Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dns禁用ipv6后才是会解析ipv6 #367

Closed
EsuRt opened this issue Feb 10, 2023 · 4 comments
Closed

dns禁用ipv6后才是会解析ipv6 #367

EsuRt opened this issue Feb 10, 2023 · 4 comments
Labels
enhancement New feature or request question Further information is requested

Comments

@EsuRt
Copy link

EsuRt commented Feb 10, 2023
edited
Loading

描述问题

预期行为:dns禁用ipv6后,不会得到ipv6地址

实际行为:dns禁用ipv6后,日志中仍出现ipv6地址

如何复现
使用的是代理链,服务器已禁用ipv6,v2ray配置中也禁用了,dns泄露测试和本地日志中都出现了ipv6地址。dns泄露测试网址:
https://browserleaks.com/dns

路由设置:
1

服务器配置文件:

{
  "inbounds": [
    {
      "port": 443,
      "listen": "0.0.0.0",
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
            "id": "xxxxxxxxxxxxxxxxxxxxxx",
            "alterId": 64
          }
        ]
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {
        "domainStrategy": "UseIPv4"
      }
    }
  ],
  "dns": {
    "nameServer": [{
      "address": {
          "address": "https+local://1.1.1.1/dns-query"
      }}],
    "domainMatcher": "mph",
    "queryStrategy": "USE_IP4",
    "fallbackStrategy": "Disabled"
  }
}

提供有帮助的截图,录像,文字说明,订阅链接等。

日志

[Info] [561397784] transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
[Debug] app/dns: domain www.gstatic.com matches following rules: [geosite:cn(DNS idx:1) geosite:google-cn(DNS idx:1)]
[Debug] app/dns: domain www.gstatic.com will use DNS in order: [DOHL//223.5.5.5] [TypeA TypeAAAA]
[Debug] app/dns: DOHL//223.5.5.5 cache HIT www.gstatic.com -> [142.250.66.99 2404:6800:4005:81c::2003]
[Info] [1341583056] proxy/http: request to Method [CONNECT] Host [www.gstatic.com:443] with URL [//www.gstatic.com:443]
[Info] [1341583056] app/dispatcher: sniffed domain: www.gstatic.com for tcp:www.gstatic.com:443
127.0.0.1:3533 accepted [tcp:www.gstatic.com:443]  [http-in -> bypass]
[Warning] [1341583056] app/dispatcher: taking detour [bypass] for [tcp:www.gstatic.com:443]
[Info] [1341583056] proxy/freedom: opening connection to tcp:www.gstatic.com:443
[Info] [1341583056] transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
[Debug] app/dns: domain www.gstatic.com matches following rules: [geosite:cn(DNS idx:1) geosite:google-cn(DNS idx:1)]
[Debug] app/dns: domain www.gstatic.com will use DNS in order: [DOHL//223.5.5.5] [TypeA TypeAAAA]
[Debug] app/dns: DOHL//223.5.5.5 cache HIT www.gstatic.com -> [142.250.66.99 2404:6800:4005:81c::2003]
[Info] [963133279] proxy/http: request to Method [CONNECT] Host [www.gstatic.com:443] with URL [//www.gstatic.com:443]
[Info] [963133279] app/dispatcher: sniffed domain: www.gstatic.com for tcp:www.gstatic.com:443
127.0.0.1:3535 accepted [tcp:www.gstatic.com:443]  [http-in -> bypass]
[Warning] [963133279] app/dispatcher: taking detour [bypass] for [tcp:www.gstatic.com:443]
[Info] [963133279] proxy/freedom: opening connection to tcp:www.gstatic.com:443
[Info] [963133279] transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
[Debug] app/dns: domain www.gstatic.com matches following rules: [geosite:cn(DNS idx:1) geosite:google-cn(DNS idx:1)]
[Debug] app/dns: domain www.gstatic.com will use DNS in order: [DOHL//223.5.5.5] [TypeA TypeAAAA]
[Debug] app/dns: DOHL//223.5.5.5 cache HIT www.gstatic.com -> [142.250.66.99 2404:6800:4005:81c::2003]
[Warning] dial system failed: dial tcp 142.250.66.99:443: i/o timeout
[Info] [2238821586] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
[Debug] trying next address: 2404:6800:4005:81c::2003
[Info] [3255324294] transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
[Debug] app/dns: domain www.gstatic.com matches following rules: [geosite:cn(DNS idx:1) geosite:google-cn(DNS idx:1)]
[Debug] app/dns: domain www.gstatic.com will use DNS in order: [DOHL//223.5.5.5] [TypeA TypeAAAA]
[Debug] app/dns: DOHL//223.5.5.5 cache HIT www.gstatic.com -> [142.250.66.99 2404:6800:4005:81c::2003]
[Info] [243559791] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
[Info] [243559791] app/proxyman/inbound: connection ends > proxy/http: connection ends > context canceled

2

如果有日志,请上传。请在文档内查看导出日志的详细步骤。
@EsuRt
Copy link
Author

EsuRt commented Feb 11, 2023

找到原因了,在出站域名策略选择UseIPv4时,dnsqueryStrategy未设置为USE_IP4,建议queryStrategy根据出站域名策略同步修改。
服务器端的出现IPv6的原因未知。

@arm64v8a arm64v8a added the question Further information is requested label Feb 12, 2023
@ghost
Copy link

ghost commented Feb 12, 2023

服务端出现 ipv6 的原因可能是 cloudflare-dns 在查询时使用了 ipv6?

@EsuRt
Copy link
Author

EsuRt commented Feb 12, 2023

服务端出现 ipv6 的原因可能是 cloudflare-dns 在查询时使用了 ipv6?

服务端直接从系统层面禁用了,用的是sysctl -w net.ipv6.conf.all.disable_ipv6=1sysctl -w net.ipv6.conf.default.disable_ipv6=1,v2ray中也禁用了,不知道为什么还会出现,很奇怪,有时会返回ipv6,但又连不上。

@arm64v8a
Copy link
Contributor

找到原因了,在出站域名策略选择UseIPv4时,dns的queryStrategy未设置为USE_IP4,建议queryStrategy根据出站域名策略同步修改。

可以考虑加入这个功能。

@arm64v8a arm64v8a added the enhancement New feature or request label Feb 14, 2023
@EsuRt EsuRt closed this as completed Feb 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@EsuRt @arm64v8a