Closed Bug 1573243 Opened 6 years ago Closed 6 years ago

can't access http://www.skr.mlit.go.jp/ with DoH

Categories

(Core :: Networking: DNS, defect)

Product:
Core
Component:
Networking: DNS
Version:
69 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: nolamiller1203+bugzilla, Unassigned)

Details

Attachments

(3 files)

screenshot
60.91 KB, image/png
Details
Capture bug 1573243 DoH.JPG
152.22 KB, image/jpeg
Details
screenshot20190816
94.96 KB, image/png
Details
Attached image screenshot

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Steps to reproduce:

acccess to http://www.skr.mlit.go.jp/ with DoH

network.trr.bootstrapAddress = 1.1.1.1
network.trr.mode = 3
network.trr.uri = https://mozilla.cloudflare-dns.com/dns-query
network.security.esni.enabled = true
Firefox 69.0b12

Actual results:

Server not found.

Expected results:

open http://www.skr.mlit.go.jp/

DoH query results from command line on WSL on Windows 10.

$ cat mozilla.sh
#!/bin/sh

FQDN=www.skr.mlit.go.jp
URI=https://mozilla.cloudflare-dns.com/dns-query
curl -H 'accept: application/dns-json' "$URI?name=$FQDN&type=A"
echo
$ ./mozilla.sh
{"Status": 2,"TC": false,"RD": true, "RA": true, "AD": false,"CD": false,"Question":[{"name": "www.skr.mlit.go.jp.", "type": 1}]}
$

Hi Walter,

I configured the DoH settings described and I was able to load the site http://www.skr.mlit.go.jp/by using the latest Firefox Nightly 70.0a1 (2019-08-16) (64-bit) (I'm attaching a screenshot).

Could you please verify if you can also access the page using the latest Nightly version? You can download it from here: https://nightly.mozilla.org/, and share the results with us.

If you still have the issue please create a new profile, you have the steps here:https://support.mozilla.org/en-US/kb/profile-manager-create-and-remove-firefox-profiles?redirectlocale=en-US&redirectslug=Managing-profiles#w_starting-the-profile-manager

Thanks for your report.

Flags: needinfo?(nolamiller1203+bugzilla)
Component: Untriaged → Networking: DNS
Product: Firefox → Core

Unfortunately, still happened.
Firefox Nightly 70.0a1 (2019-08-16) + brand new profile

Flags: needinfo?(nolamiller1203+bugzilla)
Attached image screenshot20190816

Hi Walter,

I'm sorry to hear that. We'd need more information from you so we can investigate what's going on.

  • Can you please give us the exact steps you do so we can try to reproduce the issue?
  • Are you using any proxy or connecting from any country that may have any restrictions over that site?
  • Are you able to access other kinds of sites with the above mentioned DoH settings?

Thanks,

Flags: needinfo?(nolamiller1203+bugzilla)
Type: enhancement → defect

Reproduce steps.
o Install Nightly 79.0a1 (2019-08016)
o create brand new profile "Nightly Test"
o launch Nightly "C:\Program Files\Firefox Nightly\firefox.exe" -no-remote -P "Nightly Test"
o go to "about:config"
o set
network.trr.bootstrapAddress = 1.1.1.1
network.trr.mode = 3
network.trr.uri = https://mozilla.cloudflare-dns.com/dns-query
network.security.esni.enabled = true
o restart Nightly
o go to https://www.cloudflare.com/ssl/encrypted-sni/
o confirm all ok, Secure DNS, DNSSEC, TLS1.3, Encrypted SNI
o go to http://www.skr.mlit.go.jp/
o BOOM! "We're having trouble that site" show up.

Are you using any proxy or connecting from any country that may have any restrictions over that site?
I live in Japan. I am accessing from Japan to http://www.skr.mlit.go.jp/ over DoH.
I don't use proxy.

Any other sites is good. ex. https://www.google.com/ and https://www.yahoo.co.jp/ are accessible over DoH.
and I also can access http://www.skr.mlit.go.jp/ without DoH.
I can't access http://www.skr.mlit.go.jp/ only with DoH only.

Command line check is still failed.

$ cat mozilla.sh
#!/bin/sh

FQDN=www.skr.mlit.go.jp
URI=https://mozilla.cloudflare-dns.com/dns-query
curl -H 'accept: application/dns-json' "$URI?name=$FQDN&type=A"
echo
$ ./mozilla.sh
{"Status": 2,"TC": false,"RD": true, "RA": true, "AD": false,"CD": false,"Question":[{"name": "www.skr.mlit.go.jp.", "type": 1}]}
$

Flags: needinfo?(nolamiller1203+bugzilla)

"Status": 2 = SERVFAIL RCODE:2 Server failed to complete the DNS request

The problem is not our side, it's CF that can't from some reason resolve the host, probably a geolocation problem.

Note that in central europe I get:

{"Status": 0,"TC": false,"RD": true, "RA": true, "AD": false,"CD": false,"Question":[{"name": "www.skr.mlit.go.jp.", "type": 1}],"Answer":[{"name": "www.skr.mlit.go.jp.", "type": 1, "TTL": 0, "data": "203.139.202.147"}]}
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: