We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Tìm hiểu thêm

Why is Firefox 36 on Windows receiving connections from DNS servers? Option network.dns.get-ttl

  • 1 trả lời
  • 3 gặp vấn đề này
  • 1 lượt xem
  • Trả lời mới nhất được viết bởi jayelbe

more options

Subsequent to updating to Firefox 36, my firewall has been inundating me with requests to allow external connections from the Internet to my browser. Looking into this in more detail, Comodo Firewall is indicating that external Internet sites are trying to connect to Firefox, from port 53 to an arbitrary port on my machine.

If I disable the new FF36 option network.dns.get-ttl, this stops. I can't find any documentation or help on this option.

Why is Firefox doing this? Is Comodo incorrect when it labels this as an external attempt to connect? (It's normally been extremely good at differentiating between inbound & outbound traffic). I'm assuming that Firefox is trying to determine TTL for DNS caching, but it doesn't make sense why DNS servers are then trying to connect back to me.

I'm loathe to create a firewall rule that states arbitrary connections from the Internet to my machine are OK as long as they originated on port 53, so advice on how to manage whatever this new feature is securely would be appreciated.

Thanks in advance for any assistance.

Subsequent to updating to Firefox 36, my firewall has been inundating me with requests to allow external connections from the Internet to my browser. Looking into this in more detail, Comodo Firewall is indicating that external Internet sites are trying to connect to Firefox, from port 53 to an arbitrary port on my machine. If I disable the new FF36 option network.dns.get-ttl, this stops. I can't find any documentation or help on this option. Why is Firefox doing this? Is Comodo incorrect when it labels this as an external attempt to connect? (It's normally been extremely good at differentiating between inbound & outbound traffic). I'm assuming that Firefox is trying to determine TTL for DNS caching, but it doesn't make sense why DNS servers are then trying to connect back to me. I'm loathe to create a firewall rule that states arbitrary connections from the Internet to my machine are OK as long as they originated on port 53, so advice on how to manage whatever this new feature is securely would be appreciated. Thanks in advance for any assistance.

Giải pháp được chọn

Hi grammarye,

Yep, you're right in thinking that Firefox is attempting to look up the TTL. This is new behaviour in Firefox 36 and was introduced because services with frequently changing DNS records (like Cloudflare) weren't working correctly for Firefox users.

Firefox makes asynchronous DNS lookups - meaning it will make a DNS request and then proceed to do other work instead of waiting for a response.

Your ISP's DNS server will only cache a domain's TTL for a short time, so if it doesn't have the current TTL, it will query with other DNS servers to find it.

IANAE, but presumably what's happening is thus:

  1. Firefox attempts to lookup the DNS record for the domain you wish to connect to
  2. Your ISP's DNS server doesn't have the current TTL, so connects with other DNS servers to find it
  3. During the delay, Firefox busies itself with something else
  4. DNS server then reconnects to give you the full DNS record, including TTL
  5. Comodo sees the packets from the DNS server and panics

I completely agree that whitelisting arbitrary ports is a bad idea, but in this case the behaviour is completely innocuous.

You may wish to whitelist Firefox in your Comodo firewall, or continue to leave network.dns.get-ttl disabled.

(edited to fix broken links and add a sentence)

Đọc câu trả lời này trong ngữ cảnh 👍 0

Tất cả các câu trả lời (1)

more options

Giải pháp được chọn

Hi grammarye,

Yep, you're right in thinking that Firefox is attempting to look up the TTL. This is new behaviour in Firefox 36 and was introduced because services with frequently changing DNS records (like Cloudflare) weren't working correctly for Firefox users.

Firefox makes asynchronous DNS lookups - meaning it will make a DNS request and then proceed to do other work instead of waiting for a response.

Your ISP's DNS server will only cache a domain's TTL for a short time, so if it doesn't have the current TTL, it will query with other DNS servers to find it.

IANAE, but presumably what's happening is thus:

  1. Firefox attempts to lookup the DNS record for the domain you wish to connect to
  2. Your ISP's DNS server doesn't have the current TTL, so connects with other DNS servers to find it
  3. During the delay, Firefox busies itself with something else
  4. DNS server then reconnects to give you the full DNS record, including TTL
  5. Comodo sees the packets from the DNS server and panics

I completely agree that whitelisting arbitrary ports is a bad idea, but in this case the behaviour is completely innocuous.

You may wish to whitelist Firefox in your Comodo firewall, or continue to leave network.dns.get-ttl disabled.

(edited to fix broken links and add a sentence)

Được chỉnh sửa bởi jayelbe vào