请教一个v2rayN+ws+tls+cloudflare+Nginx的问题

1) 你正在使用哪个版本的 V2Ray？（如果服务器和客户端使用了不同版本，请注明） 4.22.1 2) 你的使用场景是什么？比如使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。 3) 你看到的不正常的现象是什么？（请描述具体现象，比如访问超时，TLS 证书错误等）网页无法访问，且v2rayN提示： [Warning] failed to handler mux client connection > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://域名/ray): 301 Moved Permanently > websocket: bad handshake] > v2ray.com/core/common/retry: all retry attempts failed 4) 你期待看到的正确表现是怎样的？正常访问网页 5) 请附上你的配置（提交 Issue 前请隐藏服务器端IP地址）。

服务器端配置: 主要是inboundDetour中port为10086的配置

{
    "log":{
        "access":"/var/log/v2ray/access.log",
        "error":"/var/log/v2ray/error.log",
        "loglevel":"warning"
    },
    "inbounds":[
        {
            "port":31571,
            "protocol":"vmess",
            "settings":{
                "udp":true,
                "clients":[
                    {
                        "id":"UUID",
                        "level":1,
                        "alterId":100,
                        "security":"auto"
                    }
                ],
                "detour":{
                    "to":"dynamicPort"
                }
            },
            "streamSettings":{
                "network":"kcp",
                "kcpSettings":{
                    "mtu":1350,
                    "tti":50,
                    "uplinkCapacity":100,
                    "downlinkCapacity":100,
                    "congestion":false,
                    "readBufferSize":2,
                    "writeBufferSize":2,
                    "header":{
                        "request":null,
                        "type":"wechat-video",
                        "response":null
                    }
                }
            }
        },
        {
            "protocol":"vmess",
            "port":"21000-40000",
            "tag":"dynamicPort",
            "settings":{
                "default":{
                    "level":1,
                    "alterId":32
                }
            },
            "allocate":{
                "strategy":"random",
                "concurrency":2,
                "refresh":3
            },
            "streamSettings":{
                "network":"kcp"
            }
        }
    ],
    "inboundDetour":[
        {
            "port":20032,
            "listen":null,
            "protocol":"vmess",
            "sniffing":null,
            "settings":{
                "auth":null,
                "udp":false,
                "ip":null,
                "clients":[
                    {
                        "id":"UUID",
                        "alterId":100,
                        "security":null
                    }
                ]
            },
            "streamSettings":{
                "network":"tcp",
                "security":"",
                "tlsSettings":null,
                "tcpSettings":null,
                "kcpSettings":null,
                "wsSettings":null,
                "httpSettings":null,
                "quicSettings":null
            }
        },
        {
            "port":10086,
            "listen":"127.0.0.1",
            "protocol":"vmess",
            "settings":
            {
                "clients":
                [
                    {
                        "id":"UUID",
                        "alterId":100
                    }
                ]
            },
            "streamSettings":
            {
                "network":"ws",
                "wsSettings": 
                {
                "path": "/ray"
                }
            }
        },
        {
            "port":20050,
            "listen":null,
            "protocol":"vmess",
            "settings":{
                "auth":null,
                "udp":false,
                "ip":null,
                "clients":[
                    {
                        "id":"UUID",
                        "alterId":100,
                        "security":null
                    }
                ]
            },
            "streamSettings":{
                "network":"tcp",
                "security":"",
                "tlsSettings":null,
                "tcpSettings":null,
                "kcpSettings":null,
                "wsSettings":null,
                "httpSettings":null,
                "quicSettings":null
            }
        },
        {
            "protocol":"shadowsocks",
            "port":1026,
            "settings":{
                "method":"aes-256-cfb",
                "password":"密码",
                "level":null
            }
        }
    ],
    "outbound":{
        "protocol":"freedom",
        "settings":{

        }
    },
    "outboundDetour":[
        {
            "protocol":"blackhole",
            "settings":{

            },
            "tag":"blocked"
        }
    ],
    "routing":{
        "strategy":"rules",
        "settings":{
            "rules":[
                {
                    "type":"field",
                    "ip":[
                        "0.0.0.0/8",
                        "10.0.0.0/8",
                        "100.64.0.0/10",
                        "127.0.0.0/8",
                        "169.254.0.0/16",
                        "172.16.0.0/12",
                        "192.0.0.0/24",
                        "192.0.2.0/24",
                        "192.168.0.0/16",
                        "198.18.0.0/15",
                        "198.51.100.0/24",
                        "203.0.113.0/24",
                        "::1/128",
                        "fc00::/7",
                        "fe80::/10"
                    ],
                    "outboundTag":"blocked"
                }
            ]
        }
    }
}

客户端配置: 主要是outbounds中port为443的配置

{
  "policy": {
    "system": {
      "statsInboundUplink": true,
      "statsInboundDownlink": true
    }
  },
  "log": {
    "access": "",
    "error": "",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "tag": "proxy",
      "port": 2333,
      "listen": "127.0.0.1",
      "protocol": "socks",
      "sniffing": {
        "enabled": true,
        "destOverride": [
          "http",
          "tls"
        ]
      },
      "settings": {
        "auth": "noauth",
        "udp": true,
        "ip": null,
        "address": null,
        "clients": null
      },
      "streamSettings": null
    },
    {
      "tag": "api",
      "port": 9697,
      "listen": "127.0.0.1",
      "protocol": "dokodemo-door",
      "sniffing": null,
      "settings": {
        "auth": null,
        "udp": false,
        "ip": null,
        "address": "127.0.0.1",
        "clients": null
      },
      "streamSettings": null
    }
  ],
  "outbounds": [
    {
      "tag": "proxy",
      "protocol": "vmess",
      "settings": {
        "vnext": [
          {
            "address": "域名",
            "port": 443,
            "users": [
              {
                "id": "UUID",
                "alterId": 100,
                "security": "auto"
              }
            ]
          }
        ],
        "servers": null,
        "response": null
      },
      "streamSettings": {
        "network": "ws",
        "security": "tls",
        "tlsSettings": {
          "allowInsecure": true,
          "serverName": null
        },
        "tcpSettings": null,
        "kcpSettings": null,
        "wsSettings": {
          "connectionReuse": true,
          "path": "/ray",
          "headers": null
        },
        "httpSettings": null,
        "quicSettings": null
      },
      "mux": {
        "enabled": true,
        "concurrency": 8
      }
    },
    {
      "tag": "direct",
      "protocol": "freedom",
      "settings": {
        "vnext": null,
        "servers": null,
        "response": null
      },
      "streamSettings": null,
      "mux": null
    },
    {
      "tag": "block",
      "protocol": "blackhole",
      "settings": {
        "vnext": null,
        "servers": null,
        "response": {
          "type": "http"
        }
      },
      "streamSettings": null,
      "mux": null
    }
  ],
  "stats": {},
  "api": {
    "tag": "api",
    "services": [
      "StatsService"
    ]
  },
  "dns": null,
  "routing": {
    "domainStrategy": "IPIfNonMatch",
    "rules": [
      {
        "type": "field",
        "port": null,
        "inboundTag": [
          "api"
        ],
        "outboundTag": "api",
        "ip": null,
        "domain": null
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "proxy",
        "ip": null,
        "domain": [
          "geosite:google",
          "geosite:github",
          "geosite:netflix",
          "geosite:steam",
          "geosite:telegram",
          "geosite:tumblr",
          "geosite:speedtest",
          "geosite:bbc",
          "domain:gvt1.com",
          "domain:textnow.com",
          "domain:twitch.tv",
          "domain:wikileaks.org",
          "domain:naver.com",
          "domain:atrandys"
        ]
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "proxy",
        "ip": [
          "91.108.4.0/22",
          "91.108.8.0/22",
          "91.108.12.0/22",
          "91.108.20.0/22",
          "91.108.36.0/23",
          "91.108.38.0/23",
          "91.108.56.0/22",
          "149.154.160.0/20",
          "149.154.164.0/22",
          "149.154.172.0/22",
          "74.125.0.0/16",
          "173.194.0.0/16",
          "172.217.0.0/16",
          "216.58.200.0/24",
          "216.58.220.0/24",
          "91.108.56.116",
          "91.108.56.0/24",
          "109.239.140.0/24",
          "149.154.167.0/24",
          "149.154.175.0/24"
        ],
        "domain": null
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "direct",
        "ip": null,
        "domain": [
          "domain:12306.com",
          "domain:51ym.me",
          "domain:52pojie.cn",
          "domain:8686c.com",
          "domain:abercrombie.com",
          "domain:adobesc.com",
          "domain:air-matters.com",
          "domain:air-matters.io",
          "domain:airtable.com",
          "domain:akadns.net",
          "domain:apache.org",
          "domain:api.crisp.chat",
          "domain:api.termius.com",
          "domain:appshike.com",
          "domain:appstore.com",
          "domain:aweme.snssdk.com",
          "domain:bababian.com",
          "domain:battle.net",
          "domain:beatsbydre.com",
          "domain:bet365.com",
          "domain:bilibili.cn",
          "domain:ccgslb.com",
          "domain:ccgslb.net",
          "domain:chunbo.com",
          "domain:chunboimg.com",
          "domain:clashroyaleapp.com",
          "domain:cloudsigma.com",
          "domain:cloudxns.net",
          "domain:cmfu.com",
          "domain:culturedcode.com",
          "domain:dct-cloud.com",
          "domain:didialift.com",
          "domain:douyutv.com",
          "domain:duokan.com",
          "domain:dytt8.net",
          "domain:easou.com",
          "domain:ecitic.net",
          "domain:eclipse.org",
          "domain:eudic.net",
          "domain:ewqcxz.com",
          "domain:fir.im",
          "domain:frdic.com",
          "domain:fresh-ideas.cc",
          "domain:godic.net",
          "domain:goodread.com",
          "domain:haibian.com",
          "domain:hdslb.net",
          "domain:hollisterco.com",
          "domain:hongxiu.com",
          "domain:hxcdn.net",
          "domain:images.unsplash.com",
          "domain:img4me.com",
          "domain:ipify.org",
          "domain:ixdzs.com",
          "domain:jd.hk",
          "domain:jianshuapi.com",
          "domain:jomodns.com",
          "domain:jsboxbbs.com",
          "domain:knewone.com",
          "domain:kuaidi100.com",
          "domain:lemicp.com",
          "domain:letvcloud.com",
          "domain:lizhi.io",
          "domain:localizecdn.com",
          "domain:lucifr.com",
          "domain:luoo.net",
          "domain:mai.tn",
          "domain:maven.org",
          "domain:miwifi.com",
          "domain:moji.com",
          "domain:moke.com",
          "domain:mtalk.google.com",
          "domain:mxhichina.com",
          "domain:myqcloud.com",
          "domain:myunlu.com",
          "domain:netease.com",
          "domain:nfoservers.com",
          "domain:nssurge.com",
          "domain:nuomi.com",
          "domain:ourdvs.com",
          "domain:overcast.fm",
          "domain:paypal.com",
          "domain:paypalobjects.com",
          "domain:pgyer.com",
          "domain:qdaily.com",
          "domain:qdmm.com",
          "domain:qin.io",
          "domain:qingmang.me",
          "domain:qingmang.mobi",
          "domain:qqurl.com",
          "domain:rarbg.to",
          "domain:rrmj.tv",
          "domain:ruguoapp.com",
          "domain:sm.ms",
          "domain:snwx.com",
          "domain:soku.com",
          "domain:startssl.com",
          "domain:store.steampowered.com",
          "domain:symcd.com",
          "domain:teamviewer.com",
          "domain:tmzvps.com",
          "domain:trello.com",
          "domain:trellocdn.com",
          "domain:ttmeiju.com",
          "domain:udache.com",
          "domain:uxengine.net",
          "domain:weather.bjango.com",
          "domain:weather.com",
          "domain:webqxs.com",
          "domain:weico.cc",
          "domain:wenku8.net",
          "domain:werewolf.53site.com",
          "domain:windowsupdate.com",
          "domain:wkcdn.com",
          "domain:workflowy.com",
          "domain:xdrig.com",
          "domain:xiaojukeji.com",
          "domain:xiaomi.net",
          "domain:xiaomicp.com",
          "domain:ximalaya.com",
          "domain:xitek.com",
          "domain:xmcdn.com",
          "domain:xslb.net",
          "domain:xteko.com",
          "domain:yach.me",
          "domain:yixia.com",
          "domain:yunjiasu-cdn.net",
          "domain:zealer.com",
          "domain:zgslb.net",
          "domain:zimuzu.tv",
          "domain:zmz002.com",
          "domain:samsungdm.com"
        ]
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "block",
        "ip": null,
        "domain": [
          "geosite:category-ads-all"
        ]
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "direct",
        "ip": [
          "geoip:private"
        ],
        "domain": null
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "direct",
        "ip": [
          "geoip:cn"
        ],
        "domain": null
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "direct",
        "ip": null,
        "domain": [
          "geosite:cn"
        ]
      }
    ]
  }
}

6) 请附上出错时软件输出的错误日志。在 Linux 中，日志通常在 /var/log/v2ray/error.log 文件中。

服务器端错误日志:

    没有生成error日志

客户端错误日志:

[Warning] failed to handler mux client connection > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://域名/ray): 301 Moved Permanently > websocket: bad handshake] > v2ray.com/core/common/retry: all retry attempts failed

7) 请附上访问日志。在 Linux 中，日志通常在 /var/log/v2ray/access.log 文件中。

   没有生成access日志

8) 其它相关的配置文件（如 Nginx）和相关日志。

server {
   listen 443 ssl;
   ssl on;
   ssl_certificate       /etc/v2ray/v2ray.crt;   #acme.sh生成的证书路径
   ssl_certificate_key   /etc/v2ray/v2ray.key;   #acme.sh生成的证书路径
   ssl_protocols         TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers           HIGH:!aNULL:!MD5;
   server_name           域名;   #证书绑定的域名
     location /ray { # 与 V2Ray 配置中的 path 保持一致
       proxy_redirect off;
       proxy_pass http://127.0.0.1:10086; # 端口与 V2Ray 配置中的 port 保持一致
       proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "upgrade";
       proxy_set_header Host $host;
       # Show real IP in v2ray access.log
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

9) 如果 V2Ray 无法启动，请附上 --test 输出。 V2Ray 可以正常启动

10) 如果 V2Ray 服务运行不正常，请附上 journal 日志。 V2Ray 服务仅在该配置下不正常，其他配置下都正常

我这边理解的请求流程是：本地请求 -> V2rayN -> CDN -> Nginx -> V2ray（服务端）

刚刚自学，不知道理解的对不对，请大神赐教~

v2ray / v2ray-core

请教一个v2rayN+ws+tls+cloudflare+Nginx的问题 #2196