search

yichya / luci-app-xray

(Almost) full feature Xray client for OpenWrt
Mozilla Public License 2.0
543 stars 317 forks source link

XTLS Reality can't establish connection with hostname like example.domain.ru:443 #389

Closed Protomax-epk closed 4 months ago

Protomax-epk commented 4 months ago

Hardware: Xiaomi ax3200 (AX6S) router, wired connection to win11 machine

Software: OpenWrt 23.05.2 r23630-842932a63d from firmware-selector.openwrt.org+ Argon theme Xray core 1.8.7 Luci app xray 3.4.0 (built today) v2ray-geoip 202401250041 v2ray-geosite 20240123112230

Ethernet connection: PPPoE tunnel from ISP

When starting connection with config like this: image

console outputs this: [Warning] core: Xray 1.8.7 started [Warning] transport/internet: failed to resolve ip > app/dns: returning nil for domain console.prv2.ru > multierr: context deadline exceeded | context deadline exceeded |

Any domain become unreachable (while smth like 1.1.1.1 is accessible) Same config works in nekobox client sing-box TUN mode.

But with hostname filled as an ip address it works fine. image

DNS/Forwarding rules are not used, planning to use separate app to parse current censorship list for my country and forward them thru xray interface. image image

yichya commented 4 months ago

Try #391 and specify a direct mode DoH to resolve your server hostname.

image

Besides, "Fast DNS" is supposed to be a server that could be connected directly and should not be same as "Default DNS". Try 77.88.8.8 (Yandex).

Protomax-epk commented 4 months ago

Thanks - it now works now as intended. Tho I would note what setting DoH in not direct mode sends router in forever dns resolve loop(?) which essentially bricks the system (It works 1-2 seconds after rebooting, then become unavaliable). Pretty scary thing to be near DoH (direct) tbh. Needed to reinstall factory firmware from recovery to install OpenWRT.

yichya commented 4 months ago

Tho I would note what setting DoH in not direct mode sends router in forever dns resolve loop(?) which essentially bricks the system (It works 1-2 seconds after rebooting, then become unavaliable).

These "not direct" modes require DNS addresses to be in GeoIP direct list or be manually added to Bypass IPs for primary servers (those selected in General Settings). For servers used for other purposes (for example FakeDNS) this allows the name resolution to be forwarded by primary server (those selected in UDP4 to be more specific).

Pretty scary thing to be near DoH (direct) tbh. Needed to reinstall factory firmware from recovery to install OpenWRT.

This feature is only intended for some edge cases so users should be careful of possible recursion.