Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Configured DNS over HTTPS, but DNS is still coming from my ISP

  • 1 baphendule
  • 2 zinale nkinga
  • 63 views
  • Igcine ukuphendulwa ngu TyDraniu

more options

I have configured Firefox (version 74.0 for Mac) for DNS over HTTPS with Cloudflare (see image 1). But if I enter a domain that does not exist, I get a branded page from my ISP, Verizon, that says the domain does not exist (see image 2). So apparently Verizon is still responding to my DNS requests, not Cloudflare over HTTPS. Any idea what's up? Thanks.

Ama-screenshot ananyekiwe

Isisombululo esikhethiwe

Right, when a page does not exist (or Firefox fails to resolve a domain via DoH), there is a fallback to the system DNS.

To change it, enter about:config in the url bar and set network.trr.mode = 3

  • 0 - Off (default). use standard native resolving only (don't use TRR at all)
  • 1 - Reserved (used to be Race mode)
  • 2 - First. Use TRR first, and only if the name resolve fails use the native resolver as a fallback.
  • 3 - Only. Only use TRR, never use the native resolver.
    • Up to FF >= 73, this mode also requires the bootstrapAddress pref to be set.
    • Starting with Firefox 74, setting the bootstrap address is no longer mandatory - the browser will simply bootstrap itself using regular DNS, unless the DoH server domain can't be resolved.
  • 4 - Reserved (used to be Shadow mode)
  • 5 - Off by choice. This is the same as 0 but marks it as done by choice and not done by default.
Funda le mpendulo ngokuhambisana nalesi sihloko 👍 1

All Replies (1)

more options

Isisombululo Esikhethiwe

Right, when a page does not exist (or Firefox fails to resolve a domain via DoH), there is a fallback to the system DNS.

To change it, enter about:config in the url bar and set network.trr.mode = 3

  • 0 - Off (default). use standard native resolving only (don't use TRR at all)
  • 1 - Reserved (used to be Race mode)
  • 2 - First. Use TRR first, and only if the name resolve fails use the native resolver as a fallback.
  • 3 - Only. Only use TRR, never use the native resolver.
    • Up to FF >= 73, this mode also requires the bootstrapAddress pref to be set.
    • Starting with Firefox 74, setting the bootstrap address is no longer mandatory - the browser will simply bootstrap itself using regular DNS, unless the DoH server domain can't be resolved.
  • 4 - Reserved (used to be Shadow mode)
  • 5 - Off by choice. This is the same as 0 but marks it as done by choice and not done by default.

Okulungisiwe ngu TyDraniu

Helpful?

Buza umbuzo

Kufanele ulogele ukungena ku-akhawunti yakho ukuze uphendule amaphosti. Uyacelwauqale umbuzo omusha, uma ungekabi nayo i-akhawunti namanje.