Skip to content

Router: Use built-in-dns only once for all rules (in "IPOnDemand"/"IPIfNonMatch" mode) #5210

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 14, 2025
Merged

Router: Use built-in-dns only once for all rules (in "IPOnDemand"/"IPIfNonMatch" mode) #5210

merged 2 commits into from
Oct 14, 2025

Conversation

patterniha
Copy link
Collaborator

@patterniha patterniha commented Oct 6, 2025
edited
Loading

we should have the same resolved-IPs for a domain for all IP-rules, otherwise wrong-outbound may be chosen (discussed in #5138).

also, currently, if for example we have 10 IP-rules and our dns-server is unavailable, we wait a long time to choose the outbound (at least 4 seconds for each = 40 seconds!).

so if we encounter an error for an IP-rule (failed to resolve the domain to IP), we should use that for all other IP-rules and don't use built-in-dns again for every IP-rule.

///

also note that, this is only for one-dispatch and everything is reset for the next-dispatch.

@Meo597
Copy link
Contributor

Meo597 commented Oct 6, 2025

这次是真的拉了一坨大的,弄出个 Breaking Change

本来非 AsIs 目的是不信任原始请求中的 IP,路由模块自己重新解析一下
现在直接废了

你真的只顾自己的伊朗需求,不考虑广泛使用的透明代理等用途吗?

@patterniha
Copy link
Collaborator Author

@Meo597

right, i should not change the place of if ips := ctx.Context.GetTargetIPs(); len(ips) != 0 {return ips}.

the priority of built-in-dns-result should be higher than original target-ip.

Is it okay for you now?

@Meo597
Copy link
Contributor

Meo597 commented Oct 6, 2025

Is it okay for you now?

np

@patterniha
Copy link
Collaborator Author

So we reached an agreement.

@Meo597
Copy link
Contributor

Meo597 commented Oct 7, 2025
edited
Loading

Yes, caching errors in a single dispatch is acceptable.

This PR doesn't break any functionality.

And it can resolve the edge case issue you described.

I believe performing a DNS lookup for every IP rule is a code defect.

The lazy query in the source code design was originally intended to reduce latency.

Because if an IP rule cannot be matched due to a parsing error, skipping it and moving to the next IP rule may lead to unexpected behavior.

@RPRX
Copy link
Member

RPRX commented Oct 14, 2025

既然 @Meo597 看过了就先合了然后交给众测吧

@RPRX RPRX changed the title Router: Use built-in-dns only once for all rules(in "IPOnDemand"/"IPIfNonMatch" mode) Router: Use built-in-dns only once for all rules (in "IPOnDemand"/"IPIfNonMatch" mode) Oct 14, 2025
@RPRX RPRX merged commit 21a9658 into main Oct 14, 2025
81 of 82 checks passed
@RPRX RPRX deleted the once-query branch October 14, 2025 20:59
@RPRX
Copy link
Member

RPRX commented Oct 14, 2025

话说伊朗的英文习惯是括号前不加空格吗

Dimas862 pushed a commit to Dimas862/Xray-core that referenced this pull request Oct 15, 2025
REVERT to 25.9.11
7185439 
Revert "v25.10.15"

This reverts commit b69a376.

Revert "VLESS Reverse Proxy: Transfer real Source & Local (IP & port), enabled by default"

This reverts commit 12f4a01.

Revert "XHTTP client: Change default `maxConcurrency` to 1 for speed testing"

This reverts commit 9cc7907.

Revert "Router: Use built-in-dns only once for all rules (in "IPOnDemand"/"IPIfNonMatch" mode) (XTLS#5210)"

This reverts commit 21a9658.

Revert "README.md: Add PasarGuard to Web Panels (XTLS#5224)"

This reverts commit 7f436f5.

Revert "Update github.com/xtls/reality to 20251014195629"

This reverts commit dcfde8d.

Revert "Bump golang.org/x/net from 0.44.0 to 0.46.0 (XTLS#5215)"

This reverts commit 898db92.

Revert "Bump google.golang.org/grpc from 1.75.1 to 1.76.0 (XTLS#5212)"

This reverts commit 8dd0e38.

Revert "transport/internet/reality/reality.go: Safely get negotiated CurveID in VerifyPeerCertificate()"

This reverts commit 40f0a54.

Revert "Bump github.com/refraction-networking/utls from 1.8.0 to 1.8.1 (XTLS#5229)"

This reverts commit 1762d6c.

Revert "Fix shadowsocks2022 memory leak (XTLS#5166)"

This reverts commit 1952488.

Revert "fix: darwin arm64 always has AESGCMHardwareSupport (XTLS#5176)"

This reverts commit 4a825c0.

Revert "Bump github.com/quic-go/quic-go from 0.54.1 to 0.55.0 (XTLS#5208)"

This reverts commit 514c9e5.

Revert "feat(config): add unix socket HTTP config loader support (XTLS#5200)"

This reverts commit 2f366ae.

Revert "Fix vless reverse panic in vision (XTLS#5189)"

This reverts commit c0c88f3.

Revert "Bump github.com/quic-go/quic-go from 0.54.0 to 0.54.1 (XTLS#5180)"

This reverts commit d0344bc.

Revert "Bump google.golang.org/protobuf from 1.36.9 to 1.36.10 (XTLS#5203)"

This reverts commit a6ebb30.

Revert "Outbound: One endpoint and at most one user only (XTLS#5144)"

This reverts commit fe57507.

Revert "Config: Outbound proxy config no need to be nested (XTLS#5124)"

This reverts commit 83c5370.

Revert "Bump google.golang.org/grpc from 1.75.0 to 1.75.1 (XTLS#5129)"

This reverts commit 1a48453.

Revert "app/dispatcher/default.go: Close link when routedDispatch() failed (XTLS#5131)"

This reverts commit 3167e5c.

Revert "app/dispatcher/default.go: Add comment on run-time rejecting non-existent outbound tag"

This reverts commit 5148c57.
@BrewTestBot BrewTestBot mentioned this pull request Oct 15, 2025
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@Meo597 Meo597 Meo597 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@patterniha @Meo597 @RPRX