当サイトはユーザー体験を改善するためのメンテナンスを実施中に機能が制限される予定です。記事を読んでもあなたの問題が解決せず質問をしたい場合は、Twitter の @FirefoxSupport、Reddit の /r/firefox で、サポートコミュニティが皆さんを助けようと待機しています。

Mozilla サポートの検索

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

詳しく学ぶ

このスレッドはアーカイブに保管されました。 必要であれば新たに質問してください。

Firefox on macOS not using default DNS resolver with DoH disabled

  • 4 件の返信
  • 0 人がこの問題に困っています
  • 448 回表示
  • 最後の返信者: ben184

more options

Firefox does not appear to be using my Mac's default DNS resolver when DNS over HTTPS is disabled. Here is my setup:

- I'm using Firefox 124.0.2 on macOS Sonoma 14.4.1. - DNS over HTTPS is set to Off in Firefox. - My Mac is configured to use a DNS server that blocks some domains, such as facebook.com. I have confirmed that this is working correctly by using the dig tool on the commandline: "dig facebook.com" receives a "status: REFUSED" response with an empty A record. - When I navigate to facebook.com or other domains that should be blocked in Firefox, they are resolved. My expectation is that they should fail to load and a DNS error should be displayed.

What I've tried:

- Confirmed via GUI and about:config that DNS over HTTPS is completely disabled in Firefox. - Cleared Firefox DNS cache via about:networking. - Confirmed every way I know how that macOS is configured to use my custom DNS resolver and that the resolver is refusing queries for the specific domains I expect to be blocked.

I'd be grateful for any suggestions anyone can provide.

Firefox does not appear to be using my Mac's default DNS resolver when DNS over HTTPS is disabled. Here is my setup: - I'm using Firefox 124.0.2 on macOS Sonoma 14.4.1. - DNS over HTTPS is set to Off in Firefox. - My Mac is configured to use a DNS server that blocks some domains, such as facebook.com. I have confirmed that this is working correctly by using the dig tool on the commandline: "dig facebook.com" receives a "status: REFUSED" response with an empty A record. - When I navigate to facebook.com or other domains that should be blocked in Firefox, they are resolved. My expectation is that they should fail to load and a DNS error should be displayed. What I've tried: - Confirmed via GUI and about:config that DNS over HTTPS is completely disabled in Firefox. - Cleared Firefox DNS cache via about:networking. - Confirmed every way I know how that macOS is configured to use my custom DNS resolver and that the resolver is refusing queries for the specific domains I expect to be blocked. I'd be grateful for any suggestions anyone can provide.

選ばれた解決策

Thanks for your response, jscher2000. I actually had the exact same train of thought and tried the HTTP logging feature. However, it turns out that this is not a Firefox problem, but rather a misunderstanding on my part regarding Apple's iCloud Private Relay Feature. Firefox works as expected if I disable iCloud Private Relay and clear my machine's DNS cache.

I had mistakenly believed that iCloud Private Relay would only be used for DNS in Safari and other Apple-developed, Private-Relay-enabled apps. Thus, my assumption was that if I kept Private Relay enabled, cleared the machine's DNS cache, and then immediately requested a site in Firefox, my configured DNS server would be used. However, it appears that the Private Relay DNS system is still used to perform the DNS lookup in that scenario.

この回答をすべて読む 👍 0

すべての返信 (4)

more options

ben184 said

macOS is configured to use my custom DNS resolver

Support for platform-specific DNS APIs is currently being worked on in Nightly (Bug 1852752). The setting for this is network.dns.native_https_query in about:config.

more options

Thank you for your response. If I'm understanding that Bugzilla ticket that Bugzilla ticket correctly, it specifically relates to the task of resolving the "HTTPS" resource record type (as opposed to the "A" type, "AAAA" type, and so forth) without DoH. That seems like a different problem from what I'm experiencing.

My problem is that Firefox is not using my network connection's configured DNS server for basic A record resolution. Firefox does work as expected on a Windows machine on the same network.

この投稿は ben184 により に変更されました

more options

Hmm, I'm trying to figure out whether Firefox shows which DNS server it is using when it is NOT using DNS over HTTPS. (I'm not seeing it on about:networking#dns or about:networking#dnslookuptool. I don't see it in the log created according to https://developer.mozilla.org/docs/Mozilla/Debugging/HTTP_logging.)

I assume your Firefox is not using a proxy server or VPN, which might bypass system resolution.

more options

選ばれた解決策

Thanks for your response, jscher2000. I actually had the exact same train of thought and tried the HTTP logging feature. However, it turns out that this is not a Firefox problem, but rather a misunderstanding on my part regarding Apple's iCloud Private Relay Feature. Firefox works as expected if I disable iCloud Private Relay and clear my machine's DNS cache.

I had mistakenly believed that iCloud Private Relay would only be used for DNS in Safari and other Apple-developed, Private-Relay-enabled apps. Thus, my assumption was that if I kept Private Relay enabled, cleared the machine's DNS cache, and then immediately requested a site in Firefox, my configured DNS server would be used. However, it appears that the Private Relay DNS system is still used to perform the DNS lookup in that scenario.