Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS resolve problem on China Telecom. Failed to connect to cp.cloudflare.com/127.0.0.1:443 #2798

Open
6 of 16 tasks
shell12345 opened this issue Sep 4, 2021 · 5 comments
Open
6 of 16 tasks

DNS resolve problem on China Telecom. Failed to connect to cp.cloudflare.com/127.0.0.1:443 #2798

shell12345 opened this issue Sep 4, 2021 · 5 comments
Labels
bug

Comments

@shell12345
Copy link

shell12345 commented Sep 4, 2021
edited
Loading

Describe the bug
DNS-related bugs. I use China Telecom (wifi or China mobile is fine) I get this error Failed to connect to cp.cloudflare.com/127.0.0.1:443.
I resolve DNS on the remote server on bypass china mode ( all route is also fine). I notice the China Telecom will send "127.0.0.1" if request a sensitive domain name. So I think it is a bug that ss send DNS requests to the internet provider.
Pls, fix it.
A comprise way to solve this problem is to enable private dns. Then, all DNS requests are sent to private DNS, like dns.google. But I did not find a single one to work smoothly under my network (latency or can not connect).
related issue #2760.

Smartphone (please complete the following information):

  • Android/11
  • Device: [oppo findx 3 huawei matepad pro]
  • Version: [5.2.5]
  • Last version that did not exhibit the issue: [not applicable]

Configuration
Put an x inside the [ ] that applies.

  • [x ] IPv4 server address
  • IPv6 server address
  • Client IPv4 availability
  • Client IPv6 availability
  • Encrypt method:
  • Route
    • All
    • Bypass LAN
    • Bypass China
    • Bypass LAN & China
    • GFW List
    • China List
    • Custom rules
  • IPv6 route
  • Apps VPN mode
    • Bypass mode
  • Remote DNS: 127.0.0.1
  • DNS over UDP
  • Plugin configuration (if applicable):
  • Auto Connect
  • TCP Fast Open
  • If you're not using VPN mode, please supply more details here:

Additional context
Add any other context about the problem here.
@shell12345 shell12345 added the bug label Sep 4, 2021
@shell12345
Copy link
Author

I think DNS resolve problems last for a long time.
I read an issue that said ss will leak DNS to the internet provider, only all route mode is fine.
Now, this issue may be more serious, an internet provider like China Telecom will send 127.0.0.1 to local when requests a sensitive domain.
So, any advice?
Private DNS is just comprised way.

@Mygod
Copy link
Contributor

Mygod commented Sep 5, 2021

Use bypass China instead?

@shell12345
Copy link
Author

shell12345 commented Sep 5, 2021
edited
Loading

Use bypass China instead?

Thanks for the reply.
Two modes works:

  1. all route.
  2. bypass China.
    Others encounter the error Failed to connect to cp.cloudflare.com/127.0.0.1:443.

So why bypass china and local failed?

@gfw-report gfw-report mentioned this issue Sep 9, 2021
Open
@Mygod
Copy link
Contributor

Mygod commented Oct 10, 2021

127.0.0.1 is a LAN address and therefore matches the bypass LAN rule.

@aohanhongzhi
Copy link

The same happened to me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Mygod @aohanhongzhi @shell12345