github.com/imannamdari/v2ray-core/v5@v5.0.5/README.md (about) 1 # V2RAY with ECH support 2 This is an experimental project that adds ECH support to [v2ray project](https://github.com/v2fly/v2ray-core). 3 4 If your domain is behind a CDN and has been censored, you can use this project to bypass it. 5 Currently this project only supports Cloudflare CDN. 6 7 There are two steps that your domain send in plain text: In DNS query and TLS handshake. 8 For concealing the domain in DNS query, you can use DNS over HTTPS or hardcode the ip of your domain (which is the CDN IP) in /ets/hosts. 9 For concealing the domain in TLS handshake, you should use ECH. 10 ECH is an approach that can hide SNI or other critical info in TLS handshake. You can learn more about ECH [here](https://blog.cloudflare.com/handshake-encryption-endgame-an-ech-update). 11 12 # How to Build 13 You should use [cloudflare golang](https://github.com/cloudflare/cloudflare-go) for building the project. 14 Which it supports ECH for TLS handshake. 15 16 Just clone the project, build it and replace your `/usr/local/go` folder with that. 17 Something like scripts below: 18 ```bash 19 git clone https://github.com/cloudflare/cloudflare-go go && cd go/src 20 ./all.bash 21 ``` 22 And then copy this `go` directory to your `/usr/local/go` 23 24 After installing cloudflare golang, you can build this project. Somthing like below scripts: 25 ```bash 26 git clone https://github.com/imannamdari/v2ray-core.git && cd v2ray-core 27 go build -o v2ray ./main/main.go 28 ``` 29 30 # How to Use 31 Build the project or download the binary. Append these below configs to your `tlsSettings` (in v4 v2ray config) or `securitySettings` (in v5 v2ray config): 32 33 v5 config: 34 ```json 35 "securitySettings": { 36 "serverName": "your-domain.com", 37 "enableEch": true, 38 "echSetting": { 39 "dnsAddr": "1.1.1.1:53" 40 } 41 } 42 ``` 43 v4 config: 44 ```json 45 "tlsSettings": { 46 "serverName": "your-domain.com", 47 "enableEch": true, 48 "echSetting": { 49 "dnsAddr": "1.1.1.1:53" 50 } 51 } 52 ``` 53 54 By default this project use `127.0.0.1:53` for dns lookup. (in the case you want to use DNS over HTTPS) This lookup is only used for getting ECH keys and will not be used for other dns lookups. You can change this dns addr with `echSetting` config.