RPRX
commented
3 years ago 我觉得 DNS 是需要一些调整与增强,比如更方便的 DNS over TCP
Closed dotNetDR closed 5 months ago
RPRX
commented
3 years ago 我觉得 DNS 是需要一些调整与增强,比如更方便的 DNS over TCP
ghost
commented
3 years ago @dotNetDR
DoH解析失败是因为超时吗?目前非local的doh查询不能连接复用
dotNetDR
commented
3 years ago @JimhHan 我回头整点日志发出来,这个不是必现的,是偶现情况
dotNetDR
commented
3 years ago client配置
log:
loglevel: warning # debug warning
dns:
hosts:
{vps}: "{vps ip}"
dns.alidns.com: "223.5.5.5"
servers:
- address: https://1.1.1.1/dns-query
domains:
- geosite:geolocation-!cn
- address: https+local://dns.alidns.com/dns-query
domains:
- geosite:cn
expectIPs:
- geoip:cn
- 192.168.0.1
tag: internal-dns
routing:
domainStrategy: AsIs
rules:
- type: field
inboundTag:
- dns-in
outboundTag: dns-out
- type: field
inboundTag:
- all-in
ip:
- geoip:cn
- geoip:private
outboundTag: direct
- type: field
inboundTag:
- all-in
ip:
- geoip:us
- geoip:tw
- geoip:jp
- geoip:gb
outboundTag: proxy
inbounds:
- tag: dns-in
listen: 192.168.1.10 # local ip
port: 5353
protocol: dokodemo-door
settings:
address: 1.1.1.1
port: 53
network: tcp,udp
- tag: all-in
listen: 192.168.1.10 # local ip
port: 12345
protocol: dokodemo-door
settings:
network: 'tcp,udp'
followRedirect: true
sniffing:
enabled: false
destOverride:
- http
- tls
streamSettings:
sockopt:
tcpFastOpen: false
tproxy: tproxy
outbounds:
- tag: direct
protocol: freedom
streamSettings:
sockopt:
mark: 2
- tag: proxy
protocol: vless
settings:
vnext:
- address: ***
port: 443
users:
- id: ***
encryption: none
level: 0
streamSettings:
network: ws
security: tls
tlsSettings:
serverName: ***
allowInsecure: true
alpn:
- http/1.1
wsSettings:
acceptProxyProtocol: false
path: /***
sockopt:
mark: 2
mux:
enabled: false
concurrency: 4
- tag: dns-out
protocol: dns
streamSettings:
sockopt:
mark: 2dns报错的日志
2021/02/04 13:20:36 [Error] app/dns: failed to retrieve response for cache.ip138.com. > Post "https://dns.alidns.com/dns-query": context deadline exceeded
2021/02/04 13:20:36 [Error] app/dns: failed to retrieve response for dns.alidns.com. > Post "https://dns.alidns.com/dns-query": context deadline exceeded
2021/02/04 13:20:36 [Error] app/dns: failed to retrieve response for 2021.ip138.com. > Post "https://dns.alidns.com/dns-query": context deadline exceeded
...
2021/02/04 13:20:40 [Error] app/dns: failed to retrieve response for cache.ip138.com. > Post "https://1.1.1.1/dns-query": context deadline exceeded
...
2021/02/04 13:20:41 [Error] app/dns: failed to retrieve response for cache.ip138.com. > Post "https://dns.alidns.com/dns-query": context deadline exceeded
2021/02/04 13:20:41 [Error] app/dns: failed to retrieve response for dns.alidns.com. > Post "https://dns.alidns.com/dns-query": context deadline exceeded
...
2021/02/04 13:20:46 [Error] app/dns: failed to retrieve response for firebaseperusertopics-pa.googleapis.com. > Post "https://1.1.1.1/dns-query": context deadline exceeded
...
2021/02/04 13:21:03 [Error] app/dns: failed to retrieve response for lh3.googleusercontent.com. > Post "https://1.1.1.1/dns-query": context deadline exceeded
...
2021/02/04 13:21:03 [Error] app/dns: failed to retrieve response for fonts.gstatic.com. > Post "https://1.1.1.1/dns-query": context deadline exceeded
2021/02/04 13:21:03 [Error] app/dns: failed to retrieve response for drive-thirdparty.googleusercontent.com. > Post "https://1.1.1.1/dns-query": context deadline exceeded
...
2021/02/04 13:21:07 [Error] app/dns: failed to retrieve response for fonts.gstatic.com. > Post "https://1.1.1.1/dns-query": context deadline exceeded
...
2021/02/04 13:21:40 [Error] app/dns: failed to retrieve response for edgedl.gvt1.com. > Post "https://1.1.1.1/dns-query": context deadline exceeded
...
2021/02/04 13:21:52 [Error] app/dns: failed to retrieve response for play.google.com. > Post "https://1.1.1.1/dns-query": context deadline exceeded2021/02/04 13:37:15 [Error] app/dns: failed to retrieve response for dns.cloudflare.com. > Post "https://1.1.1.1/dns-query": context deadline exceeded
2021/02/04 13:37:15 192.168.18.186:4506 accepted udp:1.1.1.1:53 [dns-in -> dns-out]
2021/02/04 13:37:15 192.168.18.186:29280 accepted udp:1.1.1.1:53 [dns-in -> dns-out]
2021/02/04 13:37:19 [Error] app/dns: failed to retrieve response for dns.cloudflare.com. > Post "https://dns.alidns.com/dns-query": context deadline exceeded
2021/02/04 13:37:19 [Error] app/dns: failed to retrieve response for dns.alidns.com. > Post "https://dns.alidns.com/dns-query": context deadline exceeded服务器和客户端都是v1.2.4 x86_64
z826540272
commented
3 years ago 我觉得 DNS 是需要一些调整与增强,比如更方便的 DNS over TCP
建议实现类似ChinaDNS-NG的功能.
dotNetDR
commented
3 years ago 我目前调整为这样子用 dnsmasq用dnsmasq-china-list去解析国内域名,然后设置自搭doh-client连到vps上的doh-server
国内域名解析 -> 走dnsmasq-china-list
非国内域名解析 -> 转发到 openwrt的doh-client暂时算是解决解析问题了
ssydb
commented
3 years ago 借楼问一下 如果想用DNS解锁方式来看奈飞这个规则应该怎么写比较好 网上找了一些 v2ray 的配置来都不成功
比如,支持更多设置参数。
我这里场景是 旁路由openwrt里设置的tproxy透明代理(流量转到xray的12345端口),使用了自带的dnsmasq配置forwarding到xray内置dns(xray dns监听了5353),并且设置dnsmasq的缓存条数=0
目前发现的问题是xray有时候DoH解析失败时会尝试使用上游(国内dns),导致把国内的DNS解析结果给xray路由,然后走的国内路线访问。以至于有时候因为dns回退到国内dns撞墙上了
配置