https类型DNS服务器在sing-box运行一段时间后失效

[usaxyh]

操作系统

Linux

系统版本

OPENWRT 24.10

安装类型

sing-box 原始命令行程序

如果您使用图形客户端程序，请提供该程序版本。

No response

版本

1.12.0-alpha.9

描述

当https类型DNS服务器使用域名作为地址（已设置domain_resolver）时，一段时间后解析会失效。

重现方式

{
"log": {
"disabled": false,
"level": "debug",
"timestamp": true
},
"dns": {
"servers": [
{
"tag": "dns-remote",
"type": "https",
"domain_resolver": "dns-direct",
"server": "ip.cubecloud.win",
"server_port": 443,
"detour": "direct"
},
{
"tag": "dns-direct",
"type": "udp",
"server": "114.114.114.114",
"server_port": 53,
"detour": "direct"
},
{
"tag": "fakeip",
"type": "fakeip",
"inet4_range": "198.18.0.0/15"
}
],
"rules": [
{
"clash_mode": "direct",
"action": "route",
"server": "dns-direct"
},
{
"clash_mode": "global",
"action": "route",
"server": "dns-remote"
},
{
"domain": "mwd.cubecloud.win",
"action": "route",
"server": "dns-remote"
},
{
"rule_set": "geosite-microsoft@cn",
"action": "route",
"server": "dns-direct"
},
{
"rule_set": "geosite-cn",
"action": "route",
"server": "dns-direct"
},
{
"type": "logical",
"mode": "and",
"rules": [
{
"rule_set": "geosite-geolocation-!cn",
"invert": true
},
{
"rule_set": "geoip-cn"
}
],
"action": "route",
"server": "dns-remote",
"client_subnet": "114.114.114.114/24"
},
{
"query_type": "A",
"action": "route",
"server": "fakeip",
"rewrite_ttl": 1
}
],
"strategy": "ipv4_only",
"independent_cache": true
},
"inbounds": [
{
"type": "tun",
"tag": "tun-in",
"interface_name": "tun0",
"mtu": 9000,
"address": "172.19.0.1/30",
"auto_route": true,
"strict_route": true,
"auto_redirect": true,
"stack": "system",
"route_exclude_address_set": [
"geoip-cn"
],
"route_exclude_address": [
"10.0.0.0/8",
"100.64.0.0/10",
"169.254.0.0/16",
"172.16.0.0/12",
"192.168.0.0/23",
"192.168.2.0/24",
"192.168.4.0/22",
"192.168.8.0/21",
"192.168.16.0/20",
"192.168.32.0/19",
"192.168.64.0/18",
"192.168.128.0/17"
]
}
],
"outbounds": [
{
"type": "selector",
"tag": "proxy",
"outbounds": [
"nezha-🇭🇰",
"lala-🇲🇾",
"lala-🇭🇰",
"vkvm-🇭🇰",
"dmit-🇭🇰-T1",
"dmit-🇺🇸",
"direct"
],
"default": "lala-🇭🇰",
"interrupt_exist_connections": true
},
{
"type": "selector",
"tag": "telegram",
"outbounds": [
"nezha-🇭🇰",
"lala-🇲🇾",
"lala-🇭🇰",
"vkvm-🇭🇰",
"dmit-🇭🇰-T1",
"dmit-🇺🇸"
],
"default": "lala-🇭🇰",
"interrupt_exist_connections": true
},
{
"type": "selector",
"tag": "google",
"outbounds": [
"nezha-🇭🇰",
"lala-🇲🇾",
"lala-🇭🇰",
"vkvm-🇭🇰",
"dmit-🇭🇰-T1",
"dmit-🇺🇸"
],
"default": "lala-🇭🇰",
"interrupt_exist_connections": true
},
{
"type": "selector",
"tag": "microsoft",
"outbounds": [
"nezha-🇭🇰",
"lala-🇲🇾",
"lala-🇭🇰",
"vkvm-🇭🇰",
"dmit-🇭🇰-T1",
"dmit-🇺🇸",
"direct"
],
"default": "lala-🇭🇰",
"interrupt_exist_connections": true
},
{
"type": "direct",
"tag": "direct"
}
],
"route": {
"rules": [
{
"action": "sniff"
},
{
"port": 53,
"protocol": "dns",
"action": "hijack-dns"
},
{
"protocol": "ssh",
"action": "route",
"outbound": "dmit-🇭🇰-T1"
},
{
"domain": "mwd.cubecloud.win",
"action": "route",
"outbound": "direct"
},
{
"clash_mode": "direct",
"action": "route",
"outbound": "direct"
},
{
"clash_mode": "global",
"action": "route",
"outbound": "proxy"
},
{
"ip_cidr": [
"5.5.5.5/32"
],
"action": "reject",
"method": "drop"
},
{
"ip_is_private": true,
"action": "route",
"outbound": "direct"
},
{
"network": "udp",
"port": 443,
"rule_set": "geosite-youtube",
"action": "reject",
"method": "default",
"no_drop": false
},
{
"rule_set": "geosite-microsoft@cn",
"action": "route",
"outbound": "direct"
},
{
"rule_set": "geosite-tiktok",
"action": "route",
"outbound": "lala-🇭🇰"
},
{
"rule_set": "geosite-google",
"action": "route",
"outbound": "google"
},
{
"rule_set": [
"geosite-microsoft",
"geosite-bing",
"geosite-openai"
],
"action": "route",
"outbound": "microsoft"
},
{
"rule_set": "geoip-telegram",
"action": "route",
"outbound": "telegram"
},
{
"rule_set": "geosite-private",
"action": "route",
"outbound": "direct"
},
{
"rule_set": "geosite-cn",
"action": "route",
"outbound": "direct"
},
{
"rule_set": "geoip-cn",
"action": "route",
"outbound": "direct"
}
],
"rule_set": [
{
"type": "remote",
"tag": "geoip-telegram",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geoip/telegram.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geoip-cn",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geoip/cn.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-cn",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/cn.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-google",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/google.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-youtube",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/youtube.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-microsoft@cn",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/[email protected]",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-microsoft",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/microsoft.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-openai",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/openai.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-bing",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/bing.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-geolocation-!cn",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/geolocation-!cn.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-private",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/private.srs",
"download_detour": "proxy"
},
{
"type": "remote",
"tag": "geosite-tiktok",
"format": "binary",
"url": "https://github.com/MetaCubeX/meta-rules-dat/raw/sing/geo/geosite/tiktok.srs",
"download_detour": "proxy"
}
],
"default_domain_resolver": "dns-remote",
"final": "proxy",
"auto_detect_interface": true
},
"experimental": {
"cache_file": {
"enabled": true,
"path": "/etc/sing-box/cache.db",
"store_fakeip": true
},
"clash_api": {
"external_controller": "192.168.3.99:1010",
"external_ui": "/etc/sing-box/zashboard",
"external_ui_download_url": "https://github.com/Zephyruso/zashboard/releases/latest/download/dist.zip",
"secret": "123456",
"default_mode": "rule"
}
}
}

日志

5217:29:45error[853063319 42.21s] router: process DNS packet connection: dial tcp: lookup ip.cubecloud.win on [::1]:53: write udp [::1]:51380->[::1]:53: write: operation not permitted
85117:29:45error[853063319 42.21s] dns: exchange failed for ip.cubecloud.win. IN A: dial tcp: lookup ip.cubecloud.win on [::1]:53: write udp [::1]:51380->[::1]:53: write: operation not permitted
83817:29:40error[853063319 37.21s] dns: exchange failed for ip.cubecloud.win. IN A: dial tcp: lookup ip.cubecloud.win: i/o timeout
83417:29:40error[2863468763 23.37s] dns: exchange failed for client-side-detection.api.cx.metamask.io. IN A: dial tcp: lookup ip.cubecloud.win: i/o timeout
81417:29:37debug[3401369745 0ms] dns: exchanged imap.gmail.com NOERROR 1
79117:29:35error[2863468763 18.28s] router: process DNS packet connection: dial tcp: lookup ip.cubecloud.win on [::1]:53: write udp [::1]:42028->[::1]:53: write: operation not permitted
79017:29:35error[853063319 32.12s] router: process DNS packet connection: dial tcp: lookup ip.cubecloud.win on [::1]:53: write udp [::1]:42028->[::1]:53: write: operation not permitted
78917:29:35error[853063319 32.12s] dns: exchange failed for ip.cubecloud.win. IN A: dial tcp: lookup ip.cubecloud.win on [::1]:53: write udp [::1]:42028->[::1]:53: write: operation not permitted
78817:29:35error[2863468763 18.28s] dns: exchange failed for client-side-detection.api.cx.metamask.io. IN A: dial tcp: lookup ip.cubecloud.win on [::1]:53: write udp [::1]:42028->[::1]:53: write: operation not permitted
78717:29:34error[2863468763 17.35s] dns: exchange failed for client-side-detection.api.cx.metamask.io. IN A: dial tcp: lookup ip.cubecloud.win: i/o timeout
77817:29:33error[2863468763 16.35s] dns: exchange failed for client-side-detection.api.cx.metamask.io. IN A: dial tcp: lookup ip.cubecloud.win: i/o timeout
77717:29:33error[2863468763 16.32s] dns: exchange failed for client-side-detection.api.cx.metamask.io. IN A: dial tcp: lookup ip.cubecloud.win: i/o timeout
76917:29:31error[1394113412 5.0s] dns: exchange failed for client-side-detection.api.cx.metamask.io. IN A: dial tcp: lookup ip.cubecloud.win: i/o timeout
76817:29:31error[334380009 5.0s] dns: exchange failed for client-side-detection.api.cx.metamask.io. IN HTTPS: dial tcp: lookup ip.cubecloud.win: i/o timeout
76717:29:30error[3252752761 7.50s] dns: exchange failed for jpush.io. IN A: dial tcp: lookup ip.cubecloud.win: i/o timeout
76317:29:30error[853063319 27.11s] dns: exchange failed for ip.cubecloud.win. IN A: dial tcp: lookup ip.cubecloud.win: i/o timeout
76217:29:30error[3190270345 5.0s] dns: exchange failed for client-side-detection.api.cx.metamask.io. IN A: dial tcp: lookup ip.cubecloud.win: i/o timeout
76117:29:30error[41376006 5.0s] dns: exchange failed for client-side-detection.api.cx.metamask.io. IN HTTPS: dial tcp: lookup ip.cubecloud.win: i/o timeout

支持我们

• 我已经 赞助

完整性要求

• 我保证阅读了文档，了解所有我编写的配置文件项的含义，而不是大量堆砌看似有用的选项或默认值。
• 我保证提供了可以在本地重现该问题的服务器、客户端配置文件与流程，而不是一个脱敏的复杂客户端配置文件。
• 我保证提供了可用于重现我报告的错误的最简配置，而不是依赖远程服务器、TUN、图形界面客户端或者其他闭源软件。
• 我保证提供了完整的配置文件与日志，而不是出于对自身智力的自信而仅提供了部分认为有用的部分。

[usaxyh]

更新一下，不使用域名，直接使用1.1.1.1 DOH也存在这个问题