Closed Bug 1752337 Opened 3 years ago Closed 3 years ago

Several DNSSEC Interference Measurement v3 events missing from Wireshark on certain queries

Categories

(Shield :: Shield Study, defect)

defect

Tracking

(Not tracked)

VERIFIED FIXED

People

(Reporter: ppop, Unassigned)

References

Details

Attachments

(1 file)

Attached image dnssec_wireshark.png

[Affected versions]:

  • Firefox Unbranded Release 96.0.1

[Affected platforms]:

  • Windows 10 x64
  • macOS 11.6.2

[Prerequisites]:

  • Have a Normandy recipe with the DNSSEC Interference Measurement v3 add-on live.
  • Have a browser profile enrolled in the Normandy experiment.
  • Have Wireshark installed.

[Steps to reproduce]:

  1. Click the "Start capturing packets" button from Wireshark.
  2. Open the browser with the profile from prerequisites.
  3. Navigate to about:telemetry and wait for the study related archived pings to generate.
  4. Click the "Stop capturing packets" button from Wireshark.
  5. Apply the following filter: (dns.flags.response == 0) and (dns.qry.name == "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15._smimecert.dnssec-experiment-moz.net").
  6. Observe the filtered events.

[Expected result]:

  • Two rows with captured events are displayed.

[Actual result]:

  • Only a single row is displayed.

[Notes]:

  • Two rows should also be displayed when applying the following filter, however one of them is missing:
    (dns.flags.response == 0) and (dns.qry.name == "httpssvc.dnssec-experiment-moz.net")
  • Attached a screenshot of the issue:

I think this relates to the TCP errors you were seeing. I assume what's happening is that the TCP-based DNS requests aren't showing up in Wireshark because the add-on failed to open a TCP connection to your DNS resolver.

When you click on the row shown in that screenshot, what transport protocol is listed? Is it UDP?

I've re-checked the rows for the 2 filters listed in the bug and both of them have the UDP protocol.

Okay, then I think this is probably fine. If your DNS resolver (e.g., whatever DNS cache your router is running) doesn't support TCP, then the add-on should report pings with TCP errors, and you shouldn't see any DNS queries get sent over TCP in Wireshark. I don't know what your DNS resolver is, but my understanding is that it's fairly common for DNS resolvers to not support TCP.

Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED

Marking this as verified since some errors are expected depending on the DNS resolver used.

Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: