Closed Bug 1890640 Opened 6 months ago Closed 6 months ago

Invalid reuse of connections between different IP stacks

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Version:
Firefox 124
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1420777

People

(Reporter: yegors, Unassigned)

Details

Attachments

(1 file)

wrong_reuse.JPG
16.69 KB, image/jpeg
Details
Attached image wrong_reuse.JPG

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Steps to reproduce:

We have a Network Status page that conducts all kinds of tests related to our DNS platform: https://controld.com/status

We fetch multiple endpoints with JavaScript, from several TLDs and most importantly, several subdomains on the same TLD.

The issue arises with single stack endpoints that are meant to detect both your IPv4 and IPv6 addresses:

https://api-v4.controld.com/ip (has only A record)
https://api-v6.controld.com/ip (has only AAAA record)

Above endpoints share the same TLS cert, however these ones do not (but behave the same):

https://cachebreaker.ipv4.controld.io/ip
https://cachebreaker.ipv6.controld.io/ip

Actual results:

In Firefox (and no other browser), the connection is reused between 2 of the above endpoints. See attached image.

In this example, notice api-v4.controld.com is "resolved" to an IPv6 address, but this subdomain has no AAAA records.

Same happens in reverse, on IPv4 only networks.

Opening the above URLs in separate tabs behaves as expected.

Expected results:

Connection should not have been reused, since these are different subdomains which operate on different IP stacks.

The Bugbug bot thinks this bug should belong to the 'Core::Networking' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → Networking
Product: Firefox → Core

I didn't have any luck reproducing this issue (on linux). I tried the following:

  • navigated to the above sites and checked the ips in devtools
  • navigated to example.com and fetched the above sites from console
  • navigated to controld.com and fetched the above sites from console
  • opened a simple html file with the contents <script> fetch("https://api-v4.controld.com/ip"); fetch("https://api-v6.controld.com/ip"); </script>
  • all of the above with network.dnsCacheEntries set to 0
  • all of the above with private browsing window

Or is there a better way to elicit this? If not, we will need some http logs on this. I recommend using about:logging, logging to a file and emailing the log to necko@mozilla.com. The default log string should be good as it contains DNS logging nsHostResolver.

Thanks!

Flags: needinfo?(yegors)

I'm unable to reproduce using your simple script either, but can reproduce on the status page in all OSes, Ubuntu 22 included, and in console.

6 fetch requests via console: https://i.imgur.com/dWzBUL8.jpeg
network tab after that: https://i.imgur.com/6GAmBfz.jpeg

This doesn't seem to happen every time either, and it eventually "fixes itself", but restarting the browser makes it reproducible.

Flags: needinfo?(yegors)

Since you can reproduce this with your status page, can you get logs via about:logging and send them to necko@mozilla.org? (see comment 2 for links). With those we should be able to track this down.

Thanks!!

Flags: needinfo?(yegors)

All done, log sent to necko@mozilla.org

Thanks!

Flags: needinfo?(yegors)

Hmm, email bounced.

Your message wasn't delivered to necko@mozilla.org because the address couldn't be found, or is unable to receive mail.

The response was:
The email account that you tried to reach does not exist. Please try double-checking the recipient's email address for typos or unnecessary spaces. For more information, go to https://support.google.com/mail/?p=NoSuchUser

Is it necko@mozilla.com or necko@mozilla.org? I just emailed .com, that didn't seem to bounce.

I think this is bug 1420777 which was recently fixed.
Could you try again with a nightly build? https://nightly.mozilla.org
Let us know if you're still seeing this issue. Thanks!

Status: UNCONFIRMED → RESOLVED
Closed: 6 months ago
Duplicate of bug: http2-connection-coalescing
Resolution: --- → DUPLICATE

Cannot reproduce issue in the nightly build 126.0a1. Did this fix already make it into the Developer Edition 125.0b9 as I can't reproduce it there either.

Can only reliably reproduce in release 124.0.2.

Bug 1420777 is only fixed in 126 or later, so dev ed 125 wouldn't have it.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: