search

v2fly / v2ray-core

A platform for building proxies to bypass network restrictions.
https://v2fly.org
MIT License
28.52k stars 4.55k forks source link

v2ray刚安装(WebSocket + TLS + Web + CDN)时可以正常使用,两天后突然无法连接 #2830

Open snc2023 opened 7 months ago

snc2023 commented 7 months ago

你正在使用哪个版本的 V2Ray?

server: v5.12.1 client: v2rayN V6.31

你的使用场景是什么?

访问google,youtube等网站

你看到的异常现象是什么?

前两天可以正常访问google等网站,昨天突然所有网站都无法连接,客户端报错

你期待看到的正常表现是怎样的?

正常连接

请附上你的配置

服务端配置: V2ray:

// 在这里附上服务器端配置文件
{
    "log":{
        "loglevel":"warning"
    },
    "routing":{
        "domainStrategy":"AsIs",
        "rules":[
            {
                "type":"field",
                "ip":[
                    "geoip:private"
                ],
                "outboundTag":"block"
            }
        ]
    },
    "inbounds":[
        {
            "listen":"127.0.0.1",
            "port":10008,
            "protocol":"vmess",
            "settings":{
                "clients":[
                    {
                        "id":"518a0b81-898b-4e0f-8535-0e046e03db39",
                        "alterId":0
                    }
                ]
            },
            "streamSettings":{
                "network":"ws",
                "wsSettings":{
                    "path":"/ray"
                }
            }
        }
    ],
"outbounds": [
  {
    "protocol": "freedom",
    "settings": {}
  },
  {
    "protocol": "blackhole",
    "settings": {},
    "tag": "block"
  },
  {
      "tag": "cloudflare-warp",
      "protocol": "socks",
      "settings": {
        "servers": [
          {
            "address": "127.0.0.1",
            "port": 9999
          }
        ]
      }
  }
],
"routing": {
  "rules": [
    {
      "type": "field",
      "ip": [
        "0.0.0.0/8",
        "10.0.0.0/8"
      ],
      "outboundTag": "block"
    },
    {
      "type": "field",
      "domain": [
        "openai.com",
        "ai.com",
        "scholar.google.com",
        "netflix.com",
        "bing.com"
      ],
      "outboundTag": "cloudflare-warp"
    }
  ]
}
}

客户端配置:

// 在这里附上客户端配置
{
  "log": {
    "access": "",
    "error": "",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "tag": "socks",
      "port": 10808,
      "listen": "127.0.0.1",
      "protocol": "socks",
      "sniffing": {
        "enabled": true,
        "destOverride": [
          "http",
          "tls"
        ],
        "routeOnly": false
      },
      "settings": {
        "auth": "noauth",
        "udp": true,
        "allowTransparent": false
      }
    },
    {
      "tag": "http",
      "port": 10809,
      "listen": "127.0.0.1",
      "protocol": "http",
      "sniffing": {
        "enabled": true,
        "destOverride": [
          "http",
          "tls"
        ],
        "routeOnly": false
      },
      "settings": {
        "auth": "noauth",
        "udp": true,
        "allowTransparent": false
      }
    }
  ],
  "outbounds": [
    {
      "tag": "proxy",
      "protocol": "vmess",
      "settings": {
        "vnext": [
          {
            "address": "mydomain.com",
            "port": 443,
            "users": [
              {
                "id": "xxxxxxxxxxxxxxxxxxx",
                "alterId": 0,
                "email": "t@t.tt",
                "security": "auto"
              }
            ]
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "security": "tls",
        "tlsSettings": {
          "allowInsecure": false,
          "serverName": "mydomain.com",
          "show": false
        },
        "wsSettings": {
          "path": "/ray",
          "headers": {
            "Host": "mydomain.com"
          }
        }
      },
      "mux": {
        "enabled": false,
        "concurrency": -1
      }
    },
    {
      "tag": "direct",
      "protocol": "freedom",
      "settings": {}
    },
    {
      "tag": "block",
      "protocol": "blackhole",
      "settings": {
        "response": {
          "type": "http"
        }
      }
    }
  ],
  "dns": {
    "servers": [
      "1.1.1.1",
      "8.8.8.8"
    ]
  },
  "routing": {
    "domainStrategy": "AsIs",
    "rules": [
      {
        "type": "field",
        "inboundTag": [
          "api"
        ],
        "outboundTag": "api"
      },
      {
        "type": "field",
        "port": "0-65535",
        "outboundTag": "proxy"
      }
    ]
  }
}

请附上出错时软件输出的错误日志

服务器端错误日志:

// 在这里附上服务器端日志
Nginx和v2ray皆无有效日志

客户端错误日志:

// 在这里附上客户端日志
配置成功
[VMess] new-2(***work:443)
启动服务(2023/12/25 17:51:53)...
Xray 1.8.4 (Xray, Penetrates Everything.) Custom (go1.21.0 windows/amd64)
A unified platform for anti-censorship.
2023/12/25 17:51:53 Using default config:  C:\Users\htsc\Downloads\v2rayN-With-Core\v2rayN-With-Core\guiConfigs\config.json
2023/12/25 17:51:53 [Info] infra/conf/serial: Reading config: C:\Users\htsc\Downloads\v2rayN-With-Core\v2rayN-With-Core\guiConfigs\config.json
2023/12/25 17:51:53 [Warning] core: Xray 1.8.4 started
2023/12/25 17:51:54 系统代理设置改变ForcedClear
2023/12/25 17:51:54 127.0.0.1:56594 accepted //www.google.com:443 [http -> proxy]
2023/12/25 17:51:57 [Warning] [1954054677] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://mydomain.com/ray):  > read tcp [240e:47a:440:17a9:ec4f:a2b3:523a:3bfe]:56595->[2606:4700:3030::6815:3eb0]:443: wsarecv: An existing connection was forcibly closed by the remote host. transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://mydomain.com/ray):  > read tcp [240e:47a:440:17a9:ec4f:a2b3:523a:3bfe]:56597->[2606:4700:3030::6815:3eb0]:443: wsarecv: An existing connection was forcibly closed by the remote host. transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://mydomain.com/ray):  > read tcp [240e:47a:440:17a9:ec4f:a2b3:523a:3bfe]:56598->[2606:4700:3030::6815:3eb0]:443: wsarecv: An existing connection was forcibly closed by the remote host. transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://mydomain.com/ray):  > read tcp [240e:47a:440:17a9:ec4f:a2b3:523a:3bfe]:56599->[2606:4700:3030::6815:3eb0]:443: wsarecv: An existing connection was forcibly closed by the remote host. transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://mydomain.com/ray):  > read tcp [240e:47a:440:17a9:ec4f:a2b3:523a:3bfe]:56600->[2606:4700:3030::6815:3eb0]:443: wsarecv: An existing connection was forcibly closed by the remote host.] > common/retry: all retry attempts failed
2023/12/25 17:51:57 当前服务的真连接延迟: -1 ms

请附上访问日志

// 在这里附上服务器端日志
无有效日志

其它相关的配置文件(如 Nginx)和相关日志

Nginx

// 在这里附上服务器端日志
server {
  listen 80 default_server;
  listen [::]:80 default_server;

  server_name mydomain.com www.mydomain.com;

  return 301 https://$host$request_uri;
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  ssl_certificate /etc/ssl/cert.pem;
  ssl_certificate_key /etc/ssl/key.pem;
  ssl_client_certificate /etc/ssl/cloudflare.crt;
  ssl_verify_client on;
  ssl_session_timeout 1d;
  ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
  ssl_session_tickets off;

  # intermediate configuration
  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
  ssl_prefer_server_ciphers off;

  # HSTS (ngx_http_headers_module is required) (63072000 seconds)
  add_header Strict-Transport-Security "max-age=63072000" always;

  server_name mydomain.com www.mydomain.com;

  root /var/www/mydomain.com/html;
  index index.html index.htm index.nginx-debian.html;

  location / {
    try_files $uri $uri/ =404;
  }

  location /ray {
    if ($http_upgrade != "websocket") {
      return 404;
    }
    proxy_redirect off;
    proxy_pass http://127.0.0.1:10008;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

如果 V2Ray 无法启动,请附上 --test 命令的输出

如果 V2Ray 服务运行异常,请附上 journal 日志

snc2023 commented 7 months ago

其他信息: 时区和时间完全一致:Asia/Shanghai telnet vps和域名,443、80都是通的 客户端日志中存在大量:failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://mydomain.com/ray): > read tcp [240e:47a:440:17a9:ec4f:a2b3:523a:3bfe]:56600->[2606:4700:3030::6815:3eb0]:443: wsarecv: An existing connection was forcibly closed by the remote host. nginx、v2ray日志中没有有效信息

raincity212 commented 3 months ago

我跟你一模一样的配置和问题。正常使用一两年了,上周突然这样了。请问下问题解决了吗?

zazitufu commented 2 months ago

查看服务器的时间,看是否因为运行太久,又没有跟互联网时间同步,造成服务器时间有偏差。