按照教程内网部署,国内分流失败,求教! #13
Replies: 41 comments 1 reply
-
|
你的部署参数是什么? |
Beta Was this translation helpful? Give feedback.
-
|
如果你内网有passwall这类环境,你需要把容器IP加入不走代理。如果容器走IP分流的话会干扰递归的判断。 |
Beta Was this translation helpful? Give feedback.
-
|
另外,镜像本身有提供SOCKS5代理的选项,你passwall可以开一个socks端口给他用的。没有代理也能正常工作,但有代理可以获得更接近你线路的解析结果。 |
Beta Was this translation helpful? Give feedback.
-
|
参数是第一个 感谢指导 |
Beta Was this translation helpful? Give feedback.
-
这个IP是你线路的IP吗,如果是,你需要考虑让容器“不分流”。 |
Beta Was this translation helpful? Give feedback.
-
|
如果socks5有密码格式是 账号:密码@ip:端口 吗 |
Beta Was this translation helpful? Give feedback.
-
|
另一种可能是这个IP不是你的线路IP但是你的递归因为网络问题导致无法获取到解析,然后故障转移到dnscrypt上,你可以使用以下命令来测试: dig whoami.ds.akahelp.net @192.168.1.8 txt -p5301或者在容器内执行: dig +trace whoami.ds.akahelp.net txt |
Beta Was this translation helpful? Give feedback.
-
|
还有一种情况是,你的所有请求都被软路由“劫持”了,无论什么请求都被重定向了。比如有的openwrt固件有这个设置: iptables -t nat -S|grep " 53" |
Beta Was this translation helpful? Give feedback.
-
|
为了方便调试,最新镜像加入了调试脚本,请拉取最新的镜像: docker pull sliamb/paopaodns:latest重新创建容器,并在容器内执行调试脚本: 查看输出结果并反馈。 |
Beta Was this translation helpful? Give feedback.
-
|
网络让我干崩了,才上来= =,谢谢! |
Beta Was this translation helpful? Give feedback.
-
|
debug.sh: not found |
Beta Was this translation helpful? Give feedback.
-
要拉最新的镜像才有,刚刚加进去的 |
Beta Was this translation helpful? Give feedback.
-
抱歉了,折腾了一大圈子,这回找到原因了,是我的resolv.conf不干净的原因,里边一堆dns
非权威应答: whoami.ds.akahelp.net text = whoami.ds.akahelp.net text = https://nstool.netease.com/ 另外拉取了最新的镜像 debug.sh: not found |
Beta Was this translation helpful? Give feedback.
-
|
那你可以加上dev标签,拉取 |
Beta Was this translation helpful? Give feedback.
-
我这个没问题吧 /data # debug.sh
|
Beta Was this translation helpful? Give feedback.
-
|
@mrzj110 没啥问题,如果你有你线路的socks代理的话可以考虑加上。 |
Beta Was this translation helpful? Give feedback.
-
|
你adguard home配置的上游是唯一的吗?192.168.0.127是你的adguard home套了一层的IP?还是192.168.0.127就是直接连的docker的端口 |
Beta Was this translation helpful? Give feedback.
-
adgurad作为可视化,他上游就是docker 192.168.0.4:53,127是客户端我电脑的ip |
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
-
你可以尝试直接用手机连docker的ip,跳过adh,或者你在电脑版看看adh的详细查询日志,是什么记录类型的查询耗时。 |
Beta Was this translation helpful? Give feedback.
-
|
@mrzj110 你是否有IPV6环境?如果你给手机分配了IPV6地址但没IPv6解析有可能会导致这种异常。因为这个超时值太凑巧了,我修改过的mosdns源码里面最大的超时值刚好是3000ms和总超时值4000ms,你这个显示的超时可能是指IPV6的超时值,还是建议用电脑版看看查询记录的类型是什么比较好判断。 |
Beta Was this translation helpful? Give feedback.
-
并没有开启ipv6,我又在家里的联通宽带公网下nas搭建了一套,使用非常流畅并没有上面的情况,上面的情况是公司的nas 用的是电信宽带没有公网,而且是两条宽带合并的,我估计是因为网络的原因导致的 |
Beta Was this translation helpful? Give feedback.
-
|
公网部署速度很快,内网经常国内解析走科学,一阵一阵的没得规律 |
Beta Was this translation helpful? Give feedback.
-
你这个公网内网是指的什么 |
Beta Was this translation helpful? Give feedback.
-
|
是一级路由和二级路由,不是运营商的公网和内网 |
Beta Was this translation helpful? Give feedback.
-
你的意思是,服务部署在一级路由器下正常,部署在二级路由下会有这种情况是吗 |
Beta Was this translation helpful? Give feedback.
-
|
对的,之前单独用的mosdns,没准mesh组网下部署能行,二级路由不在同网段 |
Beta Was this translation helpful? Give feedback.
-
|
主路由弄完了开网页确实比其他的反应快 |
Beta Was this translation helpful? Give feedback.
-
是这样的,国内解析会走加密查询只有一种情况,就是本地递归查询超时失败,故障转移到加密查询上,而本地递归查询超时的情况可能是上级网络的限制比如Qos、丢包等,因为递归查询会并发一定的UDP查询,网络质量太差的话会可能造成超时。 |
Beta Was this translation helpful? Give feedback.
-
|
折腾网络容易崩,所以基本在二级路由折腾的,感谢不断优化! |
Beta Was this translation helpful? Give feedback.
-
|
@zixiang5288 @mrzj110 新增 |
Beta Was this translation helpful? Give feedback.
-
环境:内网
科学: passwall
验证递归DNS
nslookup -type=TXT whoami.ds.akahelp.net 10.0.0.8
服务器: UnKnown
Address: 10.0.0.8
非权威应答:
whoami.ds.akahelp.net text =
国内走的科学,国内分流失败,求指教
Beta Was this translation helpful? Give feedback.
All reactions