Closed itshaadi closed 5 years ago
Add logs
I can verify that the issue is not present when using v2ray with just a socks5 inbound. however when using tun2socks and changing my default gateway to tun1, this happens:
logs from v2ray
2019/07/11 16:30:54 [Warning] [1004810014] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://nextcloud.pcdns.ir/downloadstream): > dial tcp: lookup nextcloud.pcdns.ir on [::1]:53: dial udp [::1]:53: socket: too many open files v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://nextcloud.pcdns.ir/downloadstream): > read tcp 240.0.0.1:37070->104.31.78.203:443: i/o timeout v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://nextcloud.pcdns.ir/downloadstream): > dial tcp: operation was canceled] > v2ray.com/core/common/retry: all retry attempts failed
also logs from v2ray docker container (this isn't the VPS it's my home server)
2019/07/11 11:52:14 [Warning] [459052501] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://nextcloud.pcdns.ir/downloadstream): > dial tcp: lookup nextcloud.pcdns.ir on 127.0.0.11:53: read udp 127.0.0.1:33282->127.0.0.11:53: i/o timeout v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://nextcloud.pcdns.ir/downloadstream): > dial tcp: operation was canceled] > v2ray.com/core/common/retry: all retry attempts failed
2019/07/11 11:52:15 [Warning] [2793147498] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://nextcloud.pcdns.ir/downloadstream): > dial tcp: operation was canceled] > v2ray.com/core/common/retry: all retry attempts failed
and here is how I use tun2socks (eycorsican/go-tun2socks - v1.15.0):
ip tuntap add mode tun dev tun1
ip addr add 240.0.0.1 dev tun1
ip link set dev tun1 up
ip route del default
ip route add default via 240.0.0.1
ip route add SERVER_IP_HERE via 192.168.30.3
./tun2socks tunAddr 240.0.0.2 -tunGw 240.0.0.1 -proxyServer 127.0.0.1:1080
there are no error logs from server side, this appears to be a DNS issue, also I am using DNSCrypt.
https://github.com/eycorsican/go-tun2socks/issues/35#issuecomment-464418313 - I followed this comment previously which led to blocking the IP. could this be the reason?
See your client setting has enabled TLS, but nginx can't see tls
Are you using cloudflare? What is your cf-crypto-ssl setting?
Such as your client-(ws+tls)->CDN-(ws)->VPS Your cf-crypto-ssl need set "felxible"
Such as your client-(ws+tls)->CDN-(ws+tls)->VPS Your cf-crypto-ssl need "Full / Full (strict) / Strict (SSL-Only Origin Pull)" and need insert valid certificate into nginx
Please refer to :
v2ray/discussion : V2Ray直接访问IP正常,套上CDN就访问失败 #294 https://github.com/v2ray/discussion/issues/294#issuecomment-515636783
CLOUDFLARE : End-to-end HTTPS with Cloudflare - Part 3: SSL options https://support.cloudflare.com/hc/en-us/articles/200170416-End-to-end-HTTPS-with-Cloudflare-Part-3-SSL-options
NGINX : Configuring HTTPS servers http://nginx.org/en/docs/http/configuring_https_servers.html
I took a deeper look at v2ray and was able to understand the situation better. I also applied @kingwilliam tips, thank you.
recently, my VPS got walled. even though it was behind a CDN. here is my setup, I would like to know why I can't connect to the server (a new one, which hasn't been walled) via domain name. but I can connect via IP.
and if this address field is just for v2ray's routing (and it's not exposed), then why It got walled?
Client
server
nginx