可能是WebSocket代码相关遗留问题，希望能改善

[LearZhou]

问题描述：使用vmess + ws + tls的过程中，客户端时常会遇到这样的 log:
2021/01/21 21:04:58 [Warning] [4140165948] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://yourdomain/path): > dial tcp: operation was canceled] > v2ray.com/core/common/retry: all retry attempts failed

因为是测试，所以测试环境可以排除线路问题导致的中断。怀疑有可能是WebSocket处理代码的遗留问题，希望开发者（老大）能够想办法改善。

由于ws可以通过cdn，应用场景还是很广，非常期望老大能将这部分代码梳理、优化。

感谢！！

[MarksonHon]

@LearZhou 测试环境具体情况呢？比如软件版本、TLS是哪来的？

[LearZhou]

服务器端是 xray 1.2.3，之前的版本情况差不多。TLS 是 Let's crypt 申请的证书，放在运行xray的服务器。

客户端用xray的各种版本，或者v2ray的版本，都会出现类似情况。测试客户端是在国外的主机，可以排除通过GFW造成干扰或者其它线路问题。

[AkinoKaede]

服务端 log 呢

[LearZhou]

服务器端的log没有发现问题。

[AkinoKaede]

服务器端的log没有发现问题。

最好还是能发下配置和日志。
不过我先建议你校准时间

[LearZhou]

已经排除，不是时间校准问题。

这个节点是可以正常用的，服务器端配置是挺标准的那种vmess + ws + tls的配置，只是使用时客户端会不时出现头上贴出来的那种消息。

感觉可能是WebSocket的一个遗留下来的bug。如果老大能顺势将websocket代码潜在的问题梳理一下就好了，因为能配合cdn的配置，使用面还是相当广的，修正一些bugs会非常有意义。

[AkinoKaede]

已经排除，不是时间校准问题。

这个节点是可以正常用的，服务器端配置是挺标准的那种vmess + ws + tls的配置，只是使用时客户端会不时出现头上贴出来的那种消息。

感觉可能是WebSocket的一个遗留下来的bug。如果老大能顺势将websocket代码潜在的问题梳理一下就好了，因为能配合cdn的配置，使用面还是相当广的，修正一些bugs会非常有意义。

排除线路问题…是内网吗…

[LearZhou]

是指的客户端和服务器端都在国外。

[xianren78]

内网测测试试

[LearZhou]

不行，客户端还是会时不时出现那样的错误信息。

[LearZhou]

访问某些网站特别容易触发，比如：
https://forum.emule-project.net/
可供老大们复现时参考。

[jiuqi9997]

@LearZhou 有对网络体验造成影响吗

[LearZhou]

客户端配置：

  "outbounds": [
    {
      // Tag of the outbound proxy. May be used for routing.
      "tag": "proxy",

      // Protocol name of the outbound proxy.
      "protocol": "vmess",

      // Settings of the protocol. Varies based on protocol.
      "settings": {
        "vnext": [
          {
            "address": "myaddress",
            "port": 443,
            "users": [
              {
                "id": "the uuid",
                "alterId": 64
              }
            ]
          }
        ]
      },
      "mux": {
        "concurrency": -1,
        "enabled": false
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path": "/mypath"
        },
        "security": "tls"
      }
    },

服务器端配置：

  "inbounds": [
    {
      "port": 10000,
      "listen": "0.0.0.0",
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
            "id": "my uuid",
            "alterId": 64,
            "level": 0
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path": "/mypath"
        },
        "security": "none"
      }
    },

因为是用HaProxy反代，所以这里security设定为none。

[LearZhou]

在出现那个错误之前，客户端的log还可能出现如下错误信息：
2021/01/24 09:43:15 tcp:127.0.0.1:56207 rejected v2ray.com/core/proxy/socks: failed to read request > read tcp 127.0.0.1:1080->127.0.0.1:56207: wsarecv: An established connection was aborted by the software in your host machine.

似乎不是成对出现，不太清楚这之间是否有彼此关联。

[LearZhou]

最后确定是因为客户端关掉了mux配置导致的。用这个配置就没事：

      "mux": {
        "concurrency": 4,
        "enabled": true
      },

但这导致我更多疑问。为何把mux模块关掉（concurrency设置成-1）就会出问题？我是听说各方面的介绍，mux问题多等，才会想到去关掉它的；那么mux究竟在什么时候能起好作用、什么时候不行，很想听听比较权威的说法。

另外关于mux的smux改造，是否能清除掉原来的缺陷呢？届时推荐配置应该为何？

[SekiBetu]

最后确定是因为客户端关掉了mux配置导致的。用这个配置就没事：

      "mux": {
        "concurrency": 4,
        "enabled": true
      },

但这导致我更多疑问。为何把mux模块关掉（concurrency设置成-1）就会出问题？我是听说各方面的介绍，mux问题多等，才会想到去关掉它的；那么mux究竟在什么时候能起好作用、什么时候不行，很想听听比较权威的说法。

另外关于mux的smux改造，是否能清除掉原来的缺陷呢？届时推荐配置应该为何？

感觉是线路问题，mux减少了超时情况所以没连接失败？

有试过排除线路问题的内网测试吗

[badO1a5A90]

同上, 建议内网测试, 排除线路问题.

[RPRX]

WSS 至少 3-RTT（TCP、TLS、WS），建议先排除线路问题

[RPRX]

虽然不确定是不是 WS 相关代码的问题，但 WSS 的 TLS 指纹问题必须要解决，鉴于现有 WSS 的 TLS 不太听话：

1. 考虑换个更高效、透明的 WS 库
2. 可以开始 WS 0-RTT 的研究
3. 可以引入 gRPC 方案如 https://github.com/Qv2ray/gun

[LearZhou]

老大是中意这个库吗？

https://github.com/nhooyr/websocket

还有这个可能差点：

https://github.com/gobwas/ws

[LearZhou]

根据这个站点的评估：

https://yalantis.com/blog/how-to-build-websockets-in-go/

好象是后面那个Gobwas库更好一些，是我错了。

[dotNetDR]

tfo你是打开还是关闭？我这关闭tfo后，failed to dial to错误减少了

[LearZhou]

多谢建言！我的tfo是默认配置，刚才将这个选项显示设置为false，错误仍未消除。

[dotNetDR]

试试升级到v1.2.4，我这里升级后，failed to dial to目前未发现报错
我场景是vless+tls+ws套了cf

[LearZhou]

升级了也有同样状况。

而且，发现用trojan + tls + ws + cdn，会有类似的log出现；那么，是否可以排除vless的问题，应该是websocket有改善空间？

[LearZhou]

内网测测试试

刚才在内网测试过了，用的Xray 1.2.4，仍然会出现错误信息，可以排除是线路问题了。

[LearZhou]

最后发现，可能是Firefox的问题，因为用Chrome或者IE，通过http入站，都没有这个问题。

[0-RTT]

我也遇到一样的情况，我直接没网。用的1.2.4的内核

[hkthomas]

同样问题，前几个版本也有出现，不过我用不用WS+TLS好像都会出现这个问题，跟楼上一样，访问特定站点会提示这个错误，但又能正常用。后端用vless-vmess-socks-trojan等都会有这个问题。

[Butterflyflower]

@hkthomas 来群里
https://t.me/projectXray

[LearZhou]

最新版1.3.0测试结果，显示在Mux模块未开启／加载的时候，这一log仍会出现；但在使用Mux并将并发数设置为1时，彻底消失。

很可能是1.3.0厘清了mux的一些问题造成使用mux时错误消失的结果；但是不应用mux的时候，走的另外一个程序执行路线分支仍然存在问题。

[hkthomas]

最新版1.3.0测试结果，显示在Mux模块未开启／加载的时候，这一log仍会出现；但在使用Mux并将并发数设置为1时，彻底消失。

很可能是1.3.0厘清了mux的一些问题造成使用mux时错误消失的结果；但是不应用mux的时候，走的另外一个程序执行路线分支仍然存在问题。

应该还是mux的问题，我试了之前的版本，只要开启mux无论并发数多少这个问题都不会出现。

[LearZhou]

之前版本开了mux程度会减轻，但是仍然会出现。只有1.3.0版本开了mux这个现象就彻底消失了（我只测试了并发数为1）。

现在是：不开mux的情况有待大侠们改善。

[KyonCN]

xray-core 1.3.0 vless ws tls cdn

1. 在mac+qv2ray 和 win+v2rayn下 socks5 inbound 不打开mux 没有任何问题 能跑满带宽
2. 在openwrt x64下 dokodemo-door inbound 就会碰到这个问题 油管速度只能跑到 桌面端的百分之一 断流严重 浏览页面响应倒是没问题
   关闭mux 报
   failed to dial to (wss://yourdomain/path)
   打开mux 报
   [Info] [2716992196] app/proxyman/inbound: connection ends > proxy/dokodemo: connection ends > proxy/dokodemo: failed to transport request > read tcp 127.0.0.1:1041->192.168.1.1:59194: read: connection reset by peer
   [Info] [310166995] common/mux: dispatching request to tcp:66.220.147.47:80
   [Info] [310166995] common/mux: failed to write first payload > io: read/write on closed pipe
   [Info] [2716992196] app/dispatcher: default route for tcp:104.244.43.104:80

客户端配置
"inbounds": [
{
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"port": 1041,
"protocol": "dokodemo-door",
"settings": {
"network": "tcp",
"followRedirect": true
}
}
]

[lw4free]

我在使用caddy+h2c+vless的时候也出现类似的问题，重连后正常。
客户端log:

2021/02/20 10:32:29 [Info] [2120708560] proxy/socks: TCP Connect request to tcp:r4---sn-n4v7sn7y.googlevideo.com:443
2021/02/20 10:32:29 [Info] [2120708560] app/dispatcher: sniffed domain: r4---sn-n4v7sn7y.googlevideo.com
2021/02/20 10:32:29 [Info] [2120708560] app/dispatcher: taking detour [proxy] for [tcp:r4---sn-n4v7sn7y.googlevideo.com:443]
2021/02/20 10:32:33 [Info] [2624684698] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > read tcp 192.168.199.208:9511->(ip:port): wsarecv: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
2021/02/20 10:32:33 [Info] [296648703] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > read tcp 192.168.199.208:9511->(ip:port): wsarecv: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
2021/02/20 10:32:33 [Info] [3956585266] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > read tcp 192.168.199.208:9511->(ip:port): wsarecv: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
2021/02/20 10:32:33 [Info] [534443944] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > read tcp 192.168.199.208:9511->(ip:port): wsarecv: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
2021/02/20 10:32:33 [Info] [296648703] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2021/02/20 10:32:33 [Info] [2642158265] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > read tcp 192.168.199.208:9511->(ip:port): wsarecv: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
2021/02/20 10:32:33 [Info] [534443944] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2021/02/20 10:32:33 [Info] [3956585266] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2021/02/20 10:32:33 [Info] [1678369129] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: connection ends > proxy/vless/outbound: failed to transfer response payload > read tcp 192.168.199.208:9511->(ip:port): wsarecv: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
2021/02/20 10:32:33 [Info] [1678369129] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2021/02/20 10:32:33 [Info] [2624684698] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2021/02/20 10:32:33 [Info] [2642158265] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2021/02/20 10:32:33 [Info] [2921849505] proxy/socks: TCP Connect request to tcp:r4---sn-a5mlrn7s.googlevideo.com:443
2021/02/20 10:32:33 [Info] [2921849505] app/dispatcher: sniffed domain: r4---sn-a5mlrn7s.googlevideo.com
2021/02/20 10:32:33 [Info] [2921849505] app/dispatcher: taking detour [proxy] for [tcp:r4---sn-a5mlrn7s.googlevideo.com:443]
2021/02/20 10:32:34 [Info] [1629325230] proxy/socks: TCP Connect request to tcp:alive.github.com:443
2021/02/20 10:32:34 [Info] [1629325230] app/dispatcher: sniffed domain: alive.github.com
2021/02/20 10:32:34 [Info] [1629325230] app/dispatcher: taking detour [proxy] for [tcp:alive.github.com:443]
2021/02/20 10:32:34 [Info] [2209735337] proxy/socks: TCP Connect request to tcp:r4---sn-n4v7sn7y.googlevideo.com:443
2021/02/20 10:32:34 [Info] [2209735337] app/dispatcher: sniffed domain: r4---sn-n4v7sn7y.googlevideo.com
2021/02/20 10:32:34 [Info] [2209735337] app/dispatcher: taking detour [proxy] for [tcp:r4---sn-n4v7sn7y.googlevideo.com:443]
2021/02/20 10:32:35 [Warning] [2921849505] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:(domain:port) > Put "https://(domain:port)/path": dial tcp: operation was canceled] > common/retry: all retry attempts failed
2021/02/20 10:32:35 [Info] [2921849505] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2021/02/20 10:32:36 [Warning] [1629325230] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:(domain:port) > Put "https://(domain:port)/path": dial tcp: operation was canceled] > common/retry: all retry attempts failed
2021/02/20 10:32:36 [Info] [1629325230] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2021/02/20 10:32:36 [Warning] [2209735337] app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/http: failed to dial to tcp:(domain:port) > Put "https://(domain:port)/path": dial tcp: operation was canceled] > common/retry: all retry attempts failed
2021/02/20 10:32:36 [Info] [2209735337] app/proxyman/inbound: connection ends > proxy/socks: connection ends > proxy/socks: failed to transport all TCP response > io: read/write on closed pipe

服务器没有任何log。

客户端使用v2rayN(4.12)+xray(1.3.0)，没有使用mux。
使用旁路由模式也会出现。
旁路使用xray(1.1.5)配置：

{
  "log": {
    "access": "/var/log/xray/access.log",
    "error": "/var/log/xray/error.log",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "tag": "socks",
      "listen": "127.0.0.1",
      "port": 1080,
      "protocol": "socks",
      "settings": {
        "udp": true
      }
    },
    {
      "tag": "transparent",
      "listen": "127.0.0.1",
      "port": 3128,
      "protocol": "dokodemo-door",
      "settings": {
        "network": "tcp,udp",
        "followRedirect": true
      },
      "streamSettings": {
        "sockopt": {
          "tproxy": "tproxy"
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "vless",
      "settings": {
        "vnext": [
          {
            "address": "vps",
            "port": port,
            "users": [
              {
                "id": "id",
                "encryption": "none"
              }
            ]
          }
        ]
      },
      "streamSettings": {
        "network": "h2",
        "security": "tls",
        "httpSettings": {
          "path": "/path",
          "host": [
            "domain"
          ]
        }
      },
      "mux": {
        "enabled": false,
        "concurrency": -1
      },
      "tag": "proxy"
    },
    {
      "protocol": "freedom",
      "tag": "direct"
    },
    {
      "protocol": "blackhole",
      "settings": {
        "response": {
          "type": "http"
        }
      },
      "tag": "block"
    }
  ],
  "routing": {
    "domainStrategy": "IPIfNonMatch",
    "rules": [
      {
        "type": "field",
        "domain": [
          "geosite:category-ads"
        ],
        "outboundTag": "block"
      },
      {
        "type": "field",
        "protocol": [
          "bittorrent"
        ],
        "outboundTag": "direct"
      },
      {
        "type": "field",
        "domain": [
          "geosite:cn"
        ],
        "outboundTag": "direct"
      },
      {
        "type": "field",
        "ip": [
          "geoip:private",
          "geoip:cn"
        ],
        "outboundTag": "direct"
      },
      {
        "type": "field",
        "network": "tcp,udp",
        "outboundTag": "proxy"
      }
    ]
  }
}

使用xtls时没有这种情况出现。

[LearZhou]

感谢开发团队的努力，在服务器和客户端都升级到1.3.1之后，即使在关闭mux的情况下，快速测试显示，类似的错误信息不再出现。

[RPRX]

@LearZhou 会吗。。

[LearZhou]

话说太早了，多测试一下，发现最终还是会出现。但是，似乎出现的频率已经有所减少了。

[LearZhou]

只等老大全面修复mux之后，再来测试确认一把。

[0-RTT]

v2fly/v2ray-core#572

4.34的v2ray貌似没有这个问题

[RPRX]

@xwwbest 这不是同一个问题