Clash Verge Rev + Wireguard + WSTunnel Stable Configuration Practice (based on MetacubeX Minimalist Model)
⚠️ Experimental description (important)
This article records a personal Clash Verge Rev + Wireguard + Wstunnel + MetaCubex dataset The configuration refactoring process in the environment.
This content is an experimental technical exploration:
- Not guaranteed to apply to all network environments
- It is not recommended to directly copy for production or critical business
- Mainly used to verify the feasibility of the ‘simplified rule model’
The network environment, DNS behavior and VPS line quality in different regions will affect the final effect.
1. Background: From ‘usable’ to ‘unstable’
The initial goal is simple:
Build a stable and available cross-platform proxy solution (Windows + Ubuntu + Android)
The technology portfolio includes:
- Clash Verge Rev
- WireGuard (ZGoCloud)
- wstnnel
- Custom DNS Fallback
- GeoSite + GeoIP rule system
❌ Initial problem performance
In the long-term use process, there are some typical problems:
- Domestic websites are occasionally unavailable, and they can be restored after a delay of dozens of seconds.
- Google Play app update exception
- Thunderbird mail failed to send
- Different devices behave inconsistently (Ubuntu/Android)
2. Problem analysis: typical side effects of complex systems
There are three main sources of final positioning problem:
1. The DNS system is too complex
Include:
- fallback dns
- fallback-filter
- proxy dns
- doh / dot mix
result in the result:
The results of the same domain name are resolved at different times at different times
2. The rule system is too refined
For example:
- Google/Youtube separate rules
- CDN forced shunt
- SMTP port rules
- cn domain name + geoip double judgment
The problem is:
There is a priority conflict between rules, and the behavior is unpredictable
3. Mix of TUN / System Agents
Also exists:
- system dns
- Clash DNS
- Wireguard DNS
Form a multi-layer network path:
Network request path is uncontrollable
Reconstructing the MetaCubex model
Reference for this reconstructed core:
MetaCubex geosite.dat + geoip.dat
Core idea:
用“地理归类”替代“手工规则维护”
4. Status update (important)
Special instructions are required:
👉 All the above problems have been solved in subsequent configuration adjustments
The current system running status is stable:
- Domestic visits are normal
- google play normal
- Mail is sent normally
- Consistent behavior of the network
The first half of this article is a ‘problem evolution record’ and does not represent the current state.
5. Final plan: minimal and stable model (experimental version)
✔ Architecture
Clash Verge Rev (TUN)
↓
WireGuard
↓
Wstunnel
↓
VPS
✔ Core principles
- ❌ Do not maintain DNS rules
- ❌ Don’t use Fallback DNS
- ❌ Don’t do google / youtube fine shunt
- ❌ Do not mix system agents
✔ Final configuration (extended overwrite)
# ==============================================
# ZgoCloud + Wstunnel + WireGuard
# MetaCubeX 极简稳定版 v1 (clean)
#
# 特点:
# - 不使用 DNS 覆写(交给 Verge)
# - 不使用 SMTP / Google / YouTube 特殊规则
# - 基于 GEOSITE + GEOIP
# - 结构最小化,便于排错
# ==============================================
profile:
store-selected: true
# ==============================================
# WireGuard(代理入口)
# ==============================================
proxies:
- name: ZgoCloud-WG
type: wireguard
server: 127.0.0.1
port: 51820
ip: xxx
public-key: xxx
private-key: xxx
pre-shared-key: xxx
udp: true
mtu: 1280
# ==============================================
# 代理组
# ==============================================
proxy-groups:
- name: Proxy
type: select
proxies:
- ZgoCloud-WG
- DIRECT
# ==============================================
# 分流规则(核心简化版)
# ==============================================
rules:
# ------------------------------
# Wstunnel 服务器直连(避免回环)
# ------------------------------
- IP-CIDR,154.21.196.249/32,DIRECT,no-resolve
# ------------------------------
# 本地 / 私有网络
# ------------------------------
- GEOSITE,private,DIRECT
- GEOIP,private,DIRECT,no-resolve
# ------------------------------
# 中国大陆直连
# ------------------------------
- GEOSITE,cn,DIRECT
- GEOIP,CN,DIRECT,no-resolve
# ------------------------------
# 非中国大陆全部走代理
# ------------------------------
- GEOSITE,geolocation-!cn,Proxy
# ------------------------------
# 默认兜底
# ------------------------------
- MATCH,Proxy
6. How to use (key)
In Clash Verge Rev:
- ✔ Turn on TUN mode (GUI)
- ❌ No longer use system proxy
- ✔ Use the MetaCubex database (built by default)
Seven, the effect changes
After refactoring, the system behavior becomes:
中国流量 → DIRECT
海外流量 → Proxy
✔ Improve point
- Domestic websites are no longer randomly stuck
- DNS behavior is stable and consistent
- Uniform multi-device behavior
- The complexity of the investigation has dropped significantly
✔ Improved maintainability
There are only three types of questions left:
- wireguard
- tun
- VPS network quality
8. The direction of subsequent optimization
The current solution is ‘baseline stable version’, which can be gradually expanded in the future:
- Google / GitHub fine rules
- AI Service Optimization
- ad filter
- CDN acceleration policy
Recommended principles:
First run for 1-2 weeks, and then gradually add rules
9. Summary
The core changes of this reconstruction are:
From ‘Rule-Driven Networks’ → ‘Model-Driven Networks’
The end goal is not ‘the rules are more refined’, but:
The network behavior is more stable, predictable and easier to maintain
