Closed PaTTeeL closed 3 years ago
What you need from me
On Wed, 14 Oct 2020, 15:18 PaTTeeL, notifications@github.com wrote:
除非特殊情况,请完整填写所有问题。不按模板发的 issue 将直接被关闭。 如果你遇到的问题不是 V2Ray 的 bug,比如你不清楚要如何配置,请使用Discussion https://github.com/v2fly/discussion/issues进行讨论。
- 你正在使用哪个版本的 V2Ray?(如果服务器和客户端使用了不同版本,请注明) v4.31.0
- 你的使用场景是什么?比如使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。 使用 firefox 通过 VLESS 代理观看 YouTube 视频
- 你看到的不正常的现象是什么?(请描述具体现象,比如访问超时,TLS 证书错误等) 服务端fallback设置"tlsSettings": {"alpn": ["h2","http/1.1"]……时,浏览器提示ERR_HTTP2_PROTOCOL_ERROR, 服务端fallback设置"tlsSettings": {"alpn": ["http/1.1"]……时正常,浏览器正常 streamSettings传输协议为http/2时网络不通
- 你期待看到的正确表现是怎样的? 正常打开网页
- 请附上你的配置(提交 Issue 前请隐藏服务器端IP地址)。
服务器端配置:
{
"log": {
"access": "/tmp/access.log", "error": "/tmp/error.log", "loglevel": "warning"
},
"inbounds": [
{ "port": 443, "protocol": "vless", "settings": { "clients": [{"email": "vless@tcp.org","id": "uuid"}], "decryption": "none", "fallbacks": [ {"dest": 8000}, {"xver": 0,"dest": 8001,"path": "/vless"}, {"alpn": "h2","dest": 8002,"path": "/vlessh2"}, {"xver": 0,"dest": 8003,"path": "/vmess"}, {"alpn": "h2","dest": 8004,"path": "/vmessh2"}]}, "streamSettings": { "network": "tcp", "security": "tls", "tlsSettings": { "alpn": ["h2","http/1.1"], "certificates": [{ "certificateFile": "/etc/letsencrypt/live/mydomain.com/fullchain.pem", "keyFile": "/etc/letsencrypt/live/mydomain.com/privkey.pem"}]}} }, { "port": 8001, "protocol": "vless", "listen": "127.0.0.1", "sniffing": {"enabled": true,"destOverride": ["http", "tls"]}, "settings": {"decryption": "none","clients": [{"email": "vless@ws.org","id": "uuid"}]}, "streamSettings": {"network": "ws","wsSettings": {"path": "/vless"} }}, { "port": 8002, "protocol": "vless", "listen": "127.0.0.1", "sniffing": {"enabled": true,"destOverride": ["http", "tls"]}, "settings": {"decryption": "none","clients": [{"email": "vless@h2.org","id": "uuid"}]}, "streamSettings": {"network": "h2","httpSettings": {"host": ["mydomain.com"],"path": "/vlessh2"} }}, { "port": 8003, "protocol": "vmess", "listen": "127.0.0.1", "sniffing": {"enabled": true,"destOverride": ["http", "tls"]}, "settings": {"clients": [{"email": "vmess@ws.org","id": "uuid"}]}, "streamSettings": {"network": "ws","wsSettings": {"path": "/vmess"} }}, { "port": 8004, "protocol": "vmess", "listen": "127.0.0.1", "sniffing": {"enabled": true,"destOverride": ["http", "tls"]}, "settings": {"clients": [{"email": "vmess@h2.org","id": "uuid"}]}, "streamSettings": {"network": "h2","httpSettings": {"host": ["mydomain.com"],"path": "/vmessh2"} }}
],
"outbounds": [
{"tag": "direct","protocol": "freedom","settings": {}}, {"tag": "block","protocol": "blackhole","settings": {}}
],
"routing": {
"rules": [ {"type": "field","outboundTag": "block","ip": ["0.0.0.0/8","10.0.0.0/8","127.0.0.0/8","172.16.0.0/12","192.168.0.0/16"]}, {"type": "field","outboundTag": "block","protocol": ["bittorrent"]}] # Bit Torrent
} }
客户端配置:
{
"policy": {
"system": { "statsInboundUplink": true, "statsInboundDownlink": true }
},
"log": {
"access": "", "error": "", "loglevel": "warning"
},
"inbounds": [
{ "tag": "proxy", "port": 8001, "listen": "127.0.0.1", "protocol": "socks", "sniffing": { "enabled": true, "destOverride": [ "http", "tls" ] }, "settings": { "auth": "noauth", "udp": true, "ip": null, "address": null, "clients": null, "decryption": null }, "streamSettings": null }, { "tag": "api", "port": 1621, "listen": "127.0.0.1", "protocol": "dokodemo-door", "sniffing": null, "settings": { "auth": null, "udp": false, "ip": null, "address": "127.0.0.1", "clients": null, "decryption": null }, "streamSettings": null }
],
"outbounds": [
{ "tag": "proxy", "protocol": "vless", "settings": { "vnext": [ { "address": "mydomain.com", "port": 443, "users": [ { "id": "uuid", "alterId": 0, "email": "t@t.tt", "security": "auto", "encryption": "none", "flow": "" } ] } ], "servers": null, "response": null }, "streamSettings": { "network": "h2", "security": "tls", "tlsSettings": { "allowInsecure": false, "serverName": "mydomain.com" }, "tcpSettings": null, "kcpSettings": null, "wsSettings": null, "httpSettings": { "path": "vlessh2", "host": [ "mydomain.com" ] }, "quicSettings": null, "xtlsSettings": null }, "mux": { "enabled": false, "concurrency": -1 } }, { "tag": "direct", "protocol": "freedom", "settings": { "vnext": null, "servers": null, "response": null }, "streamSettings": null, "mux": null }, { "tag": "block", "protocol": "blackhole", "settings": { "vnext": null, "servers": null, "response": { "type": "http" } }, "streamSettings": null, "mux": null }
],
"stats": {},
"api": {
"tag": "api", "services": [ "StatsService" ]
},
"dns": null,
"routing": {
"domainStrategy": "IPIfNonMatch", "rules": [ { "type": "field", "port": null, "inboundTag": [ "api" ], "outboundTag": "api", "ip": null, "domain": null }, { "type": "field", "port": null, "inboundTag": null, "outboundTag": "proxy", "ip": null, "domain": [ "geosite:google", "geosite:github", "geosite:netflix", "geosite:steam", "geosite:telegram", "geosite:tumblr", "geosite:speedtest", "geosite:bbc", "domain:gvt1.com", "domain:textnow.com", "domain:twitch.tv", "domain:wikileaks.org", "domain:naver.com" ] }, { "type": "field", "port": null, "inboundTag": null, "outboundTag": "proxy", "ip": [ "91.108.4.0/22", "91.108.8.0/22", "91.108.12.0/22", "91.108.20.0/22", "91.108.36.0/23", "91.108.38.0/23", "91.108.56.0/22", "149.154.160.0/20", "149.154.164.0/22", "149.154.172.0/22", "74.125.0.0/16", "173.194.0.0/16", "172.217.0.0/16", "216.58.200.0/24", "216.58.220.0/24", "91.108.56.116", "91.108.56.0/24", "109.239.140.0/24", "149.154.167.0/24", "149.154.175.0/24" ], "domain": null }, { "type": "field", "port": null, "inboundTag": null, "outboundTag": "direct", "ip": null, "domain": [ "domain:12306.com", "domain:51ym.me", "domain:52pojie.cn", "domain:8686c.com", "domain:abercrombie.com", "domain:adobesc.com", "domain:air-matters.com", "domain:air-matters.io", "domain:airtable.com", "domain:akadns.net", "domain:apache.org", "domain:api.crisp.chat", "domain:api.termius.com", "domain:appshike.com", "domain:appstore.com", "domain:aweme.snssdk.com", "domain:bababian.com", "domain:battle.net", "domain:beatsbydre.com", "domain:bet365.com", "domain:bilibili.cn", "domain:ccgslb.com", "domain:ccgslb.net", "domain:chunbo.com", "domain:chunboimg.com", "domain:clashroyaleapp.com", "domain:cloudsigma.com", "domain:cloudxns.net", "domain:cmfu.com", "domain:culturedcode.com", "domain:dct-cloud.com", "domain:didialift.com", "domain:douyutv.com", "domain:duokan.com", "domain:dytt8.net", "domain:easou.com", "domain:ecitic.net", "domain:eclipse.org", "domain:eudic.net", "domain:ewqcxz.com", "domain:fir.im", "domain:frdic.com", "domain:fresh-ideas.cc", "domain:godic.net", "domain:goodread.com", "domain:haibian.com", "domain:hdslb.net", "domain:hollisterco.com", "domain:hongxiu.com", "domain:hxcdn.net", "domain:images.unsplash.com", "domain:img4me.com", "domain:ipify.org", "domain:ixdzs.com", "domain:jd.hk", "domain:jianshuapi.com", "domain:jomodns.com", "domain:jsboxbbs.com", "domain:knewone.com", "domain:kuaidi100.com", "domain:lemicp.com", "domain:letvcloud.com", "domain:lizhi.io", "domain:localizecdn.com", "domain:lucifr.com", "domain:luoo.net", "domain:mai.tn", "domain:maven.org", "domain:miwifi.com", "domain:moji.com", "domain:moke.com", "domain:mtalk.google.com", "domain:mxhichina.com", "domain:myqcloud.com", "domain:myunlu.com", "domain:netease.com", "domain:nfoservers.com", "domain:nssurge.com", "domain:nuomi.com", "domain:ourdvs.com", "domain:overcast.fm", "domain:paypal.com", "domain:paypalobjects.com", "domain:pgyer.com", "domain:qdaily.com", "domain:qdmm.com", "domain:qin.io", "domain:qingmang.me", "domain:qingmang.mobi", "domain:qqurl.com", "domain:rarbg.to", "domain:rrmj.tv", "domain:ruguoapp.com", "domain:sm.ms", "domain:snwx.com", "domain:soku.com", "domain:startssl.com", "domain:store.steampowered.com", "domain:symcd.com", "domain:teamviewer.com", "domain:tmzvps.com", "domain:trello.com", "domain:trellocdn.com", "domain:ttmeiju.com", "domain:udache.com", "domain:uxengine.net", "domain:weather.bjango.com", "domain:weather.com", "domain:webqxs.com", "domain:weico.cc", "domain:wenku8.net", "domain:werewolf.53site.com", "domain:windowsupdate.com", "domain:wkcdn.com", "domain:workflowy.com", "domain:xdrig.com", "domain:xiaojukeji.com", "domain:xiaomi.net", "domain:xiaomicp.com", "domain:ximalaya.com", "domain:xitek.com", "domain:xmcdn.com", "domain:xslb.net", "domain:xteko.com", "domain:yach.me", "domain:yixia.com", "domain:yunjiasu-cdn.net", "domain:zealer.com", "domain:zgslb.net", "domain:zimuzu.tv", "domain:zmz002.com", "domain:samsungdm.com" ] }, { "type": "field", "port": null, "inboundTag": null, "outboundTag": "block", "ip": null, "domain": [ "geosite:category-ads" ] }, { "type": "field", "port": null, "inboundTag": null, "outboundTag": "direct", "ip": [ "geoip:private" ], "domain": null }, { "type": "field", "port": null, "inboundTag": null, "outboundTag": "direct", "ip": [ "geoip:cn" ], "domain": null }, { "type": "field", "port": null, "inboundTag": null, "outboundTag": "direct", "ip": null, "domain": [ "geosite:cn" ] } ]
} }
- 请附上出错时软件输出的错误日志。在 Linux 中,日志通常在 /var/log/v2ray/error.log 文件中。
服务器端错误日志:
2020/10/14 17:18:58 [Info] [4274677110] v2ray.com/core/proxy/vless/inbound: firstLen = 64 2020/10/14 17:18:58 [Info] [4274677110] v2ray.com/core/proxy/vless/inbound: fallback starts > v2ray.com/core/proxy/vless/encoding: invalid request version 2020/10/14 17:18:58 [Info] [4274677110] v2ray.com/core/proxy/vless/inbound: realAlpn = h2 2020/10/14 17:19:09 [Info] [4274677110] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: fallback ends > v2ray.com/core/proxy/vless/inbound: failed to fallback request payload > read tcp 10.0.0.3:443->clientip:13915: read: connection reset by peer 2020/10/14 17:19:09 [Info] [4274677110] v2ray.com/core/app/proxyman/inbound: failed to close connection > write tcp 10.0.0.3:443->clientip:13915: write: broken pipe 2020/10/14 17:19:10 [Info] [1754140807] v2ray.com/core/proxy/vless/inbound: firstLen = 64 2020/10/14 17:19:10 [Info] [1754140807] v2ray.com/core/proxy/vless/inbound: fallback starts > v2ray.com/core/proxy/vless/encoding: invalid request version 2020/10/14 17:19:10 [Info] [1754140807] v2ray.com/core/proxy/vless/inbound: realAlpn = h2 2020/10/14 17:19:10 [Info] [1754140807] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: fallback ends > v2ray.com/core/proxy/vless/inbound: failed to deliver response payload > read tcp 127.0.0.1:47106->127.0.0.1:8000: read: connection reset by peer 2020/10/14 17:19:12 [Info] [2387409379] v2ray.com/core/proxy/vless/inbound: firstLen = 64 2020/10/14 17:19:12 [Info] [2387409379] v2ray.com/core/proxy/vless/inbound: fallback starts > v2ray.com/core/proxy/vless/encoding: invalid request version 2020/10/14 17:19:12 [Info] [2387409379] v2ray.com/core/proxy/vless/inbound: realAlpn = h2 2020/10/14 17:19:12 [Info] [2387409379] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: fallback ends > v2ray.com/core/proxy/vless/inbound: failed to fallback request payload > write tcp 127.0.0.1:47108->127.0.0.1:8000: write: broken pipe 2020/10/14 17:19:14 [Info] [951663215] v2ray.com/core/proxy/vless/inbound: firstLen = 64 2020/10/14 17:19:14 [Info] [951663215] v2ray.com/core/proxy/vless/inbound: fallback starts > v2ray.com/core/proxy/vless/encoding: invalid request version 2020/10/14 17:19:14 [Info] [951663215] v2ray.com/core/proxy/vless/inbound: realAlpn = h2 2020/10/14 17:19:14 [Info] [951663215] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: fallback ends > v2ray.com/core/proxy/vless/inbound: failed to fallback request payload > write tcp 127.0.0.1:47110->127.0.0.1:8000: write: connection reset by peer 2020/10/14 17:19:15 [Info] [2723968924] v2ray.com/core/proxy/vless/inbound: firstLen = 64 2020/10/14 17:19:15 [Info] [2723968924] v2ray.com/core/proxy/vless/inbound: fallback starts > v2ray.com/core/proxy/vless/encoding: invalid request version 2020/10/14 17:19:15 [Info] [2723968924] v2ray.com/core/proxy/vless/inbound: realAlpn = h2 2020/10/14 17:19:15 [Info] [2723968924] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: fallback ends > v2ray.com/core/proxy/vless/inbound: failed to deliver response payload > read tcp 127.0.0.1:47112->127.0.0.1:8000: read: connection reset by peer 2020/10/14 17:19:17 [Info] [1402444456] v2ray.com/core/proxy/vless/inbound: firstLen = 64 2020/10/14 17:19:17 [Info] [1402444456] v2ray.com/core/proxy/vless/inbound: fallback starts > v2ray.com/core/proxy/vless/encoding: invalid request version 2020/10/14 17:19:17 [Info] [1402444456] v2ray.com/core/proxy/vless/inbound: realAlpn = h2 2020/10/14 17:19:17 [Info] [1402444456] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: fallback ends > v2ray.com/core/proxy/vless/inbound: failed to fallback request payload > write tcp 127.0.0.1:47114->127.0.0.1:8000: write: connection reset by peer 2020/10/14 17:19:21 [Info] [2203507837] v2ray.com/core/proxy/vless/inbound: firstLen = 64 2020/10/14 17:19:21 [Info] [2203507837] v2ray.com/core/proxy/vless/inbound: fallback starts > v2ray.com/core/proxy/vless/encoding: invalid request version 2020/10/14 17:19:21 [Info] [2203507837] v2ray.com/core/proxy/vless/inbound: realAlpn = h2 2020/10/14 17:19:21 [Info] [2203507837] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: fallback ends > v2ray.com/core/proxy/vless/inbound: failed to fallback request payload > write tcp 127.0.0.1:47116->127.0.0.1:8000: write: broken pipe 2020/10/14 17:19:22 [Info] [2200200901] v2ray.com/core/proxy/vless/inbound: firstLen = 64 2020/10/14 17:19:22 [Info] [2200200901] v2ray.com/core/proxy/vless/inbound: fallback starts > v2ray.com/core/proxy/vless/encoding: invalid request version 2020/10/14 17:19:22 [Info] [2200200901] v2ray.com/core/proxy/vless/inbound: realAlpn = h2 2020/10/14 17:19:22 [Info] [2200200901] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vless/inbound: fallback ends > v2ray.com/core/proxy/vless/inbound: failed to fallback request payload > read tcp 10.0.0.3:443->clientip:13985: use of closed network connection 2020/10/14 17:19:22 [Info] [2200200901] v2ray.com/core/app/proxyman/inbound: failed to close connection > tls: use of closed connection
客户端错误日志:
2020/10/14 16:41:56 [Warning] [380363826] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vless/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": unexpected EOF v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": read tcp 192.168.1.3:10782->serverip:443: wsarecv: An existing connection was forcibly closed by the remote host. v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": unexpected EOF] > v2ray.com/core/common/retry: all retry attempts failed 2020/10/14 16:41:58 [Warning] [1146162285] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vless/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": unexpected EOF v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": read tcp 192.168.1.3:10782->serverip:443: wsarecv: An existing connection was forcibly closed by the remote host. v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": unexpected EOF v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": read tcp 192.168.1.3:10795->serverip:443: wsarecv: An existing connection was forcibly closed by the remote host.] > v2ray.com/core/common/retry: all retry attempts failed 2020/10/14 16:41:58 [Warning] [390859468] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vless/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": unexpected EOF v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": read tcp 192.168.1.3:10782->serverip:443: wsarecv: An existing connection was forcibly closed by the remote host. v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": unexpected EOF v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": read tcp 192.168.1.3:10795->serverip:443: wsarecv: An existing connection was forcibly closed by the remote host.] > v2ray.com/core/common/retry: all retry attempts failed 2020/10/14 16:41:58 [Warning] [2799044900] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vless/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": unexpected EOF v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": read tcp 192.168.1.3:10782->serverip:443: wsarecv: An existing connection was forcibly closed by the remote host. v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": unexpected EOF v2ray.com/core/transport/internet/http: failed to dial to tcp:mydomain.com:443 > Put "https://mydomain.com:443/vlessh2": read tcp 192.168.1.3:10795->serverip:443: wsarecv: An existing connection was forcibly closed by the remote host.] > v2ray.com/core/common/retry: all retry attempts failed
- 请附上访问日志。在 Linux 中,日志通常在 /var/log/v2ray/access.log 文件中。
不通,无日志
- 其它相关的配置文件(如 Nginx)和相关日志。 后端caddy配置
:8000 {
log {
output file /tmp/caddy.log format json
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Robots-Tag "noindex, nofollow, noarchive, nocache, nosnippet, notranslate, noimageindex, noyaca"
}
route {
forward_proxy { probe_resistance www.163.com basic_auth USERNAME PASSWORD hide_via hide_ip } file_server { root /var/home }
}
handle_errors {
file_server { root /var/home } rewrite * /index.html
} }
:80 {
redir https://{host}{uri} }
后端caddy日志
{ "level":"error",
"ts":1602663499.5114472,
"logger":"http.log.access.log0",
"msg":"handled request",
"request":{
"remote_addr":"127.0.0.1:46224", "proto":"HTTP/2.0", "method":"PRI", "host":"", "uri":"*", "headers":{}},
"common_log":"127.0.0.1 - - [14/Oct/2020:16:18:19 +0800] \"PRI * HTTP/2.0\" 404 6735",
"duration":0.000169208,
"size":6735,
"status":404,
"resp_headers":{
"Server":["Caddy"], "X-Frame-Options":["SAMEORIGIN"], "X-Robots-Tag":["noindex, nofollow, noarchive, nocache, nosnippet, notranslate, noimageindex, noyaca"], "Strict-Transport-Security":["max-age=31536000; includeSubDomains; preload"], "X-Content-Type-Options":["nosniff"],<
vless回落/分流,根本不支持h2应用分流。仅支持ws及tcp应用的路径分流,回落到http/1.1及h2c server服务器。你根本没有搞清楚vless回落原理及使用范围!
vless回落/分流,根本不支持h2应用分流。仅支持ws及tcp应用的路径分流,回落到http/1.1及h2c server服务器。你根本没有搞清楚vless回落原理及使用范围!
所以小白来请教了,现在h2分流问题明白了,不支持的话就去掉,那回落到caddy server失败的问题是啥原因呢? caddy报错日志如下: { "level":"error", "ts":1602663499.5114472, "logger":"http.log.access.log0", "msg":"handled request", "request":{ "remote_addr":"127.0.0.1:46224", "proto":"HTTP/2.0", "method":"PRI", "host":"", "uri":"", "headers":{}}, "common_log":"127.0.0.1 - - [14/Oct/2020:16:18:19 +0800] \"PRI HTTP/2.0\" 404 6735", "duration":0.000169208, "size":6735, "status":404, "resp_headers":{ "Server":["Caddy"], "X-Frame-Options":["SAMEORIGIN"], "X-Robots-Tag":["noindex, nofollow, noarchive, nocache, nosnippet, notranslate, noimageindex, noyaca"], "Strict-Transport-Security":["max-age=31536000; includeSubDomains; preload"], "X-Content-Type-Options":["nosniff"], "Etag":["\"qb3qt3573\""], "Content-Type":["text/html; charset=utf-8"]}}
你连接配置了http/1.1与h2两者都支持,那么回落也必须同时都支持,即caddy2必须支持http/1.1与h2c server。 当然你不想麻烦,连接配置就去掉h2,那么caddy2启用http/1.1 server即可。当然这样配置,速度可能受影响。 最后你可以参考我的模板: https://github.com/lxhao61/integrated-examples
如楼上所说,caddy2默认不支持h2c服务,并且配置相对复杂,所以把alpn改成http/1.1即可,或者换haproxy当后端 fallback不支持h2c,可以先回落到web服务器由web服务做分流
(配置有些问题,但上面说的也不完全正确)
建议先参考模板,自定义配置时仔细阅读文档
感谢各路大神的指导,现在解决了大部分问题 1、h2部分学习了@lxhao61 的指导并参考了模板,搞通了,非常感谢!总结了一下如果要走h2,就必须alpn里启用h2,然后caddy开启allow_h2c选项,fallback到caddy再反向代理给inbounds实现h2的承载; 2、ProxyProtocol也看懂了,是tcp传递client信息给后面http server用的; 3、端口复用部分也基本学会了,现在碰到了另一个issue #316 中Caddy为前端,v2ray为后端一样的问题,就是当h2作为承载网络时,无论这两个进程谁前端谁后端,经常会大面积长时间的连续报stream error这样的错误,浏览器的表现就是页面开启特别慢甚至打不开,经常需要刷新页面,搜了半天同类型问题很多,貌似没找到什么解决方案,只有一条issue只言片语的提到了可能是h2引起的tcp头拥堵导致,请教各位大神到底是个啥情况? @rprx @zhuzeitou @lxhao61 BTW,能问问 @rprx VLESS的fallback有没有后续支持h2c的可能呢?
v2 的 h2 应该用了多路复用,即多条 VLESS 聚合成一条(而 v2 的 Mux 是一条 VLESS 上跑 Mux),多路复用在较差的网络环境下会影响使用体验。个人不推荐用 v2 的 h2(我也不用),性能弱且无必要,过不了 CDN 不如用 TCP。
fallbacks 的 path 无法支持 h2c 是原理决定的,暂时无最优解。
除非特殊情况,请完整填写所有问题。不按模板发的 issue 将直接被关闭。 如果你遇到的问题不是 V2Ray 的 bug,比如你不清楚要如何配置,请使用Discussion进行讨论。
1) 你正在使用哪个版本的 V2Ray?(如果服务器和客户端使用了不同版本,请注明) v4.31.0 2) 你的使用场景是什么?比如使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。 使用 firefox 通过 VLESS 代理观看 YouTube 视频 3) 你看到的不正常的现象是什么?(请描述具体现象,比如访问超时,TLS 证书错误等) 服务端fallback设置"tlsSettings": {"alpn": ["h2","http/1.1"]……时,浏览器提示ERR_HTTP2_PROTOCOL_ERROR, 服务端fallback设置"tlsSettings": {"alpn": ["http/1.1"]……时,浏览器正常 同时streamSettings传输协议为http/2的inbounds网络不通 4) 你期待看到的正确表现是怎样的? 正常打开网页 5) 请附上你的配置(提交 Issue 前请隐藏服务器端IP地址)。
服务器端配置:
客户端配置:
6) 请附上出错时软件输出的错误日志。在 Linux 中,日志通常在
/var/log/v2ray/error.log
文件中。服务器端错误日志:
客户端错误日志:
7) 请附上访问日志。在 Linux 中,日志通常在
/var/log/v2ray/access.log
文件中。8) 其它相关的配置文件(如 Nginx)和相关日志。 后端caddy配置
后端caddy日志
如上,在vless+tcp的fallback模式下,尝试过各种组合,只要出现h2,web服务器就罢工,另外fallback后的http/2传输部分一直没有弄通,求教需要如何配置? 补充,尝试过在8002端口inbounds的streamSettings中加入加密部分仍然是不通的:
另:TCP和WebSocket协议中的acceptProxyProtocol是否应该为enableProxyProtocol?测试发现xver=1、acceptProxyProtocol=false时和xver=0、acceptProxyProtocol=true时网络都不通