bad address
marknote opened this issue · 26 comments
看起来不错。不过我这边一直在 “ resoving host ”,感觉 DNS 配置有点问题。
我用的 8.8.8.8:53 和 114.114.114.114:53 都试过了。
连上 vrouter 虚拟机 ping 随便一个域名比如 Google 都出现"bad address" 错误
root@vrouter:/etc# ping google.com
ping: bad address 'google.com'
OS: macOS 10.12.6
vrouter:v0.4.0-beta
谢谢反馈!! 麻烦你提供以下信息, 方便我debug:
- 应用内"系统"一栏的所有信息
netstat -rn | grep default的输出- 登录虚拟机后,
ifconfig命令的输出 - 部分日志
tail -n 50 ~/Library/Application\ Support/vrouter/vrouter.log
应用“系统”信息
系统信息
当前网关: 10.19.28.37
当前 DNS: 10.19.28.37
VRouter 信息
WAN: 192.168.1.108
MORE
进程状态
转发 DNS 查询: 运行中
转发 UDP 流量: 运行中
Shadowsocks 进程: 运行中
ShadowsocksR 进程: 未启用
Kcptun 进程: 运行中
netstat
netstat -rn | grep default
default 10.19.28.37 UGSc 12 26 vboxnet
default fe80::%utun0 UGcI utun0
default fe80::%utun1 UGcI utun1
default fe80::%utun2 UGcI utun2
Ifconfig
root@vrouter:/etc# ifconfig
br-lan Link encap:Ethernet HWaddr 08:07:27:2E:27:8A
inet addr:10.19.28.37 Bcast:10.19.28.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:77575 errors:0 dropped:0 overruns:0 frame:0
TX packets:156336 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:17600673 (16.7 MiB) TX bytes:188573261 (179.8 MiB)
eth0 Link encap:Ethernet HWaddr 08:07:27:2E:27:8A
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:77986 errors:0 dropped:0 overruns:0 frame:0
TX packets:169221 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:18755506 (17.8 MiB) TX bytes:206772158 (197.1 MiB)
eth1 Link encap:Ethernet HWaddr 88:99:88:99:88:99
inet addr:192.168.1.108 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::8a99:88ff:fe99:8899/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:150728 errors:0 dropped:0 overruns:0 frame:0
TX packets:52183 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:189558677 (180.7 MiB) TX bytes:9044541 (8.6 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:2607 errors:0 dropped:0 overruns:0 frame:0
TX packets:2607 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:175532 (171.4 KiB) TX bytes:175532 (171.4 KiB)
部分日志
tail -n 50 ~/Library/Application\ Support/vrouter/vrouter.log
2017-09-07T20:50:17+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:50:17+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:50:17+08:00 - debug: about to trafficToPhysicalRouter
2017-09-07T20:50:17+08:00 - info: ssh connection has been ended
2017-09-07T20:50:17+08:00 - info: ssh connection was closed
2017-09-07T20:50:27+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:50:28+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:51:17+08:00 - debug: about to connect to openwrt via ssh
2017-09-07T20:51:17+08:00 - info: bridgeServices: en0: Wi-Fi (AirPort),en1: Thunderbolt 1,en2: Thunderbolt 2,bridge0,p2p0,awdl0
2017-09-07T20:51:17+08:00 - info: actived Bridge Service: en0: Wi-Fi (AirPort)
2017-09-07T20:51:44+08:00 - info: save profile: hispeed to disk
2017-09-07T20:51:44+08:00 - debug: active profile: hispeed
2017-09-07T20:51:44+08:00 - debug: Generate cfg files: /var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/tunnel-dns.json,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/relay-udp.json,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/kcptun.json,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/shadowsocks.json
2017-09-07T20:51:44+08:00 - debug: 拷贝代理配置文件到虚拟机, 完成
2017-09-07T20:51:44+08:00 - debug: Generate services files: /var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/tunnelDns,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/tunnelDnsR,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/relayUDP,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/relayUDPR,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/kcptun,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/shadowsocks
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/tunnelDns
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/tunnelDnsR
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/relayUDP
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/relayUDPR
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/kcptun
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/shadowsocks
2017-09-07T20:51:45+08:00 - debug: 拷贝代理管理脚本到虚拟机, 完成
2017-09-07T20:51:45+08:00 - info: /etc/init.d/kcptun on
2017-09-07T20:51:45+08:00 - info: /etc/init.d/shadowsocksr off
2017-09-07T20:51:45+08:00 - info: /etc/init.d/shadowsocks on
2017-09-07T20:51:45+08:00 - debug: 启动关闭相应代理, 完成
2017-09-07T20:51:45+08:00 - debug: 拷贝代理监护脚本到虚拟机, 完成
2017-09-07T20:51:45+08:00 - debug: 设置代理, 完成
2017-09-07T20:51:45+08:00 - debug: tcp redirPort: 1010
2017-09-07T20:51:45+08:00 - debug: udp redirPort: 1040
2017-09-07T20:51:45+08:00 - debug: 设置防火墙, 完成
2017-09-07T20:51:48+08:00 - debug: 设置dnsmasq, 完成
2017-09-07T20:51:48+08:00 - info: apply editting profile: hispeed
2017-09-07T20:51:56+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:51:56+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:51:56+08:00 - debug: about to trafficToPhysicalRouter
2017-09-07T20:51:56+08:00 - info: ssh connection has been ended
2017-09-07T20:51:56+08:00 - info: ssh connection was closed
2017-09-07T20:52:07+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:52:07+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:54:20+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:54:20+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:54:20+08:00 - debug: about to trafficToPhysicalRouter
2017-09-07T23:18:39+08:00 - info: vrouter vm not running
2017-09-07T23:18:50+08:00 - debug: vm started
2017-09-07T23:18:50+08:00 - debug: about to connect to openwrt via ssh
2017-09-07T23:18:50+08:00 - info: bridgeServices: en0: Wi-Fi (AirPort),en1: Thunderbolt 1,en2: Thunderbolt 2,bridge0,p2p0,awdl0
2017-09-07T23:18:50+08:00 - info: actived Bridge Service: en0: Wi-Fi (AirPort)
2017-09-07T23:28:38+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T23:28:38+08:00 - debug: getAssignedHostonlyInf: vboxnet1
看起来挺正常的呢.
暂停VRouter, 然后分别在 macOS 和 虚拟机里执行 nslookup baidu.com, nslookup google.com, 结果是什么呢;
再分别执行traceroute 114.114.114.114, 看看结果
你的局域网里还有其他 VRouter 吗? 该不会是 macAddress(889988998899) 冲突了吧
mac和vouter虚拟机里都一样,可以ping baidu不能ping google
traceroute全部失败
root@vrouter:~# nslookup baidu.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
Name: baidu.com
Address 1: 111.13.101.208
Address 2: 220.181.57.217
Address 3: 123.125.114.144
root@vrouter:~# nslookup google.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
nslookup: can't resolve 'google.com': Name or service not known
root@vrouter:~# traceroute 114.114.114.114
traceroute to 114.114.114.114 (114.114.114.114), 30 hops max, 46 byte packets
1 192.168.1.1 (192.168.1.1) 4.606 ms 1.246 ms 6.735 ms
2 * * *
3 * * *
4 * * *
5 *^C
root@vrouter:~# traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets
1 192.168.1.1 (192.168.1.1) 4.530 ms 1.089 ms 0.799 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 *^C
没有其他的vouter
现在结果是这样的:
开启vouter全局代理,开启DNS转发,UDP转发
可以上正常的网,而且用https://whatismyipaddress.com/看我上网走了SS 服务器的地址
但是所有列表中的domain,比如google/facebook/twitter全是resolving host
暂停vouter后在mac中可以nslookup google:
nslookup google.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: google.com
Address: 172.217.27.142
在vouter中nslookup google失败:
root@vrouter:~# nslookup google.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
nslookup: can't resolve 'google.com': Name or service not known
但是在vouter中下面的结果成功:
root@vrouter:~# nslookup google.com 8.8.8.8
Server: 8.8.8.8
Address 1: 8.8.8.8 google-public-dns-a.google.com
Name: google.com
Address 1: 2404:6800:4008:801::200e tsa01s08-in-x0e.1e100.net
Address 2: 216.58.200.238 tsa03s01-in-f14.1e100.net
fast open 的false没有引号,不过proxies_watchdog里面有好几个[object Object]
#!/bin/sh
output=$(ps -w| grep "[object Object] -[c] .*tunnel-dns.json")
if [[ -z "$output" ]];then
/etc/init.d/[object Object] restart
fi
output=$(ps -w| grep "[object Object] -[c] .*relay-udp.json")
if [[ -z "$output" ]];then
/etc/init.d/[object Object] restart
fi
output=$(ps -w| grep "ss-redir -[c] .*shadowsocks.json")
if [[ -z "$output" ]];then
/etc/init.d/shadowsocks restart
fi
再排查下:
- 确保
ps的结果中有/usr/bin/ss-tunnel -c /etc/vrouter/tunnel-dns.json进程, 这个进程是专门转发DNS的 - 确保
cat /etc/vrouter/tunnel-dns.json的配置是正确的 - 确保
nslookup google.com 127.0.0.1:1030能正确执行
如果 1,2 都没问题, 那可能是服务器或者网络的问题了
已经升级到v0.4.0-beta.2
1 确保ps的结果中有/usr/bin/ss-tunnel -c /etc/vrouter/tunnel-dns.json进程
root@vrouter:/etc/vrouter# ps |grep ss
1892 root 20948 S /usr/bin/ss-redir -c /etc/vrouter/shadowsocks.json
5970 root 20264 S /usr/bin/ss-tunnel -c /etc/vrouter/tunnel-dns.json
5988 root 20232 S /usr/bin/ss-redir-udp -c /etc/vrouter/relay-udp.json
30632 root 9288 S grep ss
- cat /etc/vrouter/tunnel-dns.json
同样的配置shadowsocks X可以work - 依然失败
root@vrouter:/etc/vrouter# nslookup google.com 127.0.0.1:1030
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
nslookup: can't resolve 'google.com': Name or service not known
服务器开启UDP转发了吗? 服务器防火墙放行UDP了吗
不介意的话, 关键信息打码, 贴出ss-server的配置以及 /vrouter/tunnel-dns.json 的内容看看
比较诡异的是 nslookup bing.com可通,nslookup google.com不通
root@vrouter:/etc/vrouter# nslookup bing.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
Name: bing.com
Address 1: 204.79.197.200 a-0001.a-msedge.net
Address 2: 13.107.21.200
root@vrouter:/etc/vrouter# nslookup google.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
^C
貌似没有进程监听1030端口:
root@vrouter:/etc/vrouter# nslookup bing.com 127.0.0.1:1030
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
^C
root@vrouter:/etc/vrouter# telnet 127.0.0.1:1030
telnet: can't connect to remote host (127.0.0.1): Connection refused
more /etc/vrouter/tunnel-dns.json
{
"server": "SS_SERVER",
"server_port": 8080,
"local_address": "0.0.0.0",
"local_port": 1030,
"password": "PASSWORD",
"timeout": 300,
"method": "aes-256-cfb",
"fast_open": false,
"mode": "udp_only",
"tunnel_address": "8.8.8.8:53"
}
udp 端口, telnet 应该连不上的, 要用netstat -nl查看
目前来看, 最大的可能就是你服务器配置的问题:
- 是否开始了 udp 转发
- 防火墙是否放行了 ssserver 的 udp 端口
防火墙应该开放udp哪个端口呢?
嗯,1030端口有监听
root@vrouter:/etc/vrouter# netstat -nl |grep 1030
udp 0 0 0.0.0.0:1030 0.0.0.0:*
ssserver 监听哪个端口就开放哪个.
前提是 sserver 的确在监听那个端口, 用netstat -nl确认
SS server是TCP协议啊,监听的8080端口
还开了KCPTun 需要的29000 UDP端口
这个配置shadowsocksX使用没有问题
DNS查询也需要转到SS server吗?
是的,vrouter 是将黑名单的域名交给远端服务器查询的,防止域名污染。
Shadowsocks x可能是把域名转化为tcp了吧,不太了解
打开了防火墙上UDP relay
全好了!
谢谢!
看来是没明白所依赖的条件
建议将SS-server的参考配置写个教程
好的.
有问题再反馈