search

v2fly / v2ray-core

A platform for building proxies to bypass network restrictions.
https://v2fly.org
MIT License
29.59k stars 4.66k forks source link

panic: Calling IP() on a DomainAddress. #919

Closed sixg0000d closed 3 years ago

sixg0000d commented 3 years ago

你正在使用哪个版本的 V2Ray?

客户端:v4.38.0 服务端:v4.37.3

你的使用场景是什么?

使用 socks 代理和 fakedns 。

你看到的异常现象是什么?

启动 v2ray 后查询 dns 立即 panic

你期待看到的正常表现是怎样的?

正常运行

请附上你的配置

服务端配置:

// 在这里附上服务器端配置文件

客户端配置:

// 在这里附上客户端配置
{
    "dns": {
        "servers": [
            "fakedns"
        ]
    },
    "inbounds": [
        {
            "listen": "127.0.0.1",
            "port": 1089,
            "protocol": "socks",
            "sniffing": {
                "destOverride": [
                    "tls",
                    "fakedns",
                    "http"
                ],
                "enabled": true,
                "metadataOnly": false
            },
            "tag": "socks_IN"
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom",
            "tag": "DIRECT"
        },
        {
            "protocol": "dns",
            "tag": "dns-out"
        }
    ],
    "routing": {
        "rules": [
            {
                "inboundTag": [
                    "socks_IN"
                ],
                "outboundTag": "dns-out",
                "port": "53",
                "type": "field"
            }
        ]
    }
}

请附上出错时软件输出的错误日志

服务器端错误日志:

// 在这里附上服务器端日志

客户端错误日志:

// 在这里附上客户端日志
V2Ray 4.38.0 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.16.3 linux/amd64)
A unified platform for anti-censorship.
2021/04/18 14:55:11 [Info] main/jsonem: Reading config: config.json
2021/04/18 14:55:12 [Warning] V2Ray 4.38.0 started
panic: Calling IP() on a DomainAddress.

goroutine 41 [running]:
github.com/v2fly/v2ray-core/v4/common/net.domainAddress.IP(...)
        github.com/v2fly/v2ray-core/v4/common/net/address.go:164
github.com/v2fly/v2ray-core/v4/app/dns/fakedns.(*Holder).IsIPInIPPool(0xc001b47b00, 0x1041bf0, 0xc0015fc020, 0x7fdbdbca0b00)
        github.com/v2fly/v2ray-core/v4/app/dns/fakedns/fake.go:27 +0x31
github.com/v2fly/v2ray-core/v4/app/dispatcher.newFakeDNSSniffer.func2(0x1040920, 0xc001b46000, 0xc000152800, 0x205, 0x800, 0xc00000e038, 0x1040920, 0xc001b46000, 0xc00000e030)
        github.com/v2fly/v2ray-core/v4/app/dispatcher/fakednssniffer.go:42 +0x202
github.com/v2fly/v2ray-core/v4/app/dispatcher.newFakeDNSThenOthers.func1(0x1040920, 0xc001b46000, 0xc000152800, 0x205, 0x800, 0xc000152800, 0x800, 0x800, 0x205)
        github.com/v2fly/v2ray-core/v4/app/dispatcher/fakednssniffer.go:96 +0xfc
github.com/v2fly/v2ray-core/v4/app/dispatcher.(*Sniffer).Sniff(0xc002ecc498, 0x1040920, 0xc0001f3c80, 0xc000152800, 0x205, 0x800, 0x4, 0x5, 0xc001d12140, 0xc0015fc110)
        github.com/v2fly/v2ray-core/v4/app/dispatcher/sniffer.go:61 +0x17a
github.com/v2fly/v2ray-core/v4/app/dispatcher.sniffer.func1(0x1040920, 0xc0001f3c80, 0xc001b30000, 0xc000107ea8, 0xc002ecc498, 0x102d4e0, 0xc0001083c0, 0x7fdbdb92ab00, 0x18)
        github.com/v2fly/v2ray-core/v4/app/dispatcher/default.go:279 +0x15c
github.com/v2fly/v2ray-core/v4/app/dispatcher.sniffer(0x1040920, 0xc0001f3c80, 0xc001b30000, 0x200000000, 0x0, 0x0, 0x0, 0x0)
        github.com/v2fly/v2ray-core/v4/app/dispatcher/default.go:289 +0x1c5
github.com/v2fly/v2ray-core/v4/app/dispatcher.(*DefaultDispatcher).Dispatch.func1(0xc001b4a0c0, 0x1040920, 0xc0001f3c80, 0xc001d12d80, 0x3, 0x4, 0x430001, 0xc001d12080, 0xc002ecc3d8, 0xc0001f3680, ...)
        github.com/v2fly/v2ray-core/v4/app/dispatcher/default.go:237 +0xc5
created by github.com/v2fly/v2ray-core/v4/app/dispatcher.(*DefaultDispatcher).Dispatch
        github.com/v2fly/v2ray-core/v4/app/dispatcher/default.go:232 +0x675

请附上访问日志

// 在这里附上服务器端日志

其它相关的配置文件(如 Nginx)和相关日志

如果 V2Ray 无法启动,请附上 --test 命令的输出

如果 V2Ray 服务运行异常,请附上 journal 日志

xiaokangwang commented 3 years ago

大概可以猜出是什么问题,我修复一下。

xiaokangwang commented 3 years ago

https://github.com/v2fly/v2ray-core/commit/8ba4ac15acb9f6326e94ebcb57ab2d120099b969

sixg0000d commented 3 years ago

8ba4ac1

下载 artifact 试了下,同配置文件不再复现,修复有效。

sixg0000d commented 3 years ago

等等,好像还是有点问题 透明代理下( dokodemo-door 入站)本地 dns 迟迟不能获得查询结果,原因貌似是 fakedns 返回了空结果

2021/04/19 17:08:55 [Info] [862944627] proxy/dns: handling DNS traffic to udp:192.168.1.1:53
2021/04/19 17:08:55 [Debug] app/dns: domain www.google.com will use DNS in order: [FakeDNS]
2021/04/19 17:08:55 [Info] app/dns: FakeDNS got answer: www.google.com -> [198.18.0.0]
2021/04/19 17:08:55 [Debug] app/dns: domain www.google.com will use DNS in order: [FakeDNS]
2021/04/19 17:08:55 [Info] app/dns: FakeDNS got answer: www.google.com -> []
2021/04/19 17:08:55 [Info] proxy/dns: ip query
2021/04/19 17:09:00 [Debug] app/dns: domain www.google.com will use DNS in order: [FakeDNS]
2021/04/19 17:09:00 [Info] app/dns: FakeDNS got answer: www.google.com -> []
2021/04/19 17:09:00 [Info] proxy/dns: ip query
2021/04/19 17:09:05 [Debug] app/dns: domain www.google.com will use DNS in order: [FakeDNS]
2021/04/19 17:09:05 [Info] app/dns: FakeDNS got answer: www.google.com -> []
2021/04/19 17:09:05 [Info] proxy/dns: ip query
2021/04/19 17:09:10 [Debug] app/dns: domain www.google.com will use DNS in order: [FakeDNS]
2021/04/19 17:09:10 [Info] app/dns: FakeDNS got answer: www.google.com -> []

配置文件(去敏后)

{
    "log": {
        "loglevel": "debug"
    },
    "dns": {
        "servers": [
            "fakedns"
        ]
    },
    "inbounds": [
        {
            "listen": "127.0.0.1",
            "port": 1089,
            "protocol": "socks",
            "sniffing": {
                "destOverride": [
                    "tls",
                    "fakedns",
                    "http"
                ],
                "enabled": true,
                "metadataOnly": false
            },
            "tag": "socks_IN"
        },
        {
            "listen": "0.0.0.0",
            "port": 60080,
            "protocol": "dokodemo-door",
            "settings": {
                "followRedirect": true,
                "network": "tcp,udp"
            },
            "sniffing": {
                "destOverride": [
                    "http",
                    "tls",
                    "fakedns"
                ],
                "enabled": true,
                "metadataOnly": false
            },
            "streamSettings": {
                "sockopt": {
                    "tproxy": "tproxy"
                }
            },
            "tag": "tproxy_IN"
        }
    ],
    "outbounds": [
        {
            "protocol": "vless",
            "settings": {
                "vnext": [
                    {
                        "address": "1.1.1.1",
                        "port": 443,
                        "users": [
                            {
                                "encryption": "none",
                                "id": "5b8085b1-d7c2-4b8b-945b-c5b418600984"
                            }
                        ]
                    }
                ]
            },
            "streamSettings": {
                "network": "ws",
                "security": "tls",
                "tlsSettings": {
                    "serverName": "www.my.domain"
                },
                "wsSettings": {
                    "headers": {
                        "Host": "www.my.domain"
                    },
                    "path": "/path"
                }
            },
            "tag": "PROXY"
        },
        {
            "protocol": "freedom",
            "tag": "DIRECT"
        },
        {
            "protocol": "dns",
            "tag": "dns-out"
        }
    ],
    "routing": {
        "rules": [
            {
                "inboundTag": [
                    "socks_IN",
                    "tproxy_IN"
                ],
                "outboundTag": "dns-out",
                "port": "53",
                "type": "field"
            }
        ]
    }
}
xiaokangwang commented 3 years ago

我没想到什么可能导致这个问题的原因,如果有其他人也遇到这个问题可以尝试调试一下看是哪里的问题。

sixg0000d commented 3 years ago

并非完全失效了,而是需要等待很长一段时间才会返回结果,不像以前一样立即返回结果,似乎需要等待服务器查询到真实 ip 才会返回 fakeip

查询结果 `resolvectl flush-caches` 前的是 8ba4ac1 编译版本查询结果,`resolvectl flush-caches` 后的是 4.37.3 查询结果 ``` ~ $ resolvectl query www.google.com www.google.com: 198.18.0.6 -- link: enp2s0 -- Information acquired via protocol DNS in 10.2421s. -- Data is authenticated: no ~ $ resolvectl query www.k.com www.k.com: 198.18.0.7 -- link: enp2s0 -- Information acquired via protocol DNS in 20.3665s. -- Data is authenticated: no ~ $ resolvectl flush-caches ~ $ resolvectl query www.google.com www.google.com: 198.18.0.0 -- link: enp2s0 -- Information acquired via protocol DNS in 4.7ms. -- Data is authenticated: no ~ $ resolvectl query www.k.com www.k.com: 198.18.0.1 -- link: enp2s0 -- Information acquired via protocol DNS in 3.4ms. -- Data is authenticated: no ```

而有时等待很长时间也没有响应

$ time resolvectl query www.google.com
^C
________________________________________________________
Executed in   82.82 secs      fish           external
   usr time   14.55 millis    0.00 millis   14.55 millis
   sys time   11.49 millis    1.12 millis   10.38 millis

浏览器的 http / https 连接(即便是走透明代理)访问正常,就是纯查询和分开查询的连接如一些命令行会卡住

sixg0000d commented 3 years ago

空结果应该是这里返回的 https://github.com/v2fly/v2ray-core/blob/8ba4ac15acb9f6326e94ebcb57ab2d120099b969/app/dns/fakedns/fake.go#L33-L39

猜想: systemd-resolved 查询一个域名时,会同时查询 A 记录和 AAAA 记录,并且大部分时候先进行 AAAA 记录查询。如果收到的是空结果,就会重新查询并等待

另外我发现 4.37.3 的行为是即使查询指定 ipv6 地址,默认池的 fakedns 也会返回 198.18.x.x

~ $ resolvectl query -6 www.google.com
www.google.com: resolve call failed: 'www.google.com' does not have any RR of the requested type
2021/04/20 21:18:09 [Debug] app/dns: domain www.google.com will use DNS in order: [FakeDNS]
2021/04/20 21:18:09 [Info] app/dns: FakeDNS got answer: www.google.com -> [198.18.0.0]
Loyalsoldier commented 3 years ago

@sixg0000d

麻烦测试一下这个 PR:https://github.com/v2fly/v2ray-core/pull/925

sixg0000d commented 3 years ago

@sixg0000d

麻烦测试一下这个 PR:#925

对于我的配置文件,可以修复。

但是试了下在 dns 配置中添加 "queryStrategy": "UseIPv4", 或者添加 fakedns 配置

"fakedns": {
    "ipPool": "198.18.0.0/15",
    "poolSize": 65535
}

的话,长时间无应答问题依旧存在。

另外,这样默认配置同时有 ipv4 和 ipv6 两个 fakedns.ipPool ,但用户无法通过手动配置实现,是不是不太好?

sixg0000d commented 3 years ago 
2021/04/22 00:59:15 [Info] app/dns: UDP:8.8.8.8:53 got answer: www.domain.com. TypeA -> [1.2.3.4] 1.27209016s
2021/04/22 00:59:15 [Debug] app/dns: UDP:8.8.8.8:53 updating IP records for domain:www.domain.com.
2021/04/22 00:59:15 [Info] app/dns: UDP:8.8.8.8:53 got answer: www.domain.com. TypeAAAA -> [] 1.271681245s
2021/04/22 00:59:15 [Debug] app/dns: UDP:8.8.8.8:53 updating IP records for domain:www.domain.com.

当使用普通 dns 服务器( 8.8.8.8 )查询只有 ipv4 地址的域名时,从日志看 v2ray 的响应也是返回空结果,但是能立即响应,我再琢磨下为什么 fakedns 返回结果后无法立即响应

Gsonovb commented 3 years ago

我发现Ubuntu 20.04LTS 上,IPv6的域名无法解析, 好像是SYSTEMD的一个BUG, https://github.com/systemd/systemd/issues/18917

sixg0000d commented 3 years ago

我发现Ubuntu 20.04LTS 上,IPv6的域名无法解析, 好像是SYSTEMD的一个BUG, systemd/systemd#18917

好像和我遇到的问题没关系,我也无法复现(我已经没在用 fakedns 了)。如果查实 v2ray-core 有问题请开一个新的 issue 。如果和这个 issue 有关联的话请 mention 。