Closed Bug 1669640 Opened 4 years ago Closed 4 years ago

Dns over HTTPS does not recognize private IP

Categories

(Core :: Networking: DNS, defect)

Product:
Core
Component:
Networking: DNS
Version:
80 Branch
Type:
defect

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: maurorappa, Unassigned)

References

(Blocks 1 open bug)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0

Steps to reproduce:

Looks like the browser considers invalid doh dns request which resolve to a private addess
I setup my own DoH server and I have several test entries, FF is able to use to navigate everywhere (I see about:networking#dns all entries with TRR true) except pointing to an internal service (10.x.y.z)

Actual results:

if I try to resolve manually (about:networking#dnslookuptool) an entry which points to a 10.x.y.z address I get NS_ERROR_UNKNOWN_HOST.

Expected results:

If I use a cli tool (pip3 install doh-cli) I regularly get the private IP.

Component: Untriaged → Networking: DNS
Product: Firefox → Core

Valentin, could you take a look?
Thanks.

Flags: needinfo?(valentin.gosu)

This is intentional behaviour.
We have a pref if you want to use a private DoH server - Set network.trr.allow-rfc1918 to true in about:networking.

Blocks: doh
Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Flags: needinfo?(valentin.gosu)
Resolution: --- → INVALID

True, it works ;)
Thanks.

You need to log in before you can comment on or make changes to this bug.