Reality直连协议搭配

前篇-Xray服务端安装

非常适合线路好的服务器直连

(xray的多路复用为mux.cool，mihomo的为smux，不能搭配，而且flow又无法搭配mux，这里就不搞了)

Reality#

通常搭配：VLESS/Reality/RAW/flow

即隧道层VLESS，外层安全层Reality，内层传输层原生RAW，内层加密层Encryption(这里是none)。

*Reality外层安全就已经足够可靠，可以不加enc

Vision Flow#

Reeality+raw传输 (必须)搭配Flow
Vless encryption+raw传输(必须)搭配flow

Reality上可避免TLS in TLS问题；vless enc可实现在内核中对拷数据

TiT：TLS in TLS,在TLS流量隧道中传输TLS流量,比如访问网页流量

Flow的作用#

Vision，flow，XTLS应该是一个意思了吧，在不同的发展时期表示的意义不一样，所以多个称呼

Reality上避免TLS in TLS问题
对VLESS外层安全进行TLS填充，消除流量特征
在VLESS-Encryption-RAW搭配中触发Splice,提升性能

Reality Dest#

Reality所“借用”的目标网站，应当满足要求TLS1.3，x25519MLKEM768

某视频网站CDN，游戏下载服务CDN等等

通过 xray tls ping <domain> 来检查目标域名是否符合要求;取servername填写"serverNames": []

target旧称dest，"target": "example.com:443"

推荐的域名:

1
valorant.secure.dyn.riotcdn.net
2
fastcdn.hoyoverse.com
3
lol.dyn.riotcdn.net
4
endfield.gryphline.com
5
lolesports.com

VLESS-Reality-Vision-RAW#

准备几个必要的参数

uuid：通过xray uuid 生成
private key：运行xray x25519 取private key
public key:(客户端)密码，同上取password
16位16进制的short-id

以下搭配为 VLESS-Reality-RAW-Vision，需要关注的地方在//注释位置

1
{
2
    "log": {
3
        "loglevel": "none"
4
    },
5
    "inbounds": [
6
        {
7
            "port": 443, //端口号
8
            "protocol": "vless",
9
            "settings": {
10
                "clients": [
11
                    {
12
                        "id": "uuid",//运行xray uuid生成
13
                        "flow": "xtls-rprx-vision" //flow必填
14
                    }
15
                ],
16
                "decryption": "none"
17
            },
18
            "streamSettings": {
19
                "network": "raw",
20
                "security": "reality",
21
                "realitySettings": {
22
                    "target": "example.com:443", //目标网站
23
                    "serverNames": [
24
                        "example.com" //符合证书的server name，通过xray tls ping <domain>确定
25
                    ],
26
                    "privateKey": "", //运行xray x25519
27
                    "shortIds": [
28
                        "", //16位16进制数(0-f)
29
                    ]
30
                }
31
            },
32
            "sniffing": {
33
                "enabled": true,
34
                "destOverride": [
35
                    "http",
36
                    "tls",
37
                    "quic"
38
                ],
39
                "routeOnly": true
40
            }
41
        }
42
    ],
43
    "outbounds": [
44
        {
45
            "protocol": "freedom",
46
            "tag": "direct"
47
        }
48
    ]
49
}

放在 /usr/local/etc/xray/config.json，随后重启xray systemctl restart xray

Mihomo客户端#

1
proxies:
2
  - name: "🇺🇸US-Reality"
3
    type: "vless"
4
    server: "server_ip"
5
    port: 443
6
    uuid: "uuid"
7
    tls: true
8
    udp: true
9
    servername: "<servername>"
10
    flow: "xtls-rprx-vision"
11
    client-fingerprint: "chrome"
12
    skip-cert-verify: false
13
    network: "tcp"
14
    reality-opts:
15
      public-key: "pub key"
16
      short-id: ""

AD#

【Akile】大宽带/流媒体解锁/落地机注册链接注册 non-aff

【Vmiss】美西/三网优化/CN2GIA/原生IP/月付25CNY 注册链接注册 non-aff