search

shadowsocks / shadowsocks-libev

Bug-fix-only libev port of shadowsocks. Future development moved to shadowsocks-rust
https://github.com/shadowsocks/shadowsocks-rust
GNU General Public License v3.0
15.79k stars 5.69k forks source link

shadowsocks-libev 3.0.6 在 entware 下效果很差, 完全无法看 Youtube. #1632

Closed zw963 closed 7 years ago

zw963 commented 7 years ago

请看这个 issue, 有详细解释.

https://github.com/Entware-ng/Entware-ng/issues/739

madeye commented 7 years ago

Try disable UDP relay or disable QUIC support of your browser.

zw963 commented 7 years ago

@madeye , I use ss-redir and ss-tunnel for transparent proxy in my router.

following is my config:

Client (Router)

ss-redir -c /opt/etc/shadowsocks.json

ss-tunnel -c /opt/etc/shadowsocks.json -b 127.0.0.1 -l 1082 -L 8.8.4.4:53 -u

Server

/usr/bin/ss-server -u --fast-open -c /etc/shadowsocks/config.json

I remove -u from server and client, but, it not worked anymore

zw963 commented 7 years ago

Try disable UDP relay

In fact, I don't know what this means, though, I use my old config/auto deploy scripts for a long time, https://github.com/zw963/asuswrt-merlin-transparent-proxy, it work very well for two years, until I update my route ss.

madeye commented 7 years ago

If the latest version doesn't work for you, just revert to the old version.

I've no idea why your router have problems with Youtube. IMO, it should be related to QUIC and udp relay.

zw963 commented 7 years ago

@madeye , is there exists another more simple usage for my purpose? (transparent proxy),

what i mean is, shadowsocks-libev is keep updating, several new ss command is added, and more options is supported, but, for me, a very naive learner for those tech, still keep use some config find from baidu, google etc.

Thanks

zw963 commented 7 years ago

I've no idea why your router have problems with Youtube. IMO, it should be related to QUIC and udp relay.

OK, i will try to use old 2.6 version to deploy to my router now.

madeye commented 7 years ago

BTW, you'd not use REDIRECT to redirect UDP traffic. https://github.com/zw963/asuswrt-merlin-transparent-proxy/commit/2cb642fc642b21e9180ead9a5347b85b4e067d89

Please follow https://github.com/shadowsocks/luci-app-shadowsocks/blob/master/files/root/usr/bin/ss-rules-without-ipset#L75 to setup all the UDP rules.

zw963 commented 7 years ago

BTW, you'd not use REDIRECT to redirect UDP traffic. zw963/asuswrt-merlin-transparent-proxy@2cb642f

@madeye , Yes, I had remove that before this issue in my local repo. that config is from a issue advice, i just for test speed.

Please follow https://github.com/shadowsocks/luci-app-shadowsocks/blob/master/files/root/usr/bin/ss-rules-without-ipset#L75 to setup all the UDP rules.

Thanks, I will try to research those now, thanks for you help.

zw963 commented 7 years ago

I've no idea why your router have problems with Youtube. IMO, it should be related to QUIC and udp relay.

OK, i will try to use old 2.6 version to deploy to my router now.

@madeye , I deploy shadowsocks-libev 2.6.1 with OpenSSL 1.0.2k 26 Jan 2017 version to my router, server version keep 3.0.8, but reenable udp relay.

/usr/bin/ss-server -u --fast-open -c /etc/shadowsocks/config.json

It now worked, after a short time test. (within firefox browser for andorid, use pc mode), I see Connection speed is up, 700-1200+ kbps. but for Youtube app, after short time test, still keep caching ... maybe caused by other problem.

anywhy, I need more time do test to exclude others network issue.

@madeye , do you consider need deply a old version ss-server in remote VPS?

zw963 commented 7 years ago

I deploy ss-server 3.0.8 to a completely new VPS. (linode in SG, previous is other provider in hongkong), and, deploy 2.6 to my router from a scratch, it work not well when use Youtube Android app,

but, when switch to use shadowsocks android app with same network bandwidth, after two hours test, it worked quite well with youtube Android app.

so, i think, maybe the missing udp iptable rule cause this, @madeye, What do you think?

zw963 commented 7 years ago

@madeye , Hi, I add udp iptables rule as following: (consult this link)

# FREEWEB is china whitelist domain name.
 ipset -N FREEWEB iphash

modprobe xt_TPROXY

$iptables -t mangle -N SHADOWSOCKS
# iptables -t mangle -N SHADOWSOCKS_MARK

$iptables -t mangle -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN
$iptables -t mangle -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN
$iptables -t mangle -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN
$iptables -t mangle -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN
$iptables -t mangle -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN
$iptables -t mangle -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN
$iptables -t mangle -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN
$iptables -t mangle -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN

ip rule add fwmark 0x01/0x01 table 100
ip route add local 0.0.0.0/0 dev lo table 100

$iptables -t mangle -A SHADOWSOCKS -p udp -m set --match-set FREEWEB dst -j RETURN

$iptables -t mangle -A SHADOWSOCKS -p udp -j TPROXY --on-port 1082 --tproxy-mark 0x01/0x01
# $iptables -t mangle -A SHADOWSOCKS_MARK -p udp -m set --match-set gfwlist dst -j MARK --set-mark 1

$iptables -t mangle -A PREROUTING -p udp -j SHADOWSOCKS
# $iptables -t mangle -A OUTPUT -j SHADOWSOCKS_MARK

But, following error is happen.

# modprobe xt_TPROXY
modprobe: module xt_TPROXY not found in modules.dep
# ip rule add fwmark 0x01/0x01 table 100
Error: argument "0x01/0x01" is wrong: fwmark value is invalid

Is there some clue about how to fix those two issue?

Thanks

zw963 commented 7 years ago

@madeye

It seem like play youtube in firefox (PC) have a perfect speed.

pic

And same video in firefox(Android) have a perfect speed too. pic

But not work for Youtube android app andChrome for android (builtin browser)`.

zw963 commented 7 years ago

Following is info from Youtube android app.

pic

Fine, I think this issue is hard to resolve for me.

@madeye , Could you please just give me some advice?

ss-server use 3.0.x or 2.5.6, which is better? for use in router, current use old obsolete 2.6.1, should I use newest 3.0.6 ?

madeye commented 7 years ago

As mentioned above, it's caused by QUIC and UDP relay. Two possible solutions:

  1. Disable QUIC in Chrome. (Search the issue tracker for more details)
  2. Follow the script of OpenWRT (TPROXY kernel module is required) or flash your router to OpenWRT instead.
zw963 commented 7 years ago

AC-66U not support OpenWRT.

Device Type:
    Router
Brand:
    Asus
Model:
    RT-AC66U
Availability:
    Available
Unsupported:
    Unsupported due to ASUS' proprietary wireless AC implementation
Platform:
    Broadcom BCM4706
Target:
    brcm47xx
Instruction Set:
    MIPS32
Sub Instruction Set:
    MIPS32 74K series

看样子我只能忍着凑合用了.

madeye commented 7 years ago

If so, try https://github.com/koolshare

zw963 commented 7 years ago

@madeye , thanks, I create a issue there, see if can help.

and, this reply told me, AC-66U kernel is too old to support that. maybe it the time I buy a new router.

zw963 commented 7 years ago

@madeye , 在相当长的一段时间内, 我使用 Android 手机 Youtube app 看视频毫无压力, 然后莫名其妙的就发现越来越慢, 到现在几乎完全没办法看.

最早我应该是使用 ss-server 2.4.x 版本, 具体版本不记得了, 很长一段时间基于这个版本没有动过. 当然, Android 也在更新, Youtube app 版本也在更新, 现在问题引起的原因就是你指出的 QUIC and UDP relay,

但是我仍旧有一个疑问, 基于你对 shadowsocks-libev 的了解, 这个结果是到底是升级 ss-server 造成的, 还是升级 youtube app 造成的?

Thanks.

zw963 commented 7 years ago

@madeye

What the difference about: ss-redir udp relay with ss-tunnel udp relay?

zw963 commented 7 years ago

目前 server 3.0.8, client 3.0.6, 虽然路由器仍旧不支持 tproxy, 但是最近安卓的 Youtube app 速度变的可以接受了, 看样子可能是网络问题.