Closed data-sync-user closed 1 year ago
➤ Owen Kirby commented:
So far I am unable to reproduce this when Firefox DoH is disabled, so I suspect that this is another repercussion of https://mozilla-hub.atlassian.net/browse/VPN-142 ( https://mozilla-hub.atlassian.net/browse/VPN-142|smart-link )
➤ Valentina Virlics commented:
Owen Kirby I did not use Firefox, but Chrome.
➤ Valentina Virlics commented:
Also reproducing while using the anti-tracking custom DNS ip: 100.64.0.2. Owen Kirby
➤ Owen Kirby commented:
With google chrome, I have noticed that the browser seems to keep a DNS cache of its own that’s separate from systemd. And under some conditions Chrome can remember a domain name that has previously been resolved before activating the anti-tracking DNS. To check whether this is a chrome issue, or a VPN issue, we can manually flush the cache after activating the activating the anti-tracking DNS as follows:
In my tests, manually refreshing the page via the refresh button, or by clicking in the URL bar and hitting enter, also resulted in a DNS resolution failure.
IIRC, Firefox does something similar but its cache can be flushed by either:
➤ Valentina Virlics commented:
Tried your approach, but without success, on VPN 2.5.0 (2.202109080823). I've cleared DNS cache on both browsers with your method, but domains from easylist are still accessible. Same for ads. Used Chrome and private browsing. Attaching logs and video.
[^mozillavpn-2021-9-8.txt]
!Screencast 2021-09-08 13_17_26.mp4|thumbnail!
➤ Valentina Virlics commented:
The interesting thing is that, on another Linux Focal (a laptop, with probably different configuration) both ads and anti tracking DNS work. So, I am not sure what happens on my device. I’ve synced with my colleague, and we do the exact things and settings.
➤ Owen Kirby commented:
Valentina Virlics the next time you get a chance to reproduce this bug, could you try the following commands in a console and report what you get back? This should attempt to dump the system’s DNS configuration, and then perform a couple of test lookups to see if it is due to an error in DNS configuration, or the browser’s failing to use that configuration.
The commands:
The use of oxygen.sigsegv.dev here points to one of my personal VPS projects, and simply a domain that is unlikely to be in your DNS cache. You can replace it with any domain you like that you expect to resolve successfully.
➤ Valentina Virlics commented:
Sure! I’ve attached the results. Thanks!
[^VPN913.odt]
➤ Owen Kirby commented:
Thanks Valentina, that is definitely enlightening. It seems that there is something unexpected in how your system has configured its DNS servers. The configuration file at /etc/resolv.conf should normally be a symlink to /run/resolvconf/resolv.conf which is generated dynamically by the systemd resolver (and should contain a bunch of comments that aren’t present on your system). Instead, the contents of this file appear to be hard-coded to an AWS DNS server.
Could you check to see if this file is correctly symlinked by running the command: ls -al /etc/resolv.conf
➤ Valentina Virlics commented:
Happy it clarify things. At least, a bit.
This is what I get after running the command.
!Screenshot from 2021-09-15 08-36-56.png|width=786,height=533!
➤ Santiago Andrigo commented:
Valentina Virlics Is this still happening?
➤ Santiago Andrigo commented:
Current belief is that this is machine-idiosyncratic.
➤ Valentina Virlics commented:
Verified this on a VM with Linux Kinetic, and the ads and anti-tracking DNS feature works as expected.
VPN version:
Affected Platforms:
Prerequisites:
Steps to reproduce:
Expected result:
Actual result:
Notes:
┆Issue is synchronized with this Jira Bug ┆Reporter: Valentina Virlics