.gtimg.com NOERROR 21
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com CNAME mat1.gtimg.com. 21 IN CNAME mat1.gtimg.com.cloud.tc.qq.com.
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com CNAME mat1.gtimg.com.cloud.tc.qq.com. 21 IN CNAME mat1.gtimg.mid.tdnsv6.com.
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com CNAME mat1.gtimg.mid.tdnsv6.com. 21 IN CNAME mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com.
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 21 IN A 183.131.133.56
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 21 IN A 122.228.0.139
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 21 IN A 122.228.66.197
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 21 IN A 183.131.133.57
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 21 IN A 122.228.66.194
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 21 IN A 61.164.142.156
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 21 IN A 122.228.66.189
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 21 IN A 122.228.66.200
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com A mat1.gtimg.com.sched.legopic2-dk.tdnsv6.com. 21 IN A 122.246.12.244
+0800 2024-03-07 18:04:03 INFO dns: exchanged mat1.gtimg.com OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x0015, udp: 4096
+0800 2024-03-07 18:04:03 DEBUG dns: exchanged vm.gtimg.cn NOERROR 34
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn CNAME vm.gtimg.cn. 34 IN CNAME vm.gtimg.cn.cdn.dnsv1.com.cn.
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn CNAME vm.gtimg.cn.cdn.dnsv1.com.cn. 34 IN CNAME 301yjo64.sched.sma-dk.tdnsstic1.cn.
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn CNAME 301yjo64.sched.sma-dk.tdnsstic1.cn. 34 IN CNAME 301yjo64.60-61.cjt.cdn.uyun-cdn.com.
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 183.134.10.8
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 36.25.253.110
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 122.225.36.110
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 60.188.67.145
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 183.136.219.217
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 60.188.67.116
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 60.188.67.245
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 36.25.253.112
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 36.25.253.100
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 36.25.253.114
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 60.188.67.206
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 36.25.253.109
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn A 301yjo64.60-61.cjt.cdn.uyun-cdn.com. 34 IN A 183.134.10.80
+0800 2024-03-07 18:04:03 INFO dns: exchanged vm.gtimg.cn OPT OPT PSEUDOSECTION: EDNS: version 0 flags: MBZ: 0x0022, udp: 4096

Integrity requirements

AmberisMyShiba commented 8 months ago

dns_resolve不要用fakeip,用真实的dns server

ninepass commented 8 months ago

@AmberisMyShiba 改成其他的也一样,比如我改成 223.5.5.5

sh0w1ov3 commented 6 months ago

TUN模式重定向所有穿过的流量,只需要把设备的IPv4和IPv6的网关填成sing-box就行,设备的dns随意设但不能设为singbox的IP,况且你的inbound里也没有提供dns查询服务,这就导致的设备的dns流量无法被singbox接收。

luweijun1992 commented 4 months ago

TUN模式重定向所有穿过的流量,只需要把设备的IPv4和IPv6的网关填成sing-box就行,设备的dns随意设但不能设为singbox的IP,况且你的inbound里也没有提供dns查询服务,这就导致的设备的dns流量无法被singbox接收。

请问下为啥不能将dns设置为singbox IP 我现在就遇到这种问题,下面的配置,终端设置dns为sing-box IP时候无法提供解析 将tun配置删除,只保留direct 53,可以正常解析 image

sh0w1ov3 commented 4 months ago

TUN模式重定向所有穿过的流量,只需要把设备的IPv4和IPv6的网关填成sing-box就行,设备的dns随意设但不能设为singbox的IP,况且你的inbound里也没有提供dns查询服务,这就导致的设备的dns流量无法被singbox接收。

请问下为啥不能将dns设置为singbox IP 我现在就遇到这种问题,下面的配置,终端设置dns为sing-box IP时候无法提供解析 将tun配置删除,只保留direct 53,可以正常解析

你把这段加到tun字段里

 "inet4_route_address": [
        "198.18.0.0/15",
        "91.105.192.0/23",
        "91.108.4.0/22",
        "91.108.8.0/21",
        "91.108.16.0/21",
        "91.108.56.0/22",
        "95.161.64.0/20",
        "149.154.160.0/20",
        "185.76.151.0/24"
      ],
luweijun1992 commented 4 months ago

TUN模式重定向所有穿过的流量,只需要把设备的IPv4和IPv6的网关填成sing-box就行,设备的dns随意设但不能设为singbox的IP,况且你的inbound里也没有提供dns查询服务,这就导致的设备的dns流量无法被singbox接收。

请问下为啥不能将dns设置为singbox IP 我现在就遇到这种问题,下面的配置,终端设置dns为sing-box IP时候无法提供解析 将tun配置删除,只保留direct 53,可以正常解析

你把这段加到tun字段里

 "inet4_route_address": [
        "198.18.0.0/15",
        "91.105.192.0/23",
        "91.108.4.0/22",
        "91.108.8.0/21",
        "91.108.16.0/21",
        "91.108.56.0/22",
        "95.161.64.0/20",
        "149.154.160.0/20",
        "185.76.151.0/24"
      ],

加上您提供的配置可以解析,且上网也正常。请问这是什么原因导致?

但是dns rules最后兜底的final 不能设置为fakeip,就会导致rules规则中没匹配到的最后走兜底会获取到真实IP,但又因为上面inet4_route_address不包含真实IP,这种情况要怎么解决?

    "dns": {
        "servers": [
            {
                "tag": "dnsDirect",
                "address": "https://223.5.5.5/dns-query",
                "address_strategy": "ipv4_only",
                "strategy": "ipv4_only",
                "detour": "directOut"
            },
            {
                "tag": "dnsProxy",
                "address": "https://1.1.1.1/dns-query", // Cloudflare
                "address_strategy": "ipv4_only",
                "strategy": "ipv4_only",
                "detour": "Selector",
                "client_subnet": "1.0.1.0"
            },
            {
                "tag": "FakeIP",
                "address": "fakeip"
            }
        ],
        "fakeip": {
            "enabled": true,
            "inet4_range": "198.18.0.0/16"
        },
        "rules": [
            {
                "outbound":  "any",
                "server": "dnsDirect"
            },
            {
                "rule_set": "geosite-geolocation-cn",
                "server": "dnsDirect"
            },
            {
                "domain_suffix": [
                    "google.com",
                    "github.com",
                    "youtube.com",
                    "openai.com"
                ],
                "server": "FakeIP"
            },
            {
                "rule_set": "geosite-geolocation-!cn",
                "server": "FakeIP"
            }
        ],
        "final": "FakeIP",
        "strategy": "ipv4_only" // prefer_ipv4 prefer_ipv6 ipv4_only ipv6_only
    },

如上配置执行sing-box check会有下面错误

FATAL[0000] parse route options: default DNS server cannot be fakeip