Conversation
DHR60
commented
Feb 25, 2026
DHR60
commented
- 最终路由规则
- DNS 直连保护规则
DHR60
force-pushed
the
fix3
branch
2 times, most recently
from
780ba84 to
5548511
Compare
|
在现有内置路由规则集下, 下面的是黑名单产生的规则,是否有点问题? |
|
内置的规则集虽然叫黑白名单,但是实际上个人的路由规则可能不同,确实不应该改变 |
|
规则生成上确实有点 bug,我修下
倒不是改变规则的问题 是如果多出口的话必须指定 balancer 出口,否则全部走 outbounds 第一个节点了就。 单节点出口跳过这个规则可能确实更合理 |
|
打算是改成这样 [
{
"type": "field",
"port": "0-65535",
"outboundTag": "direct"
},
{
"type": "field",
"inboundTag": [
"direct-dns-1",
"direct-dns-2"
],
"outboundTag": "direct"
},
{
"type": "field",
"inboundTag": [
"dns-module"
],
"balancerTag": "proxy-round"
},
{
"type": "field",
"network": "tcp,udp",
"balancerTag": "proxy-round"
}
]可能看上去还是有点怪吧,尤其是 黑名单,dns-module proxy 完全不起作用 |
|
或者 DNS 直连保护规则提到最前面 但是会导致这个问题:2dust/v2rayNG#4905 |
|
修成这样了 #8841 (comment) |
|
@2dust 这个不合吗? 那所有 Xray 的策略组配置生成都是有问题的,只会走第一个节点 |
|
还没有看明白,等下一版吧 |
是否简单的修复方式? |
白名单最后添加一个 "network": "tcp,udp" -> proxy? |
我是推荐这个,并且和 sing-box 的逻辑相同 正常分流就是应该哪里落地用哪里的 DNS,用自建的 DNS 是不合理的 |
如果能解决问题,可以这样做。 |
|
我认为应该在代码添加,直接 Append 到最后 举个最简单例子,规则集所有规则都删掉。结果策略组直接不能用了。这明显不符合预期 |
|
可以,能否简单的写一个 PR 过来,针对 策略组 强制添加规则。 |
|
简单的就第一个 commit 吧 没问题的话我就开个新 pr |
行, 把策略组的路由 bug 修复下先 |
|
翻了下我一年前提交给 v2rayNG 的 pr ,想起来为什么要 加 DNS routing 了 对于从 DNS 模块发出的路由会绕过 IP 规则,但是 IPIfNonMatch 的最终规则是 0.0.0.0/0 的 IP 匹配,这就导致远程 DNS 匹配不到任何规则,回落到 outbounds 第一个节点,但如果第一个节点恰好失效或延迟很高,那整个远程 DNS 模块都无法正常查询。 总而言之,如果不加的话,所有 Xray 的策略组配置的远程 DNS 路由都是有问题的 |
There was a problem hiding this comment.
Pull request overview
This PR adds DNS routing support to the V2ray/Xray config generation so that “direct DNS” servers are explicitly routed through the direct outbound, providing stronger protection for direct/whitelisted DNS resolution paths.
Changes:
- Add tagging for “direct DNS” server entries and generate a corresponding routing rule to force those tagged DNS queries through the
directoutbound. - Adjust DNS server generation so direct DNS servers can be emitted as structured server objects (with tags) when needed.
- Introduce
Global.DirectDnsTagand simplifyDnsServer4Rayby removing unused properties.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
v2rayN/ServiceLib/Services/CoreConfig/V2ray/V2rayDnsService.cs |
Tags direct DNS servers and adds routing rules to ensure direct-DNS queries egress via direct. |
v2rayN/ServiceLib/Models/V2rayConfig.cs |
Removes unused DNS server model fields, keeping only properties used by current generation logic. |
v2rayN/ServiceLib/Global.cs |
Adds DirectDnsTag constant used for tagging and routing matching. |
Comments suppressed due to low confidence (2)
v2rayN/ServiceLib/Services/CoreConfig/V2ray/V2rayDnsService.cs:271
JsonSerializerOptionsis being instantiated inside theforeachloop. Consider reusing a single options instance (e.g., a local static/readonly variable) to avoid repeated allocations and ensure consistent serialization settings across all DNS server entries.
var dnsServer = CreateDnsServer(dns, []);
dnsServer.tag = $"{Global.DirectDnsTag}-{directDnsTagIndex++}";
dnsServer.skipFallback = false;
dnsItem.servers.Add(JsonUtils.SerializeToNode(dnsServer,
new JsonSerializerOptions { DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull }));
}
v2rayN/ServiceLib/Services/CoreConfig/V2ray/V2rayDnsService.cs:327
JsonSerializerOptionsis created for every DNS server added. Consider caching/reusing a single options instance for this method to reduce per-server allocations (especially when domain lists are large).
var dnsServer = CreateDnsServer(dnsAddress, domains, expectedIPs);
if (isDirectDns)
{
dnsServer.tag = $"{Global.DirectDnsTag}-{directDnsTagIndex++}";
}
var dnsServerNode = JsonUtils.SerializeToNode(dnsServer,
new JsonSerializerOptions { DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull });
dnsItem.servers.Add(dnsServerNode);
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
