V2ray-core: V2Ray mKCP Packet Can Be Dropped By Firewall
Please read the instruction and answer the following questions before submitting your issue. Thank you.
Please answer all the questions with enough information. All issues not following this template will be closed immediately.
If you are not sure if your question is truely a bug in V2Ray, please discuss it here first.
1) What version of V2Ray are you using (If you deploy different version on server and client, please explicitly point out)?
Server 4.13.0
Client 4.10.0 / 4.13.0 / Latest Git version
2) What's your scenario of using V2Ray? E.g., Watching YouTube videos in Chrome via Socks/VMess proxy.
Loading Youtube, or test the speed on fast.com
3) What did you see? (Please describe in detail, such as timeout, fake TLS certificate etc)
The same configuration runs perfectly on Fedora 29 / Windows 10, however, the same configuration cannot run properly on MacOS Mojave 10.14.2 and Fedora 28
There are always an error report in error.log on client side:
v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > v2ray.com/core/proxy/socks: failed to transport all TCP request > read tcp 127.0.0.1:10800->127.0.0.1:60737: read: connection reset by peer
10800 is the local sock5 proxy port
On server side, there also error report saying the connection is broken.
It seems that Client reports the connection is closed by server, and server reports that the connection is broken.
However, I tested the same configuration in the same network environment, Fedora 29 and Windows 10 works, but MacOS Mojave 10.14.2 doesn't work and Fedora 28 doesn't work
The same system running SS + KCP can reach 50Mbps / s on fast.com
but V2ray + KCP on the same system can only reach 12Kbpx / s on fast.com
It seems that some low level network configuration triggered such issue.
4) What's your expectation?
V2Ray should run properly
5) Please attach your configuration file (Mask IP addresses before submit this issue).
Server configuration:
{
"log": {
"loglevel": "debug",
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log"
},
"inbounds": [
{
"port": "port_a-port_b",
"listen": "my.server.ip.addr",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "",
"level": 0,
"alterId": 32
}
],
"detour": {
"to": "dynamicKcpPort"
},
"disableInsecureEncryption": true
},
"allocate": {
"strategy": "always",
"refresh": 5,
"concurrency": 5
},
"streamSettings": {
"network": "kcp",
"security": "none",
"kcpSettings": {
"mtu": 1350,
"tti": 20,
"uplinkCapacity": 20,
"downlinkCapacity": 100,
"congestion": true,
"readBufferSize": 1,
"writeBufferSize": 1,
"header": {
"type": "none"
}
}
}
},
{
"port": "50000-60000",
"listen": "my.server.ip.addr",
"protocol": "vmess",
"tag": "dynamicKcpPort",
"settings": {
"default": {
"level": 1,
"alterId": 32
}
},
"allocate": {
"strategy": "random",
"refresh": 3,
"concurrency": 20
},
"streamSettings": {
"network": "kcp",
"security": "none",
"kcpSettings": {
"mtu": 1350,
"tti": 20,
"uplinkCapacity": 100,
"downlinkCapacity": 100,
"congestion": true,
"readBufferSize": 2,
"writeBufferSize": 2,
"header": {
"type": "none"
}
}
}
}
],
"outbounds": [{
"protocol": "freedom",
"settings": {}
},{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}],
"routing": {
"rules": [
{
"type": "field",
"ip": ["geoip:private"],
"outboundTag": "blocked"
}
]
}
}
Client configuration:
{
"log": {
"loglevel": "debug",
"access": "/opt/v2ray/log/access.log",
"error": "/opt/v2ray/log/error.log"
},
"inbounds": [
{
"port": 10800,
"listen": "127.0.0.1",
"protocol": "socks",
"domainOverride": ["tls","http"],
"settings": {
"auth": "noauth",
"udp": true,
"ip": "127.0.0.1"
}
}
],
"outbounds": [
{
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "my.server.ip.addr",
"port": my_port,
"users": [
{
"id": "",
"alterId": 16,
"security": "auto",
"level": 0
}
]
}
]
},
"streamSettings": {
"network" : "kcp",
"security" : "none",
"kcpSettings": {
"mtu" : 1350,
"tti" : 10,
"uplinkCapacity" : 20,
"downlinkCapacity" : 100,
"congestion" : true,
"readBufferSize" : 1,
"writeBufferSize" : 1,
"header": {
"type": "none"
}
}
},
"mux": {
"enabled" : true,
"concurrency" : 4
}
}
],
"policy": {
"levels": {
"0": {
"handshake" : 4,
"connIdle" : 300,
"uplinkOnly" : 0,
"downlinkOnly" : 0,
"statsUserUplink" : false,
"statsUserDownlink" : false,
"bufferSize" : 1024
}
}
}
}
6) Please attach error logs, especially the bottom lines if the file is large. Error log file is usually at /var/log/v2ray/error.log on Linux.
Server error log:
2019/01/25 11:58:14 [Info] [2819699236] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/freedom: connection ends > v2ray.com/core/proxy/freedom: failed to process request > io: read/write on closed pipe
2019/01/25 11:58:14 [Info] [2819699236] v2ray.com/core/common/mux: session 3 ends. > io: read/write on closed pipe
2019/01/25 11:58:14 [Info] [2819699236] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/freedom: connection ends > v2ray.com/core/proxy/freedom: failed to process request > io: read/write on closed pipe
2019/01/25 11:58:14 [Info] [2819699236] v2ray.com/core/common/mux: session 2 ends. > io: read/write on closed pipe
2019/01/25 11:58:14 [Info] [2819699236] v2ray.com/core/common/mux: received request for tcp:notifications.google.com:443
2019/01/25 11:58:14 [Info] [2819699236] v2ray.com/core/app/dispatcher: default route for tcp:notifications.google.com:443
2019/01/25 11:58:14 [Info] [2819699236] v2ray.com/core/proxy/freedom: opening connection to tcp:notifications.google.com:443
2019/01/25 11:58:14 [Info] [2819699236] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:notifications.google.com:443
2019/01/25 11:58:41 [Info] v2ray.com/core/transport/internet/kcp: #49116 creating connection to 222.66.148.122:62812
2019/01/25 11:58:41 [Info] [3311520728] v2ray.com/core/proxy/vmess/inbound: received request for tcp:v1.mux.cool:0
2019/01/25 11:58:41 [Debug] [3311520728] v2ray.com/core/proxy/vmess/inbound: pick detour handler for port 58544 for 1 minutes.
2019/01/25 11:58:41 [Info] [3311520728] v2ray.com/core/common/mux: received request for tcp:clients4.google.com:443
2019/01/25 11:58:41 [Info] [3311520728] v2ray.com/core/app/dispatcher: default route for tcp:clients4.google.com:443
2019/01/25 11:58:41 [Info] [3311520728] v2ray.com/core/proxy/freedom: opening connection to tcp:clients4.google.com:443
2019/01/25 11:58:41 [Info] [3311520728] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:clients4.google.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/common/mux: received request for tcp:www.youtube.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/app/dispatcher: default route for tcp:www.youtube.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/proxy/freedom: opening connection to tcp:www.youtube.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:www.youtube.com:443
2019/01/25 11:58:49 [Info] v2ray.com/core/transport/internet/kcp: #49117 creating connection to 222.66.148.122:55057
2019/01/25 11:58:49 [Info] [3954450110] v2ray.com/core/proxy/vmess/inbound: received request for tcp:v1.mux.cool:0
2019/01/25 11:58:49 [Debug] [3954450110] v2ray.com/core/proxy/vmess/inbound: pick detour handler for port 52677 for 1 minutes.
2019/01/25 11:58:49 [Info] [3954450110] v2ray.com/core/common/mux: received request for tcp:www.gstatic.com:443
2019/01/25 11:58:49 [Info] [3954450110] v2ray.com/core/common/mux: received request for tcp:clients1.google.com:443
2019/01/25 11:58:49 [Info] [3954450110] v2ray.com/core/app/dispatcher: default route for tcp:www.gstatic.com:443
2019/01/25 11:58:49 [Info] [3954450110] v2ray.com/core/proxy/freedom: opening connection to tcp:www.gstatic.com:443
2019/01/25 11:58:49 [Info] [3954450110] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:www.gstatic.com:443
2019/01/25 11:58:49 [Info] [3954450110] v2ray.com/core/app/dispatcher: default route for tcp:clients1.google.com:443
2019/01/25 11:58:49 [Info] [3954450110] v2ray.com/core/proxy/freedom: opening connection to tcp:clients1.google.com:443
2019/01/25 11:58:49 [Info] [3954450110] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:clients1.google.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/common/mux: received request for tcp:i.ytimg.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/common/mux: received request for tcp:yt3.ggpht.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/app/dispatcher: default route for tcp:i.ytimg.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/proxy/freedom: opening connection to tcp:i.ytimg.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:i.ytimg.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/app/dispatcher: default route for tcp:yt3.ggpht.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/proxy/freedom: opening connection to tcp:yt3.ggpht.com:443
2019/01/25 11:58:49 [Info] [3311520728] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:yt3.ggpht.com:443
2019/01/25 11:58:53 [Info] v2ray.com/core/transport/internet/udp: failed to read UDP msg > read udp xxx.xxx.xxx.xxx:58100: use of closed network connection
.......
2019/01/25 11:59:02 [Info] [1508942888] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/freedom: connection ends > context canceled
2019/01/25 11:59:02 [Info] [1508942888] v2ray.com/core/common/mux: session 4 ends. > io: read/write on closed pipe
2019/01/25 11:59:02 [Info] [1508942888] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: connection ends > io: read/write on closed pipe
2019/01/25 11:59:02 [Info] [1508942888] v2ray.com/core/app/proxyman/inbound: failed to close connection > v2ray.com/core/transport/internet/kcp: Connection closed.
2019/01/25 11:59:02 [Info] [1508942888] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/freedom: connection ends > context canceled
2019/01/25 11:59:02 [Info] [1508942888] v2ray.com/core/common/mux: session 2 ends. > io: read/write on closed pipe
2019/01/25 11:59:02 [Info] [2819699236] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/freedom: connection ends > context canceled
2019/01/25 11:59:02 [Info] [2819699236] v2ray.com/core/common/mux: session 4 ends. > io: read/write on closed pipe
2019/01/25 11:59:02 [Info] [2819699236] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: connection ends > io: read/write on closed pipe
2019/01/25 11:59:02 [Info] [2819699236] v2ray.com/core/app/proxyman/inbound: failed to close connection > v2ray.com/core/transport/internet/kcp: Connection closed.
2019/01/25 11:59:02 [Info] [2819699236] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/freedom: connection ends > context canceled
2019/01/25 11:59:02 [Info] [2819699236] v2ray.com/core/common/mux: session 1 ends. > io: read/write on closed pipe
2019/01/25 11:59:02 [Info] [2819699236] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/freedom: connection ends > context canceled
2019/01/25 11:59:02 [Info] [2819699236] v2ray.com/core/common/mux: session 5 ends. > io: read/write on closed pipe
Client error log:
2019/01/26 00:55:46 [Info] [230605851] v2ray.com/core/proxy/socks: TCP Connect request to tcp:www.youtube.com:443
2019/01/26 00:55:46 [Info] [230605851] v2ray.com/core/app/dispatcher: sniffed domain: www.youtube.com
2019/01/26 00:55:46 [Info] [230605851] v2ray.com/core/app/dispatcher: default route for tcp:www.youtube.com:443
2019/01/26 00:55:46 [Info] [230605851] v2ray.com/core/common/mux: dispatching request to tcp:www.youtube.com:443
2019/01/26 00:55:46 [Info] v2ray.com/core/transport/internet/kcp: dialing mKCP to udp:my.server.ip.addr:my_port
2019/01/26 00:55:46 [Info] v2ray.com/core/transport/internet/kcp: #26772 creating connection to my.server.ip.addr:my_port
2019/01/26 00:55:46 [Info] v2ray.com/core/proxy/vmess/outbound: tunneling request to tcp:v1.mux.cool:9527 via tcp:my.server.ip.addr:my_port
2019/01/26 00:55:46 [Info] [2374225388] v2ray.com/core/proxy/socks: TCP Connect request to tcp:i.ytimg.com:443
2019/01/26 00:55:46 [Info] [2374225388] v2ray.com/core/app/dispatcher: sniffed domain: i.ytimg.com
2019/01/26 00:55:46 [Info] [2374225388] v2ray.com/core/app/dispatcher: default route for tcp:i.ytimg.com:443
2019/01/26 00:55:46 [Info] [2374225388] v2ray.com/core/common/mux: dispatching request to tcp:i.ytimg.com:443
2019/01/26 00:55:46 [Info] [2923585768] v2ray.com/core/proxy/socks: TCP Connect request to tcp:yt3.ggpht.com:443
2019/01/26 00:55:46 [Info] [2923585768] v2ray.com/core/app/dispatcher: sniffed domain: yt3.ggpht.com
2019/01/26 00:55:46 [Info] [2923585768] v2ray.com/core/app/dispatcher: default route for tcp:yt3.ggpht.com:443
2019/01/26 00:55:46 [Info] [2923585768] v2ray.com/core/common/mux: dispatching request to tcp:yt3.ggpht.com:443
2019/01/26 00:55:59 [Info] [2923585768] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > v2ray.com/core/proxy/socks: failed to transport all TCP request > read tcp 127.0.0.1:10800->127.0.0.1:61412: read: connection reset by peer
2019/01/26 00:55:59 [Info] [2923585768] v2ray.com/core/common/mux: failed to fetch all input > io: read/write on closed pipe
2019/01/26 00:55:59 [Info] [2672667638] v2ray.com/core/proxy/socks: TCP Connect request to tcp:clients4.google.com:443
2019/01/26 00:55:59 [Info] [2672667638] v2ray.com/core/app/dispatcher: sniffed domain: clients4.google.com
2019/01/26 00:55:59 [Info] [2672667638] v2ray.com/core/app/dispatcher: default route for tcp:clients4.google.com:443
2019/01/26 00:55:59 [Info] [2672667638] v2ray.com/core/common/mux: dispatching request to tcp:clients4.google.com:443
7) Please attach access log. Access log is usually at '/var/log/v2ray/access.log' on Linux.
2019/01/26 00:55:46 tcp:127.0.0.1:61410 accepted tcp:www.youtube.com:443
2019/01/26 00:55:46 tcp:127.0.0.1:61411 accepted tcp:i.ytimg.com:443
2019/01/26 00:55:46 tcp:127.0.0.1:61412 accepted tcp:yt3.ggpht.com:443
2019/01/26 00:55:59 tcp:127.0.0.1:61415 accepted tcp:clients4.google.com:443
2019/01/26 00:56:20 tcp:127.0.0.1:61425 accepted tcp:yt3.ggpht.com:443
2019/01/26 00:56:21 tcp:127.0.0.1:61426 accepted tcp:www.youtube.com:443
2019/01/26 00:56:21 tcp:127.0.0.1:61428 accepted tcp:www.youtube.com:443
2019/01/26 00:56:21 tcp:127.0.0.1:61427 accepted tcp:www.youtube.com:443
2019/01/26 00:56:21 tcp:127.0.0.1:61429 accepted tcp:www.youtube.com:443
2019/01/26 00:56:23 tcp:127.0.0.1:61432 accepted tcp:clients1.google.com:443
8) Other configurations (such as Nginx) and logs.
9) If V2Ray doesn't run, please attach output from --test.
The command is usually /usr/bin/v2ray/v2ray --test --config /etc/v2ray/config.json, but may vary according to your scenario.
10) If V2Ray service doesn't run, please attach journal log.
Usual command is journalctl -u v2ray.
Please review your issue before submitting.
changyp6
All 6 comments
I also tested QUIC transport, which is also based on UDP.
QUIC performance is as slow as KCP in V2Ray.
In this case, I suspect that this issue is NOT related to KCP, it is a UDP issue.
I noticed that there isn't any code in V2Ray Core that calling setsockopt to set UDP send buffer and receive buffer size.
changyp6
on 28 Jan 2019
Alion548
on 30 Jan 2019
@DarienRaymond 我把底层的UDP读取函数,都改成用hub_linux.go里的函数了。
在MacOS上面,读取速度还是一样的慢。
然而上传速度却非常快,可以到18Mbps,下载速度却一直是30kbps
在fast.com上测试得到的结果。
然而,同样的网络环境,同样的机器,上面运行ss + kcp,下载速度可以到33Mbps
还得请你帮忙分析一下,是什么原因导致了这么大的差异 ?
changyp6
on 19 Feb 2019
@DarienRaymond 我用Wireshark抓包分析了一下。发现奇怪的情况。
在Wireshark中,UDP数据包都被收到了,接收速度也很快,的确是根据KCP中设置的MTU的大小在传输数据。
但是奇怪的是,这些数据,好像都没有被收到,或者是说,都被KCP丢掉了。
changyp6
on 20 Feb 2019
@DarienRaymond 又做了一个实验。
在Fedora 29上面,V2ray + mKcp运行良好,速度非常快。
把相同的配置和相同的软件,拷贝到另一台有问题的电脑上,就会出现UDP性能极度下降的问题。
现在我怀疑是不是和Golang底层的UDP实现有关系,或者是和网卡驱动程序有关系?
但是,上层的应用怎么会直接被底层的实现影响呢?
为什么kcptun同样是Go写的UDP传输应用,没有这个现象呢?
changyp6
on 20 Feb 2019
@DarienRaymond 又做了测试,发现是公司的防火墙,把V2ray的mkcp的包给限速了。然而,kcptun的数据包却没有被限速。
为什么V2ray的mkcp包会触发防火墙的限速,而kcptun的包却不会呢?
changyp6
on 25 Feb 2019
Related issues
cnperi
·
4Comments
vonhezhou
·
4Comments
qnxsgwy
·
3Comments
gzzchh
·
3Comments
choicky
·
4Comments
Most helpful comment
@DarienRaymond 又做了测试,发现是公司的防火墙,把V2ray的mkcp的包给限速了。然而,kcptun的数据包却没有被限速。
为什么V2ray的mkcp包会触发防火墙的限速,而kcptun的包却不会呢?