最近看到xray着重更新了quic，也了解到quic协议的优越性，于是想着手配置使用看看，结果性能出乎我的意料，在此记录下

我使用了dns解锁，所以配置sniffing识别流量，这个可以不用
8443端口是nginx的http3端口，建议用443或者8443
Quic 内部强制使用 TLS，所以需要真实证书
Quic 采用 UDP 传送流量可以规避tcp重置攻击

{
    "log": {
        "loglevel": "warning"
    },
    "inbounds": [
        {
            "port": 8443,
            "protocol": "vless",
            "sniffing": {
                "enabled": true,
                "destOverride": [
                    "http",
                    "tls"
                ]
            },
            "settings": {
                "clients": [
                    {
                        "id": "保密",
                        "level": 0,
                        "email": "a@qq.com"
                    }
                ],
                "decryption": "none"
            },
            "streamSettings": {
                "network": "quic",
                "quicSettings": {
                    "security": "none",
                    "key": "",
                    "header": {
                        "type": "none"
                    }
                },
                "security": "tls",
                "tlsSettings": {
                    "certificates": [
                        {
                            "certificateFile": "fullchain.pem",
                            "keyFile": "privkey.pem"
                        }
                    ],
                    "rejectUnknownSni": true
                }
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom",
            "settings": {}
        },
        {
            "tag": "stream",
            "sendThrough": "0.0.0.0",
            "protocol": "socks",
            "settings": {
                "servers": [
                    {
                        "address": "tw5.dnsunlock.com",
                        "port": 10005,
                        "users": []
                    }
                ]
            }
        }
    ],
    "routing": {
        "domainStrategy": "AsIs",
        "rules": [
            {
                "type": "field",
                "domains": [
                    "geosite:netflix"
                ],
                "outboundTag": "stream"
            }
        ]
    }
}{}

配置完成之后，openWrt软路由下，性能提升非常明显