bad address #40

marknote · 2017-09-07T15:21:57Z

看起来不错。不过我这边一直在 “ resoving host ”，感觉 DNS 配置有点问题。
我用的 8.8.8.8:53 和 114.114.114.114:53 都试过了。
连上 vrouter 虚拟机 ping 随便一个域名比如 Google 都出现"bad address" 错误

root@vrouter:/etc# ping google.com
ping: bad address 'google.com'

OS: macOS 10.12.6
vrouter:v0.4.0-beta

The text was updated successfully, but these errors were encountered:

overcache · 2017-09-07T15:27:38Z

谢谢反馈!! 麻烦你提供以下信息, 方便我debug:

应用内"系统"一栏的所有信息
netstat -rn | grep default 的输出
登录虚拟机后, ifconfig命令的输出
部分日志tail -n 50 ~/Library/Application\ Support/vrouter/vrouter.log

marknote · 2017-09-07T15:34:15Z

应用“系统”信息

系统信息

当前网关: 10.19.28.37
当前 DNS: 10.19.28.37
VRouter 信息

WAN: 192.168.1.108
MORE
进程状态

转发 DNS 查询: 运行中
转发 UDP 流量: 运行中
Shadowsocks 进程: 运行中
ShadowsocksR 进程: 未启用
Kcptun 进程: 运行中

netstat

netstat -rn | grep default
default            10.19.28.37        UGSc           12       26 vboxnet
default                                 fe80::%utun0                    UGcI          utun0
default                                 fe80::%utun1                    UGcI          utun1
default                                 fe80::%utun2                    UGcI          utun2

Ifconfig

root@vrouter:/etc# ifconfig
br-lan    Link encap:Ethernet  HWaddr 08:07:27:2E:27:8A
          inet addr:10.19.28.37  Bcast:10.19.28.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:77575 errors:0 dropped:0 overruns:0 frame:0
          TX packets:156336 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:17600673 (16.7 MiB)  TX bytes:188573261 (179.8 MiB)

eth0      Link encap:Ethernet  HWaddr 08:07:27:2E:27:8A
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:77986 errors:0 dropped:0 overruns:0 frame:0
          TX packets:169221 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:18755506 (17.8 MiB)  TX bytes:206772158 (197.1 MiB)

eth1      Link encap:Ethernet  HWaddr 88:99:88:99:88:99
          inet addr:192.168.1.108  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::8a99:88ff:fe99:8899/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:150728 errors:0 dropped:0 overruns:0 frame:0
          TX packets:52183 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:189558677 (180.7 MiB)  TX bytes:9044541 (8.6 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:2607 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2607 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:175532 (171.4 KiB)  TX bytes:175532 (171.4 KiB)

部分日志

tail -n 50 ~/Library/Application\ Support/vrouter/vrouter.log
2017-09-07T20:50:17+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:50:17+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:50:17+08:00 - debug: about to trafficToPhysicalRouter
2017-09-07T20:50:17+08:00 - info: ssh connection has been ended
2017-09-07T20:50:17+08:00 - info: ssh connection was closed
2017-09-07T20:50:27+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:50:28+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:51:17+08:00 - debug: about to connect to openwrt via ssh
2017-09-07T20:51:17+08:00 - info: bridgeServices: en0: Wi-Fi (AirPort),en1: Thunderbolt 1,en2: Thunderbolt 2,bridge0,p2p0,awdl0
2017-09-07T20:51:17+08:00 - info: actived Bridge Service: en0: Wi-Fi (AirPort)
2017-09-07T20:51:44+08:00 - info: save profile: hispeed to disk
2017-09-07T20:51:44+08:00 - debug: active profile: hispeed
2017-09-07T20:51:44+08:00 - debug: Generate cfg files: /var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/tunnel-dns.json,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/relay-udp.json,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/kcptun.json,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/shadowsocks.json
2017-09-07T20:51:44+08:00 - debug: 拷贝代理配置文件到虚拟机, 完成
2017-09-07T20:51:44+08:00 - debug: Generate services files: /var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/tunnelDns,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/tunnelDnsR,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/relayUDP,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/relayUDPR,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/kcptun,/var/folders/d1/dsrfy2hj0hg5kj3tfnkw13b80000gn/T/shadowsocks
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/tunnelDns
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/tunnelDnsR
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/relayUDP
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/relayUDPR
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/kcptun
2017-09-07T20:51:45+08:00 - debug: scp service file to: /etc/init.d/shadowsocks
2017-09-07T20:51:45+08:00 - debug: 拷贝代理管理脚本到虚拟机, 完成
2017-09-07T20:51:45+08:00 - info: /etc/init.d/kcptun on
2017-09-07T20:51:45+08:00 - info: /etc/init.d/shadowsocksr off
2017-09-07T20:51:45+08:00 - info: /etc/init.d/shadowsocks on
2017-09-07T20:51:45+08:00 - debug: 启动关闭相应代理, 完成
2017-09-07T20:51:45+08:00 - debug: 拷贝代理监护脚本到虚拟机, 完成
2017-09-07T20:51:45+08:00 - debug: 设置代理, 完成
2017-09-07T20:51:45+08:00 - debug: tcp redirPort: 1010
2017-09-07T20:51:45+08:00 - debug: udp redirPort: 1040
2017-09-07T20:51:45+08:00 - debug: 设置防火墙, 完成
2017-09-07T20:51:48+08:00 - debug: 设置dnsmasq, 完成
2017-09-07T20:51:48+08:00 - info: apply editting profile: hispeed
2017-09-07T20:51:56+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:51:56+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:51:56+08:00 - debug: about to trafficToPhysicalRouter
2017-09-07T20:51:56+08:00 - info: ssh connection has been ended
2017-09-07T20:51:56+08:00 - info: ssh connection was closed
2017-09-07T20:52:07+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:52:07+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:54:20+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T20:54:20+08:00 - debug: getAssignedHostonlyInf: vboxnet1
2017-09-07T20:54:20+08:00 - debug: about to trafficToPhysicalRouter
2017-09-07T23:18:39+08:00 - info: vrouter vm not running
2017-09-07T23:18:50+08:00 - debug: vm started
2017-09-07T23:18:50+08:00 - debug: about to connect to openwrt via ssh
2017-09-07T23:18:50+08:00 - info: bridgeServices: en0: Wi-Fi (AirPort),en1: Thunderbolt 1,en2: Thunderbolt 2,bridge0,p2p0,awdl0
2017-09-07T23:18:50+08:00 - info: actived Bridge Service: en0: Wi-Fi (AirPort)
2017-09-07T23:28:38+08:00 - debug: about to getAssignedHostonlyInf of vrouter. very slow on windows platform
2017-09-07T23:28:38+08:00 - debug: getAssignedHostonlyInf: vboxnet1

overcache · 2017-09-07T15:43:11Z

看起来挺正常的呢.
暂停VRouter, 然后分别在 macOS 和虚拟机里执行 nslookup baidu.com, nslookup google.com, 结果是什么呢;

再分别执行traceroute 114.114.114.114, 看看结果

overcache · 2017-09-07T15:44:47Z

你的局域网里还有其他 VRouter 吗? 该不会是 macAddress(889988998899) 冲突了吧

marknote · 2017-09-07T23:16:00Z

mac和vouter虚拟机里都一样，可以ping baidu不能ping google
traceroute全部失败

root@vrouter:~# nslookup baidu.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

Name:      baidu.com
Address 1: 111.13.101.208
Address 2: 220.181.57.217
Address 3: 123.125.114.144
root@vrouter:~# nslookup google.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

nslookup: can't resolve 'google.com': Name or service not known
root@vrouter:~# traceroute 114.114.114.114
traceroute to 114.114.114.114 (114.114.114.114), 30 hops max, 46 byte packets
 1  192.168.1.1 (192.168.1.1)  4.606 ms  1.246 ms  6.735 ms
 2  *  *  *
 3  *  *  *
 4  *  *  *
 5  *^C
root@vrouter:~# traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets
 1  192.168.1.1 (192.168.1.1)  4.530 ms  1.089 ms  0.799 ms
 2  *  *  *
 3  *  *  *
 4  *  *  *
 5  *  *  *
 6  *  *  *
 7  *  *  *
 8  *  *  *
 9  *^C

marknote · 2017-09-07T23:25:35Z

没有其他的vouter

marknote · 2017-09-07T23:31:52Z

现在结果是这样的：
开启vouter全局代理，开启DNS转发，UDP转发
可以上正常的网,而且用https://whatismyipaddress.com/看我上网走了SS 服务器的地址
但是所有列表中的domain，比如google／facebook/twitter全是resolving host

marknote · 2017-09-07T23:51:49Z

暂停vouter后在mac中可以nslookup google:

nslookup google.com
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
Name:	google.com
Address: 172.217.27.142

在vouter中nslookup google失败:

root@vrouter:~# nslookup google.com
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

nslookup: can't resolve 'google.com': Name or service not known

但是在vouter中下面的结果成功:


root@vrouter:~# nslookup google.com 8.8.8.8
Server:    8.8.8.8
Address 1: 8.8.8.8 google-public-dns-a.google.com

Name:      google.com
Address 1: 2404:6800:4008:801::200e tsa01s08-in-x0e.1e100.net
Address 2: 216.58.200.238 tsa03s01-in-f14.1e100.net

overcache · 2017-09-08T01:50:13Z

#41 可能是这个原因?

marknote · 2017-09-08T07:40:21Z

fast open 的false没有引号，不过proxies_watchdog里面有好几个[object Object]

#!/bin/sh

    output=$(ps -w| grep "[object Object] -[c] .*tunnel-dns.json")
    if [[ -z "$output" ]];then
      /etc/init.d/[object Object] restart
    fi

    output=$(ps -w| grep "[object Object] -[c] .*relay-udp.json")
    if [[ -z "$output" ]];then
      /etc/init.d/[object Object] restart
    fi

    output=$(ps -w| grep "ss-redir -[c] .*shadowsocks.json")
    if [[ -z "$output" ]];then
      /etc/init.d/shadowsocks restart
    fi

overcache · 2017-09-08T07:46:27Z

再排查下:

确保ps的结果中有/usr/bin/ss-tunnel -c /etc/vrouter/tunnel-dns.json进程, 这个进程是专门转发DNS的
确保cat /etc/vrouter/tunnel-dns.json 的配置是正确的
确保 nslookup google.com 127.0.0.1:1030能正确执行

如果 1,2 都没问题, 那可能是服务器或者网络的问题了

marknote · 2017-09-08T08:32:51Z

已经升级到v0.4.0-beta.2

1 确保ps的结果中有/usr/bin/ss-tunnel -c /etc/vrouter/tunnel-dns.json进程

root@vrouter:/etc/vrouter# ps |grep ss
 1892 root     20948 S    /usr/bin/ss-redir -c /etc/vrouter/shadowsocks.json
 5970 root     20264 S    /usr/bin/ss-tunnel -c /etc/vrouter/tunnel-dns.json
 5988 root     20232 S    /usr/bin/ss-redir-udp -c /etc/vrouter/relay-udp.json
30632 root      9288 S    grep ss

cat /etc/vrouter/tunnel-dns.json
同样的配置shadowsocks X可以work
依然失败

root@vrouter:/etc/vrouter# nslookup google.com 127.0.0.1:1030
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

nslookup: can't resolve 'google.com': Name or service not known

overcache · 2017-09-08T08:36:38Z

服务器开启UDP转发了吗? 服务器防火墙放行UDP了吗
不介意的话, 关键信息打码, 贴出ss-server的配置以及 /vrouter/tunnel-dns.json 的内容看看

marknote · 2017-09-08T08:40:06Z

比较诡异的是 nslookup bing.com可通，nslookup google.com不通
root@vrouter:/etc/vrouter# nslookup bing.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost

Name: bing.com
Address 1: 204.79.197.200 a-0001.a-msedge.net
Address 2: 13.107.21.200
root@vrouter:/etc/vrouter# nslookup google.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost

^C

overcache · 2017-09-08T08:42:00Z

因为 bing.com 不在黑名单，dns是本地查询的 On Sep 8, 2017 16:40, "MarkNote" <notifications@github.com> wrote: 比较诡异的是 nslookup bing.com可通，nslookup google.com不通 root@vrouter:/etc/vrouter# nslookup bing.com Server: 127.0.0.1 Address 1: 127.0.0.1 localhost Name: bing.com Address 1: 204.79.197.200 a-0001.a-msedge.net Address 2: 13.107.21.200 root@vrouter:/etc/vrouter# nslookup google.com Server: 127.0.0.1 Address 1: 127.0.0.1 localhost ^C — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#40 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AB0eaUZq70Z5oWrnd0g_hnlshcvlf98xks5sgP1ngaJpZM4PP-52> .

marknote · 2017-09-08T08:46:21Z

貌似没有进程监听1030端口:

root@vrouter:/etc/vrouter# nslookup bing.com 127.0.0.1:1030
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

^C
root@vrouter:/etc/vrouter# telnet  127.0.0.1:1030
telnet: can't connect to remote host (127.0.0.1): Connection refused

marknote · 2017-09-08T08:50:28Z

more /etc/vrouter/tunnel-dns.json
{
"server": "SS_SERVER",
"server_port": 8080,
"local_address": "0.0.0.0",
"local_port": 1030,
"password": "PASSWORD",
"timeout": 300,
"method": "aes-256-cfb",
"fast_open": false,
"mode": "udp_only",
"tunnel_address": "8.8.8.8:53"
}

overcache · 2017-09-08T08:54:48Z

udp 端口, telnet 应该连不上的, 要用netstat -nl查看

目前来看, 最大的可能就是你服务器配置的问题:

是否开始了 udp 转发
防火墙是否放行了 ssserver 的 udp 端口

marknote · 2017-09-08T08:56:43Z

防火墙应该开放udp哪个端口呢?

marknote · 2017-09-08T08:57:30Z

嗯，1030端口有监听
root@vrouter:/etc/vrouter# netstat -nl |grep 1030
udp 0 0 0.0.0.0:1030 0.0.0.0:*

overcache · 2017-09-08T09:03:21Z

ssserver 监听哪个端口就开放哪个.
前提是 sserver 的确在监听那个端口, 用netstat -nl确认

marknote · 2017-09-08T09:06:40Z

SS server是TCP协议啊，监听的8080端口
还开了KCPTun 需要的29000 UDP端口
这个配置shadowsocksX使用没有问题

marknote · 2017-09-08T09:08:27Z

DNS查询也需要转到SS server吗?

overcache · 2017-09-08T09:22:47Z

是的，vrouter 是将黑名单的域名交给远端服务器查询的，防止域名污染。
Shadowsocks x可能是把域名转化为tcp了吧，不太了解

marknote · 2017-09-08T09:28:37Z

打开了防火墙上UDP relay
全好了！
谢谢！
看来是没明白所依赖的条件
建议将SS-server的参考配置写个教程

overcache · 2017-09-08T09:31:10Z

好的.
有问题再反馈

overcache closed this as completed Sep 8, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

bad address #40

bad address #40

marknote commented Sep 7, 2017

overcache commented Sep 7, 2017

marknote commented Sep 7, 2017 •

edited

overcache commented Sep 7, 2017 •

edited

overcache commented Sep 7, 2017

marknote commented Sep 7, 2017

marknote commented Sep 7, 2017

marknote commented Sep 7, 2017

marknote commented Sep 7, 2017 •

edited

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017 •

edited

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017 via email

marknote commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017 •

edited

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

bad address #40

bad address #40

Comments

marknote commented Sep 7, 2017

overcache commented Sep 7, 2017

marknote commented Sep 7, 2017 • edited

应用“系统”信息

netstat

Ifconfig

部分日志

overcache commented Sep 7, 2017 • edited

overcache commented Sep 7, 2017

marknote commented Sep 7, 2017

marknote commented Sep 7, 2017

marknote commented Sep 7, 2017

marknote commented Sep 7, 2017 • edited

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017 • edited

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017 via email

marknote commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017 • edited

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

marknote commented Sep 8, 2017

overcache commented Sep 8, 2017

marknote commented Sep 7, 2017 •

edited

overcache commented Sep 7, 2017 •

edited

marknote commented Sep 7, 2017 •

edited

overcache commented Sep 8, 2017 •

edited

marknote commented Sep 8, 2017 •

edited