github.com/imannamdari/v2ray-core/v5@v5.0.5/README.md (about)

     1  # V2RAY with ECH support
     2  This is an experimental project that adds ECH support to [v2ray project](https://github.com/v2fly/v2ray-core).
     3  
     4  If your domain is behind a CDN and has been censored, you can use this project to bypass it.
     5  Currently this project only supports Cloudflare CDN.
     6  
     7  There are two steps that your domain send in plain text: In DNS query and TLS handshake.
     8  For concealing the domain in DNS query, you can use DNS over HTTPS or hardcode the ip of your domain (which is the CDN IP) in /ets/hosts.
     9  For concealing the domain in TLS handshake, you should use ECH.
    10  ECH is an approach that can hide SNI or other critical info in TLS handshake. You can learn more about ECH [here](https://blog.cloudflare.com/handshake-encryption-endgame-an-ech-update).
    11  
    12  # How to Build
    13  You should use [cloudflare golang](https://github.com/cloudflare/cloudflare-go) for building the project.
    14  Which it supports ECH for TLS handshake.
    15  
    16  Just clone the project, build it and replace your `/usr/local/go` folder with that.
    17  Something like scripts below:
    18  ```bash
    19  git clone https://github.com/cloudflare/cloudflare-go go && cd go/src
    20  ./all.bash
    21  ```
    22  And then copy this `go` directory to your `/usr/local/go`
    23  
    24  After installing cloudflare golang, you can build this project. Somthing like below scripts:
    25  ```bash
    26  git clone https://github.com/imannamdari/v2ray-core.git && cd v2ray-core
    27  go build -o v2ray ./main/main.go
    28  ```
    29  
    30  # How to Use
    31  Build the project or download the binary. Append these below configs to your `tlsSettings` (in v4 v2ray config) or `securitySettings` (in v5 v2ray config):
    32  
    33  v5 config:
    34  ```json
    35  "securitySettings": {
    36      "serverName": "your-domain.com",
    37      "enableEch": true,
    38      "echSetting": {
    39          "dnsAddr": "1.1.1.1:53"
    40      }
    41  }
    42  ```
    43  v4 config:
    44  ```json
    45  "tlsSettings": {
    46      "serverName": "your-domain.com",
    47      "enableEch": true,
    48      "echSetting": {
    49          "dnsAddr": "1.1.1.1:53"
    50      }
    51  }
    52  ```
    53  
    54  By default this project use `127.0.0.1:53` for dns lookup. (in the case you want to use DNS over HTTPS) This lookup is only used for getting ECH keys and will not be used for other dns lookups. You can change this dns addr with `echSetting` config.