-
-
Notifications
You must be signed in to change notification settings - Fork 5.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Xbox one 100% packet loss #361
Comments
Hi, |
It'd be a compatibility issue of ss-redir. You can run |
Also try to enlarge the timeout of ss-redir, e.g. |
@smartepsh # create ip rules ip rule add fwmark 0x01/0x01 table 100 ip route add local 0.0.0.0/0 dev lo table 100 # creat mangle chain iptables -t mangle -N SHADOWSOCKS2 # return these ip iptables -t mangle -N SHADOWSOCKS2 iptables -t mangle -A SHADOWSOCKS2 -d 0.0.0.0/8 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 10.0.0.0/8 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 127.0.0.0/8 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 169.254.0.0/16 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 172.16.0.0/12 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 192.168.0.0/16 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 224.0.0.0/4 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 240.0.0.0/4 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d $ss_server -j RETURN # redirect udp traffic to tpoxy iptables -t mangle -A SHADOWSOCKS2 -p udp -m set ! --match-set chnroute dst -j TPROXY --on-port 3333 --tproxy-mark 0x01/0x01 # apply rule for udp redirect iptables -t mangle -A PREROUTING -p udp -j SHADOWSOCKS2 |
@madeye Is this any help? |
Try to redirect all logs to a plain text file and upload somewhere. According to the screenshot, I cannot find anything useful. On Thu, Jul 30, 2015, 10:23 PM sadoneli notifications@github.com wrote:
|
@sadoneli Thanks, But it still not work...Can u post all your iptables rules and /etc/dnsmasq.conf ? So sad... |
@sadoneli Could you change https://github.com/shadowsocks/shadowsocks-libev/blob/master/src/udprelay.h#L40 |
@sadoneli Also, could you try set LAN's MTU to 1397? |
1 ok,i will try it 2 However, Xbox1 is not capable of define mtu |
To set MTU, add this line |
@smartepsh #!/bin/sh source /jffs/configs/ss.sh chnroute="/jffs/ss/redchn/chnroute.txt" ipset -F >/dev/null 2>&1 ipset -X >/dev/null 2>&1 # load chnroute to ipset sed -e "s/^/-A chnroute &/g" -e "1 i\-N chnroute nethash --hashsize 4096" $chnroute | awk '{print $0} END{print "COMMIT"}' | ipset -R # for router itself ipset -N router iphash # create nat chain iptables -t nat -N SHADOWSOCKS # not redirect these iptables -t nat -A SHADOWSOCKS -d $ss_server -j RETURN iptables -t nat -A SHADOWSOCKS -d 0.0.0.0/8 -j RETURN iptables -t nat -A SHADOWSOCKS -d 10.0.0.0/8 -j RETURN iptables -t nat -A SHADOWSOCKS -d 127.0.0.0/8 -j RETURN iptables -t nat -A SHADOWSOCKS -d 169.254.0.0/16 -j RETURN iptables -t nat -A SHADOWSOCKS -d 172.16.0.0/12 -j RETURN iptables -t nat -A SHADOWSOCKS -d 192.168.0.0/16 -j RETURN iptables -t nat -A SHADOWSOCKS -d 224.0.0.0/4 -j RETURN iptables -t nat -A SHADOWSOCKS -d 240.0.0.0/4 -j RETURN # others should be redirected iptables -t nat -A SHADOWSOCKS -p tcp -m set ! --match-set chnroute dst -j REDIRECT --to-ports 3333 #iptables -t nat -A SHADOWSOCKS -p icmp -j REDIRECT --to-ports 3333 #iptables -t nat -A SHADOWSOCKS -p sctp -j REDIRECT --to-ports 3333 # create ip rules ip rule add fwmark 0x01/0x01 table 100 ip route add local 0.0.0.0/0 dev lo table 100 # creat mangle chain iptables -t mangle -N SHADOWSOCKS2 # return these ip iptables -t mangle -N SHADOWSOCKS2 iptables -t mangle -A SHADOWSOCKS2 -d 0.0.0.0/8 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 10.0.0.0/8 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 127.0.0.0/8 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 169.254.0.0/16 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 172.16.0.0/12 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 192.168.0.0/16 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 224.0.0.0/4 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 240.0.0.0/4 -j RETURN # redirect udp traffic to tpoxy iptables -t mangle -A SHADOWSOCKS2 -d $ss_server -j RETURN iptables -t mangle -A SHADOWSOCKS2 -d 208.67.220.220 -j RETURN iptables -t mangle -A SHADOWSOCKS2 -p udp -m set ! --match-set chnroute dst -j TPROXY --on-port 3333 --tproxy-mark 0x01/0x01 # apply rule for udp redirect iptables -t mangle -A PREROUTING -p udp -j SHADOWSOCKS2 iptables -t nat -A PREROUTING -i br0 -p tcp -j SHADOWSOCKS # for router itself iptables -t nat -A OUTPUT -p tcp -m set --match-set router dst -j REDIRECT --to-ports 3333 |
@madeye |
#define MAX_UDP_PACKET_SIZE (576) is this right? |
I think you can use the latest commit directly: a9f8b2b |
I have conpiled the latest shadowsocks the test guy said he still get 100% packet loss btw, by force setting |
Try to tune the interface's MTU on router, like With shadowsocks and TPROXY, I don't think Path MTU discovery could work properly. Then with a wrong MTU (typically larger than the allowed one), |
I have compiled the lasted shadowsocks-libev today. ifconfig eth0 down ifconfig eth0 mtu 1400 ifconfig eth0 up I was able to change the mtu dispalyed on X1 result bleow: default eth0 mtu=1500,shadowsocks disabled, X1 mtu is 1480,enable shadowsocks,X1 mtu is 1500 setting eth0 mtu=1488,shadowsocks disabled, X1 mtu is 1480,enable shadowsocks,X1 mtu is 1488 setting eth0 mtu=1400,shadowsocks disabled, X1 mtu is 1392,enable shadowsocks,X1 mtu is 1400 setting eth0 mtu=1397,shadowsocks disabled, X1 mtu is 1389,enable shadowsocks,X1 mtu is 1397 1.package still get 100% loss, in any mtu test circumstance. |
Could you run tcpdump on your router when test the speed?
|
Also, could you run the following command on your server in the same time?
|
I am currently using ASUS RT-AC87U, with merlin firmware |
This is my monitors record x1_s.cap is Server filter is ip.addr==65.55.42.21 114.241.15.189 is my wan ip cap download |
In addition, it has been determined game mode (UDP forwarding) will cause CODAW, The Last Of Us and other games people search difficult |
@Liqianyu According to your cap, it seems that every echo packet arrives normally. |
@madeye Under normal circumstances, there is a return packet length 105, as described above in FIG. But gaming mode router and server I did not see this package |
@Liqianyu Could you run tcpdump on your server, I want to make sure the ping packet is properly sent to XBOX's server. |
@madeye Servers and routers are equipped with tcpdump. The above x1_s.cap is server listens. |
@Liqianyu in x1_s.cap, I saw many echo test packets sent to 65.55.42.21:3074, but no packets received from that server. |
BTW, which encryption are your using? |
@Paull 你给我的这几个命令是什么作用?我输入你这4个命令是不是相当于给150这个IP设了一个dmz,就不用输入下面一堆转发端口命令了吧? 另外我之前评论发的两条端口转发输完是错的… |
Any update? I have the exactly same issue and still can't be solved. I'm playing Diablo 3 on xbox one connecting with raspberry pi. |
@Paull 有一个问题,GOOGLE了一圈无解,输入你给的那4个,搬瓦工狂给我发邮件,说有漏洞强制给我添加一个条规则关闭53端口。。。邮件内容:
You can fix this vulnerability by securing your DNS daemon (or by removing it from your server). Once this vulnerability is fixed, you may remove these iptables rules. |
我觉得还是关了这个issue吧 |
@sadoneli 不要关啊,问题还没解决。。。 |
@madeye 最近版本反映这事儿的人又多起来了,能不能有解决方案,希望作者能回复下喽~ |
It'd be a compatibility issue between transparent proxy and XBox. I think it's almost impossible to fix the issue from my side only. Also, you may try this: http://lartc.org/howto/lartc.cookbook.mtu-mss.html. For example:
|
@madeye is 1320 a random number or suggest one? |
Just a random number, which should be small enough for common links. |
Please try the latest commit to see if it would help. |
I'll try the latest this weekend. |
@Paull 这么难搞,我还是用网易的uu主机加速吧,最近网易uu在内测主机版加速 |
I can confirm the packet loss rate in the xbox test will not show 100% after the server side (client does not need) shut down the Path MTU Discovery feature disbale pmtu means echo 1 > /proc/sys/net/ipv4/ip_no_pmtu_disc By default, client enable pmtu / server enable pmtu --> 100% loss client disbale pmtu / server disbale pmtu --> 0% loss |
大佬你的这个问题解决了吗?就是这个65.55.42.21 没有response的问题 |
you sure you want to set this value to 1?
|
For whoever searches for a xbox proxy solution: I gave up trying xbox with shadowsocks a long time ago. I think the time I put in was not quite worthy since my major need was to play xbox games in China and have more fun. You can purchase something like UU Game Booster (by NetEase). You will find your life will be way easier and better. But if you are "because I can" type, don't mind me. It's fun trying, for sure. |
Try 46382c2 |
我的nat是开放,但多人测试是100%丢包,找谁说理去,upnp开了不行,然后试了下DMZ也不行,已崩溃 |
别折腾了,用 uu 加速器吧,openwrt 也支持的,真的... |
为啥用加速器,我用软路由用着也挺好的,我又不天天打网游, |
When configured udp proxy through TPROXY as described in wiki.
everything works fine,PS4 get nat2 in -u mode.
but X1 have an issue of 100% packet loss.
I am not sure weather this problem comes from ss-redir
If the problem comes from ss-redir,
Is there any test I can do to help?
The text was updated successfully, but these errors were encountered: