Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Can't get Firefox working with custom Dns-Over-Https server

  • 6 replies
  • 1 has this problem
  • 59 views
  • Last reply by Ryan

Ryan
Ryan
more options

Greetings,

I have a custom DoH server that I'm trying to get working with Firefox's DoH mode. Looking at the traffic, Firefox is sending an initial NS query type to the server, and the server is sending back what looks like a valid response in Wireshark, but Firefox seems to give up on sending further DoH queries after this.

Is there a debug mode I can enable in Firefox to glean what about the response it doesn't like? I couldn't find any console in the Web Developer tools to display diagnostics on the DoH handshaking.

Thanks, Ryan

Greetings, I have a custom DoH server that I'm trying to get working with Firefox's DoH mode. Looking at the traffic, Firefox is sending an initial NS query type to the server, and the server is sending back what looks like a valid response in Wireshark, but Firefox seems to give up on sending further DoH queries after this. Is there a debug mode I can enable in Firefox to glean what about the response it doesn't like? I couldn't find any console in the Web Developer tools to display diagnostics on the DoH handshaking. Thanks, Ryan

Chosen solution

Hi Roland,

There were two issues at play here.

One is a known bug that's been fixed in Firefox beta, but hasn't been officially released (as of last week): https://bugzilla.mozilla.org/show_bug.cgi?id=1618042.

The other is an issue with our server where we weren't setting the content type in the HTTP header in the response that you mentioned above.

Thanks, Ryan

Read this answer in context 👍 0

All Replies (6)

Roland Tanglao
Roland Tanglao
  • Moderator
more options

Hi chiacow

I asked Firefox developers and they said: "about:networking logging might be useful"

Here's how to turn on logging: https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging

And then file a bugzilla bug with the log attached and post a link here

or

put the log somewhere e.g. dropbox, google drive and post a link to it here.

Cheers!

...Roland

Ryan
Ryan Question owner
more options

Hi Roland,

Thanks for the quick response.

I've filed a bug with bugzilla here with a Wireshark capture and the Firefox log Dropbox link attached to the bug:

https://bugzilla.mozilla.org/show_bug.cgi?id=1630736

Thanks, Ryan

Roland Tanglao
Roland Tanglao
  • Moderator
more options

Great, thanks Ryan!

Could you please add me (:roland is my bugzilla nickname) to the CC: list of the bug so I can see it?

Right now I get access denied.

Thanks for taking the time to do this!

Cheers! ...Roland

Ryan
Ryan Question owner
more options

Looks like you've already been added to the CC list already for that bug report. If you still need to be added let me know.

Thanks, Ryan

Roland Tanglao
Roland Tanglao
  • Moderator
more options

Hi Ryan:

Looks like your problem was solved in the bugzilla bug . It's not clear to me but I think the workaround was as follows (please reply and correct me if I got it wrong so that others can benefit in the future):

  1. set content type for the DoH response to: application/dns-message
  2. in Firefox, set network.notify.dnsSuffixList to false

Cheers!

...Roland

Ryan
Ryan Question owner
more options

Chosen Solution

Hi Roland,

There were two issues at play here.

One is a known bug that's been fixed in Firefox beta, but hasn't been officially released (as of last week): https://bugzilla.mozilla.org/show_bug.cgi?id=1618042.

The other is an issue with our server where we weren't setting the content type in the HTTP header in the response that you mentioned above.

Thanks, Ryan