同一个客户端配置文件，Windows和Debian都正常，但是在Openwrt中不工作

[oTnTh]

你正在使用哪个版本的 V2Ray？

服务器端：V2Ray 5.2.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.19.4 linux/amd64)

v2ray-core下载的v5.2.1 User Preview作为客户端，linux-64和Windows-64均正常。

Openwrt中测试过v2ray-core下载的linux-arm64-v8a，还有Openwrt官方源的5.2.0，表现一致，均不工作。

你的使用场景是什么？

服务器端跑在国外的VPS上，因为IP地址被墙了，所以套了Cloudflare的CDN。服务器端没有套Nginx，直接监听443端口。

配置文件是从这里抄的：https://github.com/v2fly/v2ray-examples/tree/master/VLESS-TCP-TLS-WS%20(recommended)

服务器端和客户端都跑起来以后，用curl测试连接：

curl -vI --socks5-hostname xxxx:1080 https://google.com

你看到的异常现象是什么？

我在config中将loglevel设置为debug，当客户端跑在Windows和Debian中时，服务器端和客户端的STDOUT都有一些连接相关的内容。

但是客户端跑在Openwrt中时，服务器端的STDOUT没有任何输出，似乎客户端的连接请求完全没发到服务器端。

curl的输出是这样的：

curl -vI --socks5-hostname 192.168.1.1:1080 https://google.com
*   Trying 192.168.1.1:1080...
* SOCKS5 connect to google.com:443 (remotely resolved)
* SOCKS5 request granted.
* Connected to 192.168.1.1 (192.168.1.1) port 1080 (#0)
* schannel: disabled automatic use of client certificate
* ALPN: offers http/1.1
* schannel: failed to receive handshake, SSL/TLS connection failed
* Closing connection 0
curl: (35) schannel: failed to receive handshake, SSL/TLS connection failed

都是从v2ray-core下载的程序，服务器端是同一个，客户端的配置文件也完全一样，但是Openwrt中就是不工作。

请附上你的配置

服务端配置：

{
    "log": {
        "loglevel": "debug"
    },
    "inbounds": [
        {
            "port": 443,
            "protocol": "vless",
            "settings": {
                "clients": [
                    {
                        "id": "[UUID]",
                        "level": 0,
                        "email": "love@v2fly.org"
                    }
                ],
                "decryption": "none",
                "fallbacks": [
                    {
                        "dest": "80"
                    },
                    {
                        "path": "[路径]",
                        "dest": [端口],
                        "xver": 1
                    }
                ]
            },
            "streamSettings": {
                "network": "tcp",
                "security": "tls",
                "tlsSettings": {
                    "alpn": [
                        "http/1.1"
                    ],
                    "certificates": [
                        {
                            "certificateFile": "/usr/local/etc/v2ray/v2ray.crt",
                            "keyFile": "/usr/local/etc/v2ray/v2ray.key"
                        }
                    ]
                }
            }
        },
        {
            "port": [端口],
            "listen": "127.0.0.1",
            "protocol": "vless",
            "settings": {
                "clients": [
                    {
                        "id": "[UUID]",
                        "level": 0,
                        "email": "love@v2fly.org"
                    }
                ],
                "decryption": "none"
            },
            "streamSettings": {
                "network": "ws",
                "security": "none",
                "wsSettings": {
                    "acceptProxyProtocol": true,
                    "path": "[路径]"
                }
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom"
        }
    ]
}

客户端配置：

{
    "log": {
        "loglevel": "debug"
    },
    "inbounds": [
        {
            "port": 1080,
            "listen": "0.0.0.0",
            "protocol": "socks",
            "settings": {
                "udp": true
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "vless",
            "settings": {
                "vnext": [
                    {
                        "address": "[域名]",
                        "port": 443,
                        "users": [
                            {
                                "id": "[UUID]",
                                "encryption": "none",
                                "level": 0
                            }
                        ]
                    }
                ]
            },
            "streamSettings": {
                "network": "ws",
                "security": "tls",
                "tlsSettings": {
                    "serverName": "[域名]"
                },
                "wsSettings": {
                    "path": "[路径]"
                }
            }
        }
    ]
}

请附上出错时软件输出的错误日志

服务器端错误日志：

// 服务器端没有输出任何内容

客户端错误日志：

Openwrt系统设置里已经将时区设置为东八区，date命令的输出也是正常的Thu Jan 19 07:43:10 CST 2023，但是日志里的时间戳是UTC时间。可是我用的是VLESS，按照文档的说法，跟时间设置应该没有关系才对？

V2Ray 5.2.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.19.4 linux/arm64)
A unified platform for anti-censorship.
2023/01/18 22:59:10 [Debug] app/log: Logger started
2023/01/18 22:59:10 [Debug] app/proxyman/inbound: creating stream worker on 0.0.0.0:1080
2023/01/18 22:59:10 [Info] transport/internet/tcp: listening TCP on 0.0.0.0:1080
2023/01/18 22:59:10 [Info] transport/internet/udp: listening UDP on 0.0.0.0:1080
2023/01/18 22:59:10 [Warning] V2Ray 5.2.1 started
2023/01/18 22:59:15 [Info] [606408028] proxy/socks: TCP Connect request to tcp:google.com:443
2023/01/18 22:59:15 [Warning] [606408028] app/dispatcher: default route for tcp:google.com:443
2023/01/18 22:59:15 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 22:59:15 tcp:192.168.1.100:63221 accepted tcp:google.com:443
2023/01/18 22:59:26 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 22:59:36 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 22:59:47 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 22:59:57 [Info] [606408028] transport/internet/websocket: creating connection to tcp:[域名]:443
2023/01/18 23:00:08 [Warning] [606408028] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:50704->[2606:4700:3030::ac43:c97f]:443: i/o timeout transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:51296->[2606:4700:3032::6815:3cd1]:443: i/o timeout transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:54852->[2606:4700:3032::6815:3cd1]:443: i/o timeout transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:57452->[2606:4700:3030::ac43:c97f]:443: i/o timeout transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://[域名]/[路径]):  > write tcp [本地IPv6地址]:37996->[2606:4700:3032::6815:3cd1]:443: i/o timeout] > common/retry: all retry attempts failed
2023/01/18 23:00:08 [Info] [606408028] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe

[oTnTh]

我看到有人提到5.2.0可能存在问题：https://github.com/v2fly/v2ray-core/issues/2243

于是我将客户端和服务器端都换成了v2ray-core下载的5.1.0，再次测试还是一样的问题。

[oldflag2333333]

openwrt有很多防火墙规则，我觉得你可以看看是不是哪条把他拦了。

[oTnTh]

我用的是Openwrt官方固件，内置的防火墙规则好像也不多，出站什么都没拦，sshtunel和shadowsocks（撞墙之前）都是正常的。/etc/init.d/firewall stop 关闭防火墙以后测试，也还是一样的问题。

比较挠头的是，都看不出应该去哪个部分找问题。

[yyiu]

            "tlsSettings": {
                "serverName": "[域名]"
            },

这个不要了，加了可能会墙

[oldflag2333333]

没仔细看说明，才发现你套了cdn，如果你要用 websocket 的话得确认 cdn 这边是不是支持 websocket，供应商有没有防火墙规则，然后另外 v2ray 报错日志显示的是建立 tcp 连接的时候找不到“目的地”，可能是ipv6之类的原因导致的。

补充一些题外话，如果你要套 cdn 就不要使用 websocket 了，因为 cdn 其实不是解决这个问题的，这种动态请求会回源，而且有可能cdn自己会有些什么规则，让你的 websocket 的表现很奇怪，比如cdn的回源超时时间很短，那么你的 websocket 就会频繁断连。而且就我个人经验来说，一般的 cdn 服务对性能的影响太大了，除非被关了能不套还是不套吧。

[oTnTh]

需要套cdn是因为vps的ipv4地址已经撞墙了，不得已。

至于websocket，则是因为看到了这篇文档：https://guide.v2fly.org/advanced/cdn.html

所以才抄了这里的配置文件：https://github.com/v2fly/v2ray-examples/tree/master/VLESS-TCP-TLS-WS%20(recommended)

我遇到的主要问题是，同一个客户端配置文件，Openwrt上不能用，但是在Openwrt后面的Windows和Debian都正常工作。

[oTnTh]

我自己的ISP是联通，然后我将配置文件发给一个用电信的朋友帮忙测试了一下。在他的Openwrt路由器上，同一个配置文件似乎是能工作的。

但是因为我没法把我的路由器搬到他家里去测试，所以我无法确认这个问题是不是跟ISP相关。

[github-actions[bot]]

This issue is stale because it has been open 120 days with no activity. Remove stale label or comment or this will be closed in 5 days