Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

dns禁用ipv6后才是会解析ipv6 #367

Closed
EsuRt opened this issue Feb 10, 2023 · 4 comments
Closed

dns禁用ipv6后才是会解析ipv6 #367

EsuRt opened this issue Feb 10, 2023 · 4 comments
Labels
enhancement New feature or request question Further information is requested

Comments

@EsuRt
Copy link

EsuRt commented Feb 10, 2023

描述问题

预期行为:dns禁用ipv6后,不会得到ipv6地址

实际行为:dns禁用ipv6后,日志中仍出现ipv6地址

如何复现
使用的是代理链,服务器已禁用ipv6,v2ray配置中也禁用了,dns泄露测试和本地日志中都出现了ipv6地址。dns泄露测试网址:
https://browserleaks.com/dns

路由设置:
1

服务器配置文件:

{
  "inbounds": [
    {
      "port": 443,
      "listen": "0.0.0.0",
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
            "id": "xxxxxxxxxxxxxxxxxxxxxx",
            "alterId": 64
          }
        ]
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {
        "domainStrategy": "UseIPv4"
      }
    }
  ],
  "dns": {
    "nameServer": [{
      "address": {
          "address": "https+local://1.1.1.1/dns-query"
      }}],
    "domainMatcher": "mph",
    "queryStrategy": "USE_IP4",
    "fallbackStrategy": "Disabled"
  }
}

提供有帮助的截图,录像,文字说明,订阅链接等。

日志

[Info] [561397784] transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
[Debug] app/dns: domain www.gstatic.com matches following rules: [geosite:cn(DNS idx:1) geosite:google-cn(DNS idx:1)]
[Debug] app/dns: domain www.gstatic.com will use DNS in order: [DOHL//223.5.5.5] [TypeA TypeAAAA]
[Debug] app/dns: DOHL//223.5.5.5 cache HIT www.gstatic.com -> [142.250.66.99 2404:6800:4005:81c::2003]
[Info] [1341583056] proxy/http: request to Method [CONNECT] Host [www.gstatic.com:443] with URL [//www.gstatic.com:443]
[Info] [1341583056] app/dispatcher: sniffed domain: www.gstatic.com for tcp:www.gstatic.com:443
127.0.0.1:3533 accepted [tcp:www.gstatic.com:443]  [http-in -> bypass]
[Warning] [1341583056] app/dispatcher: taking detour [bypass] for [tcp:www.gstatic.com:443]
[Info] [1341583056] proxy/freedom: opening connection to tcp:www.gstatic.com:443
[Info] [1341583056] transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
[Debug] app/dns: domain www.gstatic.com matches following rules: [geosite:cn(DNS idx:1) geosite:google-cn(DNS idx:1)]
[Debug] app/dns: domain www.gstatic.com will use DNS in order: [DOHL//223.5.5.5] [TypeA TypeAAAA]
[Debug] app/dns: DOHL//223.5.5.5 cache HIT www.gstatic.com -> [142.250.66.99 2404:6800:4005:81c::2003]
[Info] [963133279] proxy/http: request to Method [CONNECT] Host [www.gstatic.com:443] with URL [//www.gstatic.com:443]
[Info] [963133279] app/dispatcher: sniffed domain: www.gstatic.com for tcp:www.gstatic.com:443
127.0.0.1:3535 accepted [tcp:www.gstatic.com:443]  [http-in -> bypass]
[Warning] [963133279] app/dispatcher: taking detour [bypass] for [tcp:www.gstatic.com:443]
[Info] [963133279] proxy/freedom: opening connection to tcp:www.gstatic.com:443
[Info] [963133279] transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
[Debug] app/dns: domain www.gstatic.com matches following rules: [geosite:cn(DNS idx:1) geosite:google-cn(DNS idx:1)]
[Debug] app/dns: domain www.gstatic.com will use DNS in order: [DOHL//223.5.5.5] [TypeA TypeAAAA]
[Debug] app/dns: DOHL//223.5.5.5 cache HIT www.gstatic.com -> [142.250.66.99 2404:6800:4005:81c::2003]
[Warning] dial system failed: dial tcp 142.250.66.99:443: i/o timeout
[Info] [2238821586] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
[Debug] trying next address: 2404:6800:4005:81c::2003
[Info] [3255324294] transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
[Debug] app/dns: domain www.gstatic.com matches following rules: [geosite:cn(DNS idx:1) geosite:google-cn(DNS idx:1)]
[Debug] app/dns: domain www.gstatic.com will use DNS in order: [DOHL//223.5.5.5] [TypeA TypeAAAA]
[Debug] app/dns: DOHL//223.5.5.5 cache HIT www.gstatic.com -> [142.250.66.99 2404:6800:4005:81c::2003]
[Info] [243559791] app/proxyman/outbound: failed to process outbound traffic > proxy/freedom: connection ends > context canceled
[Info] [243559791] app/proxyman/inbound: connection ends > proxy/http: connection ends > context canceled

2

如果有日志,请上传。请在文档内查看导出日志的详细步骤。

@EsuRt
Copy link
Author

EsuRt commented Feb 11, 2023

找到原因了,在出站域名策略选择UseIPv4时,dnsqueryStrategy未设置为USE_IP4,建议queryStrategy根据出站域名策略同步修改。
服务器端的出现IPv6的原因未知。

@arm64v8a arm64v8a added the question Further information is requested label Feb 12, 2023
@ghost
Copy link

ghost commented Feb 12, 2023

服务端出现 ipv6 的原因可能是 cloudflare-dns 在查询时使用了 ipv6?

@EsuRt
Copy link
Author

EsuRt commented Feb 12, 2023

服务端出现 ipv6 的原因可能是 cloudflare-dns 在查询时使用了 ipv6?

服务端直接从系统层面禁用了,用的是sysctl -w net.ipv6.conf.all.disable_ipv6=1sysctl -w net.ipv6.conf.default.disable_ipv6=1,v2ray中也禁用了,不知道为什么还会出现,很奇怪,有时会返回ipv6,但又连不上。

@arm64v8a
Copy link
Contributor

找到原因了,在出站域名策略选择UseIPv4时,dns的queryStrategy未设置为USE_IP4,建议queryStrategy根据出站域名策略同步修改。

可以考虑加入这个功能。

@arm64v8a arm64v8a added the enhancement New feature or request label Feb 14, 2023
@EsuRt EsuRt closed this as completed Feb 22, 2023
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
enhancement New feature or request question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants