Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

话题已存档。 如果需要帮助请提出新问题。

Configured DNS over HTTPS, but DNS is still coming from my ISP

  • 1 个回答
  • 2 人有此问题
  • 1 次查看
  • 最后回复者为 TyDraniu

crismerritt
crismerritt
more options

I have configured Firefox (version 74.0 for Mac) for DNS over HTTPS with Cloudflare (see image 1). But if I enter a domain that does not exist, I get a branded page from my ISP, Verizon, that says the domain does not exist (see image 2). So apparently Verizon is still responding to my DNS requests, not Cloudflare over HTTPS. Any idea what's up? Thanks.

I have configured Firefox (version 74.0 for Mac) for DNS over HTTPS with Cloudflare (see image 1). But if I enter a domain that does not exist, I get a branded page from my ISP, Verizon, that says the domain does not exist (see image 2). So apparently Verizon is still responding to my DNS requests, not Cloudflare over HTTPS. Any idea what's up? Thanks.
已附加屏幕截图

被采纳的解决方案

Right, when a page does not exist (or Firefox fails to resolve a domain via DoH), there is a fallback to the system DNS.

To change it, enter about:config in the url bar and set network.trr.mode = 3

  • 0 - Off (default). use standard native resolving only (don't use TRR at all)
  • 1 - Reserved (used to be Race mode)
  • 2 - First. Use TRR first, and only if the name resolve fails use the native resolver as a fallback.
  • 3 - Only. Only use TRR, never use the native resolver.
    • Up to FF >= 73, this mode also requires the bootstrapAddress pref to be set.
    • Starting with Firefox 74, setting the bootstrap address is no longer mandatory - the browser will simply bootstrap itself using regular DNS, unless the DoH server domain can't be resolved.
  • 4 - Reserved (used to be Shadow mode)
  • 5 - Off by choice. This is the same as 0 but marks it as done by choice and not done by default.
定位到答案原位置 👍 1

所有回复 (1)

TyDraniu
TyDraniu
  • Top 25 Contributor
more options

选择的解决方案

Right, when a page does not exist (or Firefox fails to resolve a domain via DoH), there is a fallback to the system DNS.

To change it, enter about:config in the url bar and set network.trr.mode = 3

  • 0 - Off (default). use standard native resolving only (don't use TRR at all)
  • 1 - Reserved (used to be Race mode)
  • 2 - First. Use TRR first, and only if the name resolve fails use the native resolver as a fallback.
  • 3 - Only. Only use TRR, never use the native resolver.
    • Up to FF >= 73, this mode also requires the bootstrapAddress pref to be set.
    • Starting with Firefox 74, setting the bootstrap address is no longer mandatory - the browser will simply bootstrap itself using regular DNS, unless the DoH server domain can't be resolved.
  • 4 - Reserved (used to be Shadow mode)
  • 5 - Off by choice. This is the same as 0 but marks it as done by choice and not done by default.

由TyDraniu于修改