Firefox fails to resolve local/VPN DNS
I am using Firefox on Linux (Ubuntu 20.10) to work from home over OpenVPN. Recently the VPN configuration was changed to use split tunneling to improve our internet connection. Since then I have had several DNS resolving issues in Firefox.
We use an on premise DNS server as an alternative to `localhost` domain names so we can access other developers' environments and so a few services can do the same. Our URL structure is like projectname.[optional personal identifier.]localhost.[type].nl. Without the [optional personal identifier], or when nothing is configured for it, the ip address is 127.0.0.1.
In Linux' OpenVPN configuration I have "Use this connection only for resource on its network" enabled for IPv4 and IPv6 is disabled (to benefit from split tunneling). With that enabled Firefox usually fails to resolve such development hostnames.
- As far as I know I do not have DoH enabled (and the about:networking log further down tells so too). - I do have `dnsmasq` enabled (with configuration for the above domain formats to route to 127.0.0.1 also) in an attempt to fix some issues before the split tunneling was configured correctly. And in an attempt to try and get Firefox to handle these DNS resolving issues. - `dig` on the command line for the same domain works just fine. - Adding hostnames to /etc/hosts works. But that's becoming a chore, working on dozens of projects over months.
Why is Firefox failing to resolve such domain names? Should I just create a Bugzilla issue?
I created a log with about:networking set to `timestamp,nsHostResolver:5`:
[Parent 5337: Main Thread]: I/Logger Flushing old log files 2021-06-09 07:42:58.009170 UTC - [Parent 5337: Socket Thread]: D/nsHostResolver Resolving host [somedomain.localhost.type.nl]<^partitionKey=%28http%2Ctype.nl%29> - bypassing cache type 0. [this=7f4d8a1732e0] 2021-06-09 07:42:58.009195 UTC - [Parent 5337: Socket Thread]: D/nsHostResolver No usable record in cache for host [somedomain.localhost.type.nl] type 0. 2021-06-09 07:42:58.009200 UTC - [Parent 5337: Socket Thread]: D/nsHostResolver NameLookup host:somedomain.localhost.type.nl af:0 2021-06-09 07:42:58.009206 UTC - [Parent 5337: Socket Thread]: D/nsHostResolver NameLookup: somedomain.localhost.type.nl effectiveTRRmode: 1 flags: 2001 2021-06-09 07:42:58.009210 UTC - [Parent 5337: Socket Thread]: D/nsHostResolver TRR service not enabled - off or disabled 2021-06-09 07:42:58.009215 UTC - [Parent 5337: Socket Thread]: D/nsHostResolver NativeLookup host:somedomain.localhost.type.nl af:0 2021-06-09 07:42:58.009229 UTC - [Parent 5337: Socket Thread]: D/nsHostResolver DNS thread counters: total=1 any-live=0 idle=1 pending=1 2021-06-09 07:42:58.009236 UTC - [Parent 5337: Socket Thread]: D/nsHostResolver DNS lookup for host [somedomain.localhost.type.nl] blocking pending 'getaddrinfo' or trr query: callback [7f4d386f5e80] 2021-06-09 07:42:58.009250 UTC - [Parent 5337: DNS Resolver #22]: E/nsHostResolver DNS lookup thread - Calling getaddrinfo for host [somedomain.localhost.type.nl]. 2021-06-09 07:42:58.076889 UTC - [Parent 5337: DNS Resolver #22]: D/nsHostResolver Calling 'res_ninit'. 2021-06-09 07:42:58.137055 UTC - [Parent 5337: DNS Resolver #22]: E/nsHostResolver DNS lookup thread - lookup completed for host [somedomain.localhost.type.nl]: failure: unknown host. 2021-06-09 07:42:58.137146 UTC - [Parent 5337: DNS Resolver #22]: D/nsHostResolver nsHostResolver::CompleteLookup somedomain.localhost.type.nl 0 804B001E resolver=0 stillResolving=0 2021-06-09 07:42:58.137152 UTC - [Parent 5337: DNS Resolver #22]: D/nsHostResolver nsHostResolver record 7f4d63a0a7c0 new gencnt 2021-06-09 07:42:58.137162 UTC - [Parent 5337: DNS Resolver #22]: D/nsHostResolver Caching host [somedomain.localhost.type.nl] negative record for 60 seconds. 2021-06-09 07:42:58.137166 UTC - [Parent 5337: DNS Resolver #22]: D/nsHostResolver CompleteLookup: somedomain.localhost.type.nl has NO address 2021-06-09 07:42:58.137172 UTC - [Parent 5337: DNS Resolver #22]: D/nsHostResolver nsHostResolver record 7f4d63a0a7c0 calling back dns users status:804B001E
Alle svar (2)
By the way. `type` in the log is not what I actually used. It can be one of two values. Both are TLD's we control.
I've created a bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=1722661