V2ray-core: 使用nginx无法转发websocket

Created on 30 Nov 2017  ·  9Comments  ·  Source: v2ray/v2ray-core

小弟正在使用v2ray 2.51.2版本,尝试使用nginx转发websocket并加密,反复尝试均不成功,客户端显示如下:
2017/11/30 21:50:22 [Warning]App|Proxyman|Outbound: failed to process outbound traffic > Proxy|VMess|Outbound: failed to find an available destination > Retry: [Transport|Internet|WebSocket: failed to dial WebSocket > Transport|Internet|WebSocket: failed to dial to (wss://192.121.30.45/v2ray): 404 Not Found > websocket: bad handshake] > Retry: all retry attempts failed

服务端v2ray配置

{
  "log": {
      "access": "/var/log/v2ray/access.log",
      "error": "/var/log/v2ray/error.log",
      "loglevel": "warning"
  },
  "inbound": {
      "port": 1987,
      "protocol": "vmess",
      "settings": {
          "clients": [
              {
                  "id": "sd3456bc-7387-4efa-0d90-c6e0add72426",
                  "level": 1,
                  "alterId": 100
              }
          ]
      },
    "streamSettings":{
    "network":"ws",
    "wsSettings": {
        "path": "/v2ray"
        }
  }
},
  "outbound": {
      "protocol": "freedom",
      "settings": {}
  },
  "inboundDetour": [],
  "outboundDetour": [
      {
          "protocol": "blackhole",
          "settings": {},
          "tag": "blocked"
      }
  ],
  "routing": {
      "strategy": "rules",
      "settings": {
          "rules": [
              {
                  "type": "field",
                  "ip": [
                      "0.0.0.0/8",
                      "10.0.0.0/8",
                      "100.64.0.0/10",
                      "127.0.0.0/8",
                      "169.254.0.0/16",
                      "172.16.0.0/12",
                      "192.0.0.0/24",
                      "192.0.2.0/24",
                      "192.168.0.0/16",
                      "198.18.0.0/15",
                      "198.51.100.0/24",
                      "203.0.113.0/24",
                      "::1/128",
                      "fc00::/7",
                      "fe80::/10"
                  ],
                  "outboundTag": "blocked"
              }
          ]
      }
  }
}

客户端v2ray配置
{
  "log": {
    "loglevel": "warning"
  },
  "inbound": {
    "port": 1080,
    "listen": "127.0.0.1",
    "protocol": "socks",
    "settings": {
      "auth": "noauth",
      "udp": true,
      "ip": "127.0.0.1"
    }
  },
  "outbound": {
    "protocol": "vmess",
    "settings": {
      "vnext": [
        {
          "address": "198.181.45.102",
          "port": 443,
          "users": [
            {
              "id": "sd3456bc-7387-4efa-0d90-c6e0add72426",
              "alterId": 100,
              "security": "auto"
            }
          ]
        }
      ]
    },
    "streamSettings": {
      "network": "ws",
      "security": "tls",
      "tlsSettings": {
        "serverName": "mydomain.me"
    },
    "wsSettings":{
        "path":"/v2ray"
     }
    }
  },
  "outboundDetour": [
    {
      "protocol": "freedom",
      "settings": {},
      "tag": "direct"
    }
  ],
  "dns": {
    "servers": [
      "119.29.29.29",
      "114.114.114.114",
      "8.8.8.8",
      "localhost"
    ]
  },
  "routing": {
    "strategy": "rules",
    "settings": {
      "domainStrategy": "IPIfNonMatch",
      "rules": [
        {
          "type": "field",
          "port": "1-52",
          "outboundTag": "direct"
        },
        {
          "type": "field",
          "port": "54-79",
          "outboundTag": "direct"
        },
        {
          "type": "field",
          "port": "81-442",
          "outboundTag": "direct"
        },
        {
          "type": "field",
          "port": "444-464",
          "outboundTag": "direct"
        },
        {
          "type": "field",
          "port": "466-992",
          "outboundTag": "direct"
        },
        {
          "type": "field",
          "port": "994-65535",
          "outboundTag": "direct"
        },
        {
          "type": "field",
          "domain": [
            "geosite:cn"
          ],
          "outboundTag": "direct"
        },
        {
          "type": "field",
          "ip": [
            "0.0.0.0/8",
            "10.0.0.0/8",
            "100.64.0.0/10",
            "127.0.0.0/8",
            "169.254.0.0/16",
            "172.16.0.0/12",
            "192.0.0.0/24",
            "192.0.2.0/24",
            "192.168.0.0/16",
            "198.18.0.0/15",
            "198.51.100.0/24",
            "203.0.113.0/24",
            "::1/128",
            "fc00::/7",
            "fe80::/10",
            "geoip:cn"
          ],
          "outboundTag": "direct"
        }
      ]
    }
  }
}

etc/nginx/sites-available/default配置
server {
listen 443 ssl;
ssl on;
ssl_certificate /etc/v2ray/v2ray.crt;
ssl_certificate_key /etc/v2ray/v2ray.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name mydomain.me;
location /v2ray {
proxy_redirect off;
proxy_pass http://127.0.0.1:1987;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
}
希望大神能给予指点,解决问题,万分感谢!

picture mzxwt

Most helpful comment

我也有同样的问题。出问题的地方是cloudflare。
解决方法:如果要套cdn,把crypto的选项调成Full.

picture am1006 on 20 Jun 2019
👍4

All 9 comments

服务器inbound里加一个127.0.0.1的地址

burndown picture burndown on 30 Nov 2017

加过之后变成这样了!
2017/11/30 23:11:55 [Warning]App|Proxyman|Outbound: failed to process outbound traffic > Proxy|VMess|Outbound: failed to find an available destination > Retry: [Transport|Internet|WebSocket: failed to dial WebSocket > Transport|Internet|WebSocket: failed to dial to (wss:///192.121.30.45/v2ray): 502 Bad Gateway > websocket: bad handshake] > Retry: all retry attempts failed

mzxwt picture mzxwt on 30 Nov 2017

把客户端的address换成域名

burndown picture burndown on 1 Dec 2017

猜测你的Nginx配置了域名,但v2ray只发了IP,所以404了。这种情况可以用ws的header配置来填一下域名。具体配置请参考官方文档和Nginx相关说明。

DarienRaymond picture DarienRaymond on 1 Dec 2017

针对这种情况是不是可以加一些log呢?我把v2ray的log调成debug,也仍然没能从v2ray和nginx(没调log等级)的log里发现任何线索。。。后来搜到这个issue才意识到问题所在。

Btw,谢谢 @DarienRaymond

wlnirvana picture wlnirvana on 2 Dec 2017

非常感谢各位大神的回复!现在改成lnmp的nginx,问题解决了。非常感谢大家!

mzxwt picture mzxwt on 8 Dec 2017

我也有同样的问题。出问题的地方是cloudflare。
解决方法:如果要套cdn,把crypto的选项调成Full.

am1006 picture am1006 on 20 Jun 2019
👍4

针对这种情况是不是可以加一些log呢?我把v2ray的log调成debug,也仍然没能从v2ray和nginx(没调log等级)的log里发现任何线索。。。后来搜到这个issue才意识到问题所在。

Btw,谢谢 @DarienRaymond

请问后来是如何解决的呢,我也遇到这个问题。
nginx请求access.log一直提示 400,但 服务器v2ray没有任何 access.log日志记录。

fbens picture fbens on 8 Jul 2019

我也有同样的问题。出问题的地方是cloudflare。
解决方法:如果要套cdn,把crypto的选项调成Full.

我没有用cloudflare,也出现这个提示 400 Bad Request > websocket: bad handshake
客户端请v2RayN一直报这个,服务端nginx的日志 access.log 一直提示 400,而服务端的v2ray日志级别为 debug,却没有任何日志。

fbens picture fbens on 8 Jul 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ahdung picture ahdung  ·  3Comments
supersndqd picture supersndqd  ·  3Comments
shuangyuxiaoyi picture shuangyuxiaoyi  ·  4Comments
gzzchh picture gzzchh  ·  3Comments
qnxsgwy picture qnxsgwy  ·  3Comments