Closed shakibamoshiri closed 2 months ago
Reading the WiKi tells that we should setup our own DNS servers on linux https://github.com/xjasonlyu/tun2socks/wiki/DNS-Configuration but the provided link https://www.cyberciti.biz/faq/howto-linux-bsd-unix-set-dns-nameserver/ is not about DNS server , it is about setting nameservers I am wrong or right? if namserver is needed, all Linux servers already do, if local DNS server is needed , the link/doc is incorrect ?
it seems the main issue is UDP traffic is being forwarded to the socks5 server which is SSH -D and it does not support that . trying to separate UDP traffic from TCP seems be the solution. I will update the result here.
yeah, SSH is not an ideal proxy server especially if you want to also forward UDP traffic.
@xjasonlyu with iproute2
I somehow separated UDP traffic from TCP and could make work but opening sites like YouTube caused errors since there were many mixed UDP and TCP requests seeing some
errors
On the other hand I am curious Android applications like
how do they make it work reliably and correcting? They use SSH and a local socks5 proxy and mange to forward the full traffic even on non-root devices, But cannot making it work on Linux with root privilege is frustrating
@shakibamoshiri I am not familiar with the applications you mentioned, but there are some approaches like UDP over TCP to solve this kind of problem. Also, most of the UDP traffic comes from DNS queries, so it can also be solved by using DOH or DOT for example.
They are Android applications that act like a VPN . They forward full traffic via a local socks5 proxy by the help of tun2socks libraries. The authentication is based on SSH -- thus I thought and wanted to test this setup on a Linux server. The only issue is unsupported UDP forwarding of openssh-client .
A new test with wstunnel that forwards UDP with the same setup works correctly . No UDP WARN
i saw
INFO[0003] [UDP] 192.168.77.2:32999 <-> 8.8.8.8:53
INFO[0003] [UDP] 192.168.77.2:33984 <-> 8.8.8.8:53
INFO[0003] [TCP] 192.168.77.2:57392 <-> 66.102.1.188:5228
INFO[0004] [UDP] 192.168.77.2:57970 <-> 1.1.1.2:53
INFO[0004] [UDP] 192.168.77.2:55235 <-> 1.1.1.2:53
INFO[0004] [UDP] 192.168.77.2:51407 <-> 1.1.1.2:53
INFO[0004] [UDP] 192.168.77.2:35074 <-> 1.1.1.2:53
INFO[0004] [UDP] 192.168.77.2:51001 <-> 1.1.1.2:53
INFO[0004] [UDP] 192.168.77.2:34543 <-> 1.1.1.2:53
INFO[0005] [UDP] 192.168.77.2:33333 <-> 1.1.1.2:53
INFO[0005] [UDP] 192.168.77.2:37457 <-> 1.1.1.2:53
INFO[0005] [UDP] 192.168.77.2:42162 <-> 1.1.1.2:53
INFO[0005] [UDP] 192.168.77.2:59906 <-> 1.1.1.2:53
INFO[0005] [UDP] 192.168.77.2:40178 <-> 1.1.1.2:53
INFO[0008] [UDP] 192.168.77.2:42124 <-> 1.1.1.2:53
INFO[0008] [UDP] 192.168.77.2:55277 <-> 1.1.1.2:53
INFO[0008] [UDP] 192.168.77.2:39736 <-> 1.1.1.2:53
INFO[0008] [UDP] 192.168.77.2:42508 <-> 1.1.1.2:53
INFO[0008] [UDP] 192.168.77.2:60137 <-> 1.1.1.2:53
INFO[0008] [UDP] 192.168.77.2:50307 <-> 1.1.1.2:53
Hope i find some time , update your WiKi/tutorial and give a full setup so no others blame tun2socks
as the source of the issue.
Thanks
@xjasonlyu how can I update the WiKI or add some real setup ? At the moment I am testing
[ wg-client ] =====> [ hop-1 wg-server + tun2socks + ws-tunnel ] <===== [ hop-2 ws-tunnel ] =====> Free Internet
I works even it is slow, but give the point of a full setup
ws-tunnel is slow
Hello @shakibamoshiri,
I had a similar issue with the DNS resolver. I was using Shadowsocks as the proxy server, which uses TCP by default. However, the DNS resolver on my system was using UDP, which was causing the problem.
If your proxy server doesn't support UDP connections, I highly suggest changing the DNS resolver configuration.
For Linux users, a workaround is to add the following line to the /etc/resolv.conf
file:
options use-vc
https://man7.org/linux/man-pages/man5/resolv.conf.5.html
Please let me know if this helped you.
Hello @shakibamoshiri,
I had a similar issue with the DNS resolver. I was using Shadowsocks as the proxy server, which uses TCP by default. However, the DNS resolver on my system was using UDP, which was causing the problem.
If your proxy server doesn't support UDP connections, I highly suggest changing the DNS resolver configuration.
For Linux users, a workaround is to add the following line to the
/etc/resolv.conf
file:options use-vc
https://man7.org/linux/man-pages/man5/resolv.conf.5.html
Please let me know if this helped you.
Hi , actually I found that the main issue is the socks5 (implemented by openssh) not tun2socks
Also it is not just the DNS request , opening YouTube for example would cause many errors
The right solution is to use a socks5 server that support TCP and UDP.
Testing these tools showed no errors
Thank you for the reply
Verify steps
Version
tun2socks-2.5.2
What OS are you seeing the problem on?
Linux
Description
The DNS request from the host machine (tun2socks is running) seems malfunctioning and socks5 server log tells that it is a zombie request. The valid result with
curl
has no issue, but the same request via tun2socks2 failsCLI or Config
make a tun interface
run a local socks5 proxy via SSH
curl check
run tun2socks5
try to resolve a domain name or recheck with curl
nameservers
Logs
How to Reproduce
As mentioned above