X
Нажмите здесь, чтобы перейти на мобильную версию сайта.

Форум поддержки

DNS over HTTPS and hosts file usage

Размещено

How does DNS over HTTPS modes define usage of hosts file?

Firefox: 69.0, OS: Ubuntu 18.04.3

I noticed that when I enable DNS over HTTPS ("network.trr.mode" set to 2 - use DoH, fall back to DNS), *and* hostname is defined in hosts file (/etc/hosts), Firefox usage of hosts file is inconsistent and hard to predict.

If IPs defined in hosts file and obtained via DNS request differ, corresponding site/resources behaves erratically, as if Firefox chooses at random, which page components' DNS address should be resolved via hosts, and which via DoH.

I had to disable DoH for that reason.

It is possible to set up DoH, so that it used hosts records, if present, and used DNS in all other cases?

How does DNS over HTTPS modes define usage of hosts file? Firefox: 69.0, OS: Ubuntu 18.04.3 I noticed that when I enable DNS over HTTPS ("network.trr.mode" set to 2 - use DoH, fall back to DNS), *and* hostname is defined in hosts file (/etc/hosts), Firefox usage of hosts file is inconsistent and hard to predict. If IPs defined in hosts file and obtained via DNS request differ, corresponding site/resources behaves erratically, as if Firefox chooses at random, which page components' DNS address should be resolved via hosts, and which via DoH. I had to disable DoH for that reason. It is possible to set up DoH, so that it used hosts records, if present, and used DNS in all other cases?
Цитата

Дополнительные сведения о системе

Установленные плагины

OpenH264 Video Codec provided by Cisco Systems, Inc.

Приложение

  • User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0

Дополнительная информация

jscher2000
  • Top 10 Contributor
8695 решений 71080 ответов
Размещено

It's puzzling that you get inconsistent results. Could it be due to cached DNS resolutions? Because otherwise it sounds as though Firefox is using the race mode (mode 1) instead of the fallback mode (mode 2):

  • 0 - local only, DoH off by default (current setting)
  • 1 - query DoH and local, use first available
  • 2 - query DoH first, fallback to local (checkbox in options)
  • 3 - query DoH only, do not use local (most private?)
  • 4 - use local but test DoH performance (temporary??)
  • 5 - local only, DoH off by user choice (won't be overridden??)

From: https://daniel.haxx.se/blog/2018/06/03/inside-firefoxs-doh-engine/

As far as I know, what you want is not an option, but I'm relying on the older definitions from the above blog post.

It's puzzling that you get inconsistent results. Could it be due to cached DNS resolutions? Because otherwise it sounds as though Firefox is using the race mode (mode 1) instead of the fallback mode (mode 2): * '''0''' - local only, DoH off by default (current setting) * '''1''' - query DoH ''and'' local, use first available * '''2''' - query DoH first, fallback to local ''(checkbox in options)'' * '''3''' - query DoH only, do not use local (most private?) * '''4''' - use local but test DoH performance (temporary??) * '''5''' - local only, DoH off by user choice (won't be overridden??) From: https://daniel.haxx.se/blog/2018/06/03/inside-firefoxs-doh-engine/ As far as I know, what you want is not an option, but I'm relying on the older definitions from the above blog post.
Помогла ли вам это?
Цитата

Задавший вопрос

I will try with

network.dnsCacheExpiration

set to 0 (if I understand your question correctly).

Pity the hosts file isn't taken into account as separate resolution means. In my case, when I need hosts-based IPs in certain circumstances, that means I should use a separate browser.

I will try with network.dnsCacheExpiration set to 0 (if I understand your question correctly). Pity the hosts file isn't taken into account as separate resolution means. In my case, when I need hosts-based IPs in certain circumstances, that means I should use a separate browser.
Помогла ли вам это?
Цитата
Задать вопрос

Для ответа на сообщения вы должны войти в свою учётную запись. Пожалуйста, задайте новый вопрос, если у вас ещё нет учётной записи.