Closed onlyJinx closed 2 years ago
目前比较好的做法是在代理服务器上开一个tcp dns服务器,127.0.0.1:1234,然后再v2ray里面采用tcp dns解析,地址设到127.0.0.1:1234,然后把这个地址路由到远端。这样tcp dns是从隧道里面走,1rtt,不产生tcp握手的rtt。
不好意思,再请教一下,我按照你的建议使用DNSProxy在我的VPS上搭建了tcp dns服务器,运行日志如下
root@debian:~/linux-amd64# ./dnsproxy -p 1234 -u 8.8.8.8 8 -v
2021/10/05 08:58:10 [info] Starting the DNS proxy
2021/10/05 08:58:10 7169#1 [debug] Upstream 0: 8.8.8.8:53
2021/10/05 08:58:10 7169#1 [info] Starting the DNS proxy server
2021/10/05 08:58:10 7169#1 [info] Creating the UDP server socket
2021/10/05 08:58:10 7169#1 [info] Listening to udp://[::]:1234
2021/10/05 08:58:10 7169#1 [info] Creating a TCP server socket
2021/10/05 08:58:10 7169#1 [info] Listening to tcp://[::]:1234
2021/10/05 08:58:10 7169#6 [info] Entering the UDP listener loop on [::]:1234
2021/10/05 08:58:10 7169#7 [info] Entering the tcp listener loop on [::]:1234
然后再把v2ray的dns服务器指向tcp://127.0.0.1:1234
再将这个127.0.0.1进行代理发给naive,再由naive发给naive服务端。但是实际运行的时候好像不是我预想的样子。v2ray把tcp://127.0.0.1:1234
发给naive客户端之后好像naive发不出去?DNSProxy这边收不到任何信息。我已经想不出来到底是哪里出问题了,所以请教一下,(不过,如果写成tcp://我的vps地址:1234
似乎是可以正常解析DNS)下面是日志:
V2ray(已使用grep 127.0.0.1过滤)
2021/10/05 12:53:25 [Info] app/dispatcher: taking detour [naiveProxy] for [tcp:127.0.0.1:1234]
2021/10/05 12:53:25 [Info] transport/internet/tcp: dialing TCP to tcp:127.0.0.1:7777
2021/10/05 12:53:26 [Info] app/dispatcher: taking detour [naiveProxy] for [tcp:127.0.0.1:1234]
2021/10/05 12:53:26 [Info] transport/internet/tcp: dialing TCP to tcp:127.0.0.1:7777
2021/10/05 12:53:26 [Info] app/dns: failed to lookup ip for domain beacons2.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:26 [Info] app/dns: failed to lookup ip for domain beacons3.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:26 [Info] app/dns: failed to lookup ip for domain beacons.gcp.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:26 [Info] app/dns: failed to lookup ip for domain beacons.gcp.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:27 [Info] app/dispatcher: taking detour [naiveProxy] for [tcp:127.0.0.1:1234]
2021/10/05 12:53:27 [Info] transport/internet/tcp: dialing TCP to tcp:127.0.0.1:7777
2021/10/05 12:53:27 [Info] app/dispatcher: taking detour [naiveProxy] for [tcp:127.0.0.1:1234]
2021/10/05 12:53:27 [Info] transport/internet/tcp: dialing TCP to tcp:127.0.0.1:7777
2021/10/05 12:53:27 [Info] app/dispatcher: taking detour [naiveProxy] for [tcp:127.0.0.1:1234]
2021/10/05 12:53:27 [Info] transport/internet/tcp: dialing TCP to tcp:127.0.0.1:7777
2021/10/05 12:53:28 [Info] app/dns: failed to lookup ip for domain beacons.gcp.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:28 [Info] app/dns: failed to lookup ip for domain client.wns.windows.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:28 [Info] app/dispatcher: taking detour [naiveProxy] for [tcp:127.0.0.1:1234]
2021/10/05 12:53:28 [Info] transport/internet/tcp: dialing TCP to tcp:127.0.0.1:7777
2021/10/05 12:53:28 [Info] app/dns: failed to lookup ip for domain beacons3.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:28 [Info] app/dns: failed to lookup ip for domain beacons2.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:28 [Info] app/dns: failed to lookup ip for domain client.wns.windows.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:29 [Info] app/dns: failed to lookup ip for domain beacons3.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:29 [Info] app/dispatcher: taking detour [naiveProxy] for [tcp:127.0.0.1:1234]
2021/10/05 12:53:29 [Info] transport/internet/tcp: dialing TCP to tcp:127.0.0.1:7777
2021/10/05 12:53:29 [Info] app/dns: failed to lookup ip for domain beacons2.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:29 [Info] app/dispatcher: taking detour [naiveProxy] for [tcp:127.0.0.1:1234]
2021/10/05 12:53:29 [Info] transport/internet/tcp: dialing TCP to tcp:127.0.0.1:7777
2021/10/05 12:53:29 [Info] app/dns: failed to lookup ip for domain client.wns.windows.com at server TCP//127.0.0.1:1234 > context deadline exceeded
2021/10/05 12:53:30 [Info] app/dns: failed to lookup ip for domain beacons.gcp.gvt2.com at server TCP//127.0.0.1:1234 > context deadline exceeded
Naive:
[1005/205200.104051:INFO:naive_connection.cc(250)] Connection 3241 to www.google.com:443
[1005/205200.143941:INFO:naive_connection.cc(250)] Connection 3242 to 127.0.0.1:1234
[1005/205200.616778:INFO:naive_proxy.cc(183)] Connection 3242 closed: OK
[1005/205202.273592:INFO:naive_connection.cc(250)] Connection 3243 to 127.0.0.1:1234
[1005/205202.374996:INFO:naive_connection.cc(250)] Connection 3244 to alive.github.com:443
[1005/205202.516843:INFO:naive_proxy.cc(183)] Connection 3243 closed: OK
[1005/205203.081847:INFO:naive_connection.cc(250)] Connection 3245 to 127.0.0.1:1234
[1005/205203.533488:INFO:naive_proxy.cc(183)] Connection 3245 closed: OK
[1005/205203.655459:INFO:naive_connection.cc(250)] Connection 3246 to 127.0.0.1:1234
[1005/205203.761323:INFO:naive_proxy.cc(183)] Connection 3244 closed: OK
[1005/205203.821262:INFO:naive_proxy.cc(183)] Connection 3246 closed: OK
[1005/205204.657511:INFO:naive_connection.cc(250)] Connection 3247 to 127.0.0.1:1234
[1005/205204.810992:INFO:naive_connection.cc(250)] Connection 3248 to 127.0.0.1:1234
[1005/205204.827296:INFO:naive_proxy.cc(183)] Connection 3247 closed: OK
[1005/205204.989066:INFO:naive_proxy.cc(183)] Connection 3248 closed: OK
[1005/205205.381337:INFO:naive_connection.cc(250)] Connection 3249 to 127.0.0.1:1234
[1005/205205.586179:INFO:naive_proxy.cc(183)] Connection 3249 closed: OK
[1005/205206.300177:INFO:naive_connection.cc(250)] Connection 3250 to play.google.com:443
[1005/205206.381777:INFO:naive_connection.cc(250)] Connection 3251 to 127.0.0.1:1234
[1005/205206.543584:INFO:naive_proxy.cc(183)] Connection 3251 closed: OK
[1005/205206.659424:INFO:naive_connection.cc(250)] Connection 3252 to 127.0.0.1:1234
[1005/205206.856343:INFO:naive_proxy.cc(183)] Connection 3252 closed: OK
[1005/205207.107232:INFO:naive_connection.cc(250)] Connection 3253 to 127.0.0.1:1234
[1005/205207.268389:INFO:naive_proxy.cc(183)] Connection 3253 closed: OK
[1005/205208.384178:INFO:naive_connection.cc(250)] Connection 3254 to 127.0.0.1:1234
[1005/205208.556770:INFO:naive_proxy.cc(183)] Connection 3254 closed: OK
[1005/205208.854948:INFO:naive_connection.cc(250)] Connection 3255 to 127.0.0.1:1234
[1005/205209.036814:INFO:naive_proxy.cc(183)] Connection 3255 closed: OK
[1005/205209.235779:INFO:naive_proxy.cc(183)] Connection 3236 closed: OK
Caddyfile里面需要一个acl,默认是屏蔽127.0.0.1的。
route {
forward_proxy {
...
acl {
allow 127.0.0.1
}
}
如果tcp://我的vps地址:1234
能用,效果也一样。
不一定要自己下载dnsproxy,dnsmasq就行了。
哇塞,按照你的提示加了acl就可以了,我一直没搞清楚那一步除了问题,原来是naive那边默认屏蔽了,感谢感谢。
不用tcp://我的vps地址:1234
主要是我的服务器还有其他服务,不想让整个服务器地址都都代理。
这我就有点好奇了,我allow 127.0.0.1后会不会造成什么负面影响吗?
不过,就算有影响,感觉不会太大,因为我在写iptables rule的时候,就写了-d 127.0.0.0/8 -j RETURN
我在路由器上使用v2ray来透明代理时可以正常使用,但是由于某种原因,我要把服务器改成naiveproxy,所以我在v2ray原基础上做了修改
outbounds
,然后创建一个本地socks指向naiveproxy。现在naiveproxy上会出现
ERR_SOCKS_CONNECTION_FAILED
是不是因为解析DNS的udp流量走到了naive但是naive不支持udp导致的? 请问有没有什么好的方法可以让naive搭配v2ray使用?我现在的方式就是,新开一个
outbounds
,专门让DNS流量走这个。但是我不想新开一个,想让所有需要代理的流量都走naive。