| 網(wǎng)絡故障(network failure)是指由于硬件的問題、軟件的漏洞、病毒的侵入等引起網(wǎng)絡無法提供正常服務或降低服務質(zhì)量的狀態(tài)。 一直不喜歡V2ray的配置文件(現(xiàn)在還是不喜歡)。我覺得它太亂了,一點也不清楚。不同的入站和出站混合在一起,無法清楚地區(qū)分每個服務。其實這也是v2ray靈活性的體現(xiàn)。 簡單的說,v2ray沒有服務端和客戶端的區(qū)別,或者說v2ray的客戶端和服務端是在一起的; inbounds作為服務端,接受客戶端的請求,對應客戶端的outbounds; outbounds 作為客戶端,向服務端發(fā)起請求,對應服務端的入站。同一個v2ray的入站和出站是通過路由連接的。路由用于定義當我的一個入站接收流量時應將哪個出站發(fā)送到。所以v2ray可以做到:inbounds接收流量,然后檢查路由,根據(jù)路由設置轉(zhuǎn)發(fā)到指定的outbounds。 透明代理的配置來自v2的白話教程: {
"inbounds": [
{
"tag": "home",
"port": YOUR PORT,
"protocol": "vmess",
"settings": {
"clients": [{ "id": YOUR ID }]
}
},
{
"tag":"transparent",
"port": 12345,
"protocol": "dokodemo-door",
"settings": {
"network": "tcp,udp",
"followRedirect": true
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"streamSettings": {
"sockopt": {
"tproxy": "tproxy"
}
}
},
{
"port": 1080,
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls"]
},
"settings": {
"auth": "noauth"
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "144.202.94.28",
"port": YOUR VPS PORT,
"users": [{ "id": YOUR VPS ID }]
}
]
},
"streamSettings": {
"sockopt": {
"mark": 255
}
},
"mux": {
"enabled": true
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {
"domainStrategy": "UseIP"
},
"streamSettings": {
"sockopt": {
"mark": 255
}
}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
},
{
"tag": "dns-out",
"protocol": "dns",
"streamSettings": {
"sockopt": {
"mark": 255
}
}
}
],
"dns": {
"servers": [
"8.8.8.8",
"1.1.1.1",
"114.114.114.114",
{
"address": "223.5.5.5",
"port": 53,
"domains": [
"geosite:cn",
"ntp.org",
"144.202.94.28"
]
}
]
},
"routing": {
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"inboundTag": ["home"],
"outboundTag": "direct"
},
{
"type": "field",
"inboundTag": [
"transparent"
],
"port": 53,
"network": "udp",
"outboundTag": "dns-out"
},
{
"type": "field",
"inboundTag": [
"transparent"
],
"port": 123,
"network": "udp",
"outboundTag": "direct"
},
{
"type": "field",
"ip": [
"223.5.5.5",
"114.114.114.114"
],
"outboundTag": "direct"
},
{
"type": "field",
"ip": [
"8.8.8.8",
"1.1.1.1"
],
"outboundTag": "proxy"
},
{
"type": "field",
"domain": [
"geosite:category-ads-all"
],
"outboundTag": "block"
},
{
"type": "field",
"protocol":["bittorrent"],
"outboundTag": "direct"
},
{
"type": "field",
"ip": [
"geoip:private"
],
"outboundTag": "direct"
}
]
}
}
CPU可能滿載的情況參考:v2ray tproxy透明代理導致CPU占用100% 后面需要配置iptables規(guī)則,請參考鏈接:。 (設置iptables規(guī)則時,如果執(zhí)行了代理網(wǎng)關的本地部分,會導致交叉NAT連接失敗,即端口映射后路由器無法從外網(wǎng)連接到bypass,參見:v2ray作為內(nèi)網(wǎng)網(wǎng)關,公網(wǎng)訪問局域網(wǎng)服務器出錯,此時不要作為本地網(wǎng)關的代理) 關于使用v2ray作為VPN,說實話,v2ray不合格,v2ray只支持TCP/UDP。我用它作為Wireguard的補充,防止UDP干擾,但現(xiàn)在我只是在準備。
本文來自本站,轉(zhuǎn)載請注明本文網(wǎng)址:
http://www.pc-fly.com/a/tongxingongju/article-380308-1.html
當今,越來越多的業(yè)務應用運行于網(wǎng)絡架構之上,保障網(wǎng)絡的持續(xù)、高效、安全的運行,成為網(wǎng)絡管理者面臨的巨大挑戰(zhàn)。
|
