Closed Bug 1609395 Opened 4 years ago Closed 4 years ago

DNS request are still captured while trr mode 3 is enabled

Categories

(Core :: Networking: DNS, defect, P1)

73 Branch
defect

Tracking

()

RESOLVED INVALID

People

(Reporter: dcicas, Assigned: valentin)

Details

(Whiteboard: [trr][mode3])

Attachments

(1 file)

Affected versions

  • Fx 73.0b5

Affected platforms

  • Windows 10 x64

Steps to reproduce

  1. Launch Firefox.
  2. Go to about:config.
  3. Change the network.trr.mode value to 3 and add the "network.trr.bootstrapAddress" with 104.16.248.249 value.
  4. Restart Firefox.
  5. Open Wireshark.
  6. Click on "Apply a display filter.." and write "dns" then click Enter.
  7. Search something in Firefox. (e.g netflix.com)

Expected result

  • No dns requests to netflix.com appear.

Actual result

  • All dns requests for netflix.com are captured in wireshark.

Additional notes
Here is the link to the wireshark capture https://send.firefox.com/download/daa559cb8915ff04/#x9-t8VgfuWgloYIt1zFAYQ
This issue occurs intermittently.

Thanks for the report.
Is there a chance you could get some HTTP logs when reproducing? (note that if it's intermittent, it may not happen, but it's worth to try)
https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging

Assignee: nobody → valentin.gosu
Component: Security → Networking: DNS
Flags: needinfo?(daniel.cicas)
Priority: -- → P1
Product: Firefox → Core
Whiteboard: [trr] → [trr][mode3]

Here are the HTTP logs https://drive.google.com/file/d/12mjtx9wLWqUrreGkiQ_ktFxcVmIPXiwg/view?usp=sharing . Websites visited: reddit.com, netflix.com and diablo4.blizzard.com

Flags: needinfo?(daniel.cicas) → needinfo?(valentin.gosu)

Thank you, Daniel. I've looked through everything, and I can't really make sense of it.

Are you sure you also visited diablo4.blizzard.com ? Because I don't see it in the logs.
Also, looking at the gif in comment 0, there seems to be a certain delay between you opening the reddit page, and the DNS response showing in Wireshark. I would expect it to be the other way around.
The logs don't show Firefox using DNS at all. So there are a few possibilities here:

  1. We are doing DNS resolution via another codepath
  2. The DNS requests were made by a different application on the PC that happened to match the contents (possible if you had other firefox instances open with similar domains or other browsers. I'm also curious if you have any proxies set up on your PC, or any anti-virus solutions - it's possible that they might be intercepting some of the requests and doing the resolution in parallel. )

Daniel, could you try to reproduce yet again, but this time with both logging and recording active at the same time (and all other applications closed if possible). Also please attach the contents of about:support

Note: Even on my PC I do see a DNS resolution for incoming.telemetry.mozilla.org when shutting down. I assume that's sent by this process here

Flags: needinfo?(valentin.gosu) → needinfo?(daniel.cicas)

Hi Valentin!

So I checked again this time only Firefox was running and only visited one website so that the logs are a bit smaller. As far as the proxy question is concerned the only proxy I think we have is our company proxy but on Ubuntu and Mac OS no DNS requests appear and they are on the same network.

Here are the logs and the about:support:
https://drive.google.com/open?id=1iaLU2_F5nihZRCEPeokZlN2iNffpWk3e

https://drive.google.com/open?id=1P2liHhy77gVrow75evCp9bSBcsOMDguu

https://docs.google.com/document/d/1EZ8tHU0seXKm392CfpMTgz8dnefoWBm_QSF4ItIXonE/edit?usp=sharing

If you need anything else please feel free to ask.

Flags: needinfo?(daniel.cicas) → needinfo?(valentin.gosu)

After talking to Daniel today it seems the wireshark requests are caused by the local proxy.
I have looked at the logs as well and I haven't found any instances of us calling getaddrinfo.
It seems we can close this.

Thanks Daniel!

Status: NEW → RESOLVED
Closed: 4 years ago
Flags: needinfo?(valentin.gosu)
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.