3.3 KiB
VLESS
::: danger Currently, VLESS does not provide built-in encryption. Please use it with a reliable channel, such as TLS. :::
VLESS is a stateless lightweight transport protocol that consists of inbound and outbound parts. It can serve as a bridge between Xray clients and servers.
Unlike VMess, VLESS does not rely on system time. The authentication method is still UUID-based.
InboundConfigurationObject
{
"clients": [
{
"id": "5783a3e7-e373-51cd-8642-c83782b807c5",
"level": 0,
"email": "love@xray.com",
"flow": "xtls-rprx-vision"
}
],
"decryption": "none",
"fallbacks": [
{
"dest": 80
}
]
}
clients
: [ ClientObject ]
An array representing a group of users approved by the server.
Each item in the array is a user ClientObject.
decryption
: "none"
Currently, you need to specify "none"
. It cannot be left empty. If the decryption
value is not set correctly, you will receive an error message when using Xray or -test
.
Note that decryption
is at the same level as clients
. The placement of decryption
is different from the encryption
in the vmess protocol because if there is a layer of agreed encryption, the server needs to decrypt it first to know which user it belongs to.
fallbacks
: [ FallbackObject ]
An array that contains a series of powerful fallback configurations (optional). The specific configuration for fallbacks
can be found in the FallbackObject documentation.
ClientObject
{
"id": "5783a3e7-e373-51cd-8642-c83782b807c5",
"level": 0,
"email": "love@xray.com",
"flow": "xtls-rprx-vision"
}
id
: string
The user ID for VLESS. It can be any string less than 30 bytes or a valid UUID. Custom strings and their corresponding UUIDs are equivalent, which means you can use either of the following in the configuration file to identify the same user:
"id": "我爱🍉老师1314"
"id": "5783a3e7-e373-51cd-8642-c83782b807c5"
(This UUID is the mapping of the string "我爱 🍉 老师 1314")
The mapping standard is described in the VLESS UUID Mapping Standard: Mapping a Custom String to a UUIDv5.
You can use the command xray uuid -i "custom string"
to generate the UUID corresponding to a custom string.
You can also use the command
xray uuid
to generate a random UUID.
level
: number
The user level that the connection will use to determine the corresponding Local Policy.
The value of level
corresponds to the value of level
in the policy. If not specified, the default value is 0.
User email address used to differentiate traffic from different users (reflected in logs and statistics).
flow
: string
Flow control mode used to select the XTLS algorithm.
Currently, the following flow control modes are available for inbound protocols:
- No
flow
, empty string, ornone
: Use regular TLS proxy. xtls-rprx-vision
: Use the new XTLS mode, including inner-handshake random padding.
Additionally, XTLS currently only supports TCP, mKCP, and DomainSocket as transport methods.