Closed Bug 1605775 Opened 4 years ago Closed 4 years ago

ESNI: Repeated DNS lookups over DoH

Categories

(Core :: Networking, defect, P3)

Product:
Core
Component:
Networking
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1618173

People

(Reporter: wthayer, Unassigned)

References

Details

(Whiteboard: [necko-triaged][trr])

NextDNS reported the following issue, presumably when DoH is enabled with NextDNS as the TRR:

When ESNI is enabled, we noticed that Firefox keep querying the TXT _esni.trr.dns.nextdns.io record for mostly every DNS query performed. We obviously don’t have anything for this record, so we send back a NXDOMAIN, but Firefox seems be unable to remember that ESNI does not work with this hostname.

Note that this started with the 72, 71 did not expose this behavior.

Valentin, can you please have a look at this bug?

Flags: needinfo?(valentin.gosu)
Priority: -- → P2
Whiteboard: [necko-triaged]

It seems we do this because the TRR connection has the INHIBIT_CACHING and LOAD_BYPASS_CACHE flags
This causes us to set the NS_HTTP_REFRESH_DNS flag which causes us to issue a DNS Prefetch with the refresh flag set
This ultimately leads to skipping the DNS cache entirely, where we have the cached negative record, so we don't use it.

But since the ESNI implementation needs some radical changes and is not enabled by default I'm inclined to not bother trying to fix it right now. We can handle this when we update the ESNI implementation.

Blocks: 1590863
Flags: needinfo?(valentin.gosu)
Priority: P2 → P3
Whiteboard: [necko-triaged] → [necko-triaged][trr]

I think this bug was fixed by bug 1618173

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.