Avatar for Username

Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Learn More

Firefox on macOS not using default DNS resolver with DoH disabled

  • 4 trả lời
  • 0 gặp vấn đề này
  • 17 lượt xem
  • Trả lời mới nhất được viết bởi ben184

ben184
ben184
more options

Firefox does not appear to be using my Mac's default DNS resolver when DNS over HTTPS is disabled. Here is my setup:

- I'm using Firefox 124.0.2 on macOS Sonoma 14.4.1. - DNS over HTTPS is set to Off in Firefox. - My Mac is configured to use a DNS server that blocks some domains, such as facebook.com. I have confirmed that this is working correctly by using the dig tool on the commandline: "dig facebook.com" receives a "status: REFUSED" response with an empty A record. - When I navigate to facebook.com or other domains that should be blocked in Firefox, they are resolved. My expectation is that they should fail to load and a DNS error should be displayed.

What I've tried:

- Confirmed via GUI and about:config that DNS over HTTPS is completely disabled in Firefox. - Cleared Firefox DNS cache via about:networking. - Confirmed every way I know how that macOS is configured to use my custom DNS resolver and that the resolver is refusing queries for the specific domains I expect to be blocked.

I'd be grateful for any suggestions anyone can provide.

Firefox does not appear to be using my Mac's default DNS resolver when DNS over HTTPS is disabled. Here is my setup: - I'm using Firefox 124.0.2 on macOS Sonoma 14.4.1. - DNS over HTTPS is set to Off in Firefox. - My Mac is configured to use a DNS server that blocks some domains, such as facebook.com. I have confirmed that this is working correctly by using the dig tool on the commandline: "dig facebook.com" receives a "status: REFUSED" response with an empty A record. - When I navigate to facebook.com or other domains that should be blocked in Firefox, they are resolved. My expectation is that they should fail to load and a DNS error should be displayed. What I've tried: - Confirmed via GUI and about:config that DNS over HTTPS is completely disabled in Firefox. - Cleared Firefox DNS cache via about:networking. - Confirmed every way I know how that macOS is configured to use my custom DNS resolver and that the resolver is refusing queries for the specific domains I expect to be blocked. I'd be grateful for any suggestions anyone can provide.

Giải pháp được chọn

Thanks for your response, jscher2000. I actually had the exact same train of thought and tried the HTTP logging feature. However, it turns out that this is not a Firefox problem, but rather a misunderstanding on my part regarding Apple's iCloud Private Relay Feature. Firefox works as expected if I disable iCloud Private Relay and clear my machine's DNS cache.

I had mistakenly believed that iCloud Private Relay would only be used for DNS in Safari and other Apple-developed, Private-Relay-enabled apps. Thus, my assumption was that if I kept Private Relay enabled, cleared the machine's DNS cache, and then immediately requested a site in Firefox, my configured DNS server would be used. However, it appears that the Private Relay DNS system is still used to perform the DNS lookup in that scenario.

Đọc câu trả lời này trong ngữ cảnh 👍 0

Tất cả các câu trả lời (4)

zeroknight
zeroknight
more options

ben184 said
macOS is configured to use my custom DNS resolver

Support for platform-specific DNS APIs is currently being worked on in Nightly (Bug 1852752). The setting for this is network.dns.native_https_query in about:config.

Hữu ích?

ben184
ben184 Người tạo câu hỏi
more options

Thank you for your response. If I'm understanding that Bugzilla ticket that Bugzilla ticket correctly, it specifically relates to the task of resolving the "HTTPS" resource record type (as opposed to the "A" type, "AAAA" type, and so forth) without DoH. That seems like a different problem from what I'm experiencing.

My problem is that Firefox is not using my network connection's configured DNS server for basic A record resolution. Firefox does work as expected on a Windows machine on the same network.

Được chỉnh sửa bởi ben184 vào

Hữu ích?

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Hmm, I'm trying to figure out whether Firefox shows which DNS server it is using when it is NOT using DNS over HTTPS. (I'm not seeing it on about:networking#dns or about:networking#dnslookuptool. I don't see it in the log created according to https://developer.mozilla.org/docs/Mozilla/Debugging/HTTP_logging.)

I assume your Firefox is not using a proxy server or VPN, which might bypass system resolution.

Hữu ích?

ben184
ben184 Người tạo câu hỏi
more options

Giải pháp được chọn

Thanks for your response, jscher2000. I actually had the exact same train of thought and tried the HTTP logging feature. However, it turns out that this is not a Firefox problem, but rather a misunderstanding on my part regarding Apple's iCloud Private Relay Feature. Firefox works as expected if I disable iCloud Private Relay and clear my machine's DNS cache.

I had mistakenly believed that iCloud Private Relay would only be used for DNS in Safari and other Apple-developed, Private-Relay-enabled apps. Thus, my assumption was that if I kept Private Relay enabled, cleared the machine's DNS cache, and then immediately requested a site in Firefox, my configured DNS server would be used. However, it appears that the Private Relay DNS system is still used to perform the DNS lookup in that scenario.

Hữu ích?

Đặt một câu hỏi

Bạn phải đăng nhập vào tài khoản của bạn để trả lời bài viết. Vui lòng bắt đầu một câu hỏi mới, nếu bạn chưa có tài khoản.