1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Disabling Firefox's automatic switch to DoH

Discussion in 'Asuswrt-Merlin' started by RMerlin, Sep 10, 2019.

  1. AntonK

    AntonK Senior Member

    Joined:
    Apr 10, 2015
    Messages:
    274
    Yes, I'm in the U.S.
     
  2. Makaveli

    Makaveli Very Senior Member

    Joined:
    Nov 4, 2016
    Messages:
    578
    Location:
    Canada
    Thanks that is turned off by default for me.
     
  3. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    31,864
    Location:
    Canada
    I don't know the details, you'd have to ask the Firefox devs.
     
    Vexira and AntonK like this.
  4. DonnyJohnny

    DonnyJohnny Very Senior Member

    Joined:
    Dec 17, 2017
    Messages:
    741
    it is better to set it as 5. By your choice and not default by browser.

    network.trr.mode
    set which resolver mode you want.

    0 - Off (default). use standard native resolving only (don't use TRR at all)

    1 - Race (removed)

    2 - First. Use TRR first, and only if the name resolve fails use the native resolver as a fallback.

    3 - Only. Only use TRR. Never use the native (after the initial setup).

    4 - Shadow. (removed)

    5 - Off by choice This is the same as 0 but marks it as done by choice and not done by default.
     
    Kingp1n, Vexira, Makaveli and 2 others like this.
  5. bits

    bits Regular Contributor

    Joined:
    Oct 13, 2011
    Messages:
    78
    DoH is currently supported and preferred by Chrome, Firefox and Curl. That is support from basically everybody that matters for nearly all platforms. The only notable exception is Apple, but they often lag with new standards.
    DoH is going nowhere anytime soon. I expect the shift to DoH for most https users in the world to be rapid and complete within 12 months.
     
    Vexira likes this.
  6. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    31,864
    Location:
    Canada
    That still doesn't validate it as being a good design, or a good idea. Maybe once people start getting burned by it they will come back to their senses, and leave name resolution duties into the hands of the system resolver.

    And at least Chrome devs had enough common sense to realize that it should only be automatically implemented as an upgrade, not enforced by switching to a completely different resolver than what the system is configured to use.
     
    Kingp1n, Vexira, gfondeur and 4 others like this.
  7. gfondeur

    gfondeur Occasional Visitor

    Joined:
    Oct 4, 2019
    Messages:
    19
    This it's getting interesting..............
     
  8. Skruf

    Skruf Occasional Visitor

    Joined:
    Feb 26, 2019
    Messages:
    17
    Hey,

    It's not just the browsers... Mozilla's Thunderbird has the same setting/option...

    Tools... Options... Advanced... Network & Disk Space tab... Settings button for Connection.

    Fun video to watch:



    Best.
     
    Last edited: Nov 4, 2019
    Makaveli and Zastoff like this.
  9. Mutzli

    Mutzli Senior Member

    Joined:
    Dec 22, 2014
    Messages:
    388
  10. Mutzli

    Mutzli Senior Member

    Joined:
    Dec 22, 2014
    Messages:
    388
    With the above changes coming do any of you use a proxy firewall like IPFire to manage internet traffic instead of the router based solution?
     
  11. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    31,864
    Location:
    Canada
    The problem is, how do you explain a technical problem to a bunch of politicians who barely know how to read their emails? The issues behind Firefox's plans for DoH are highly technical. I doubt a politician would be able to understand that "it will break CDNs performance in some scenarios". So, the lobbyists tried to dumb it down, adding a layer of half-truths in the mix to "scare them good".

    To be honest, DoH is NOT a political issue. The ISPs tried to make it one (for personal reasons, mind you, not for the greater good of their customers), and are failing at it.
     
    Vexira, jsbeddow, MDM and 3 others like this.
  12. dave14305

    dave14305 Very Senior Member

    Joined:
    May 19, 2018
    Messages:
    1,865
    Location:
    USA
    Vexira likes this.
  13. Makaveli

    Makaveli Very Senior Member

    Joined:
    Nov 4, 2016
    Messages:
    578
    Location:
    Canada
  14. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    31,864
    Location:
    Canada
    Vexira, Grisu, netware5 and 3 others like this.
  15. dave14305

    dave14305 Very Senior Member

    Joined:
    May 19, 2018
    Messages:
    1,865
    Location:
    USA
    I don't see how all the Enterprise customers will stand for the potential loss of DNS control within corporate networks. They have strong-armed Microsoft to keep supporting old OSes for years beyond belief. Hopefully they'll have the same clout to ensure it doesn't become more of a free-for-all than DoH already is.

    The article does say that DoT is still "on the table" for Microsoft, which is promising (once they get spanked by their largest customers).
     
    Vexira likes this.
  16. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    10,340
    Location:
    UK
    "me too" has been Microsoft's strategy in every aspect of their business for many years now IMHO. Every time they've tried to "lead" they've shot themselves in the foot. So now they just copy their competitors hoping for a slice of that pie.

    They won't. And to be fair I think it more or less says so in that article: "We believe device administrators have the right to control where their DNS traffic goes." In a business/enterprise scenario the "administrator" is the IT department and the end user doesn't have the ability to change their DNS settings.
     
    Vexira, jsbeddow and dave14305 like this.
  17. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    31,864
    Location:
    Canada
    Pretty sure a Group Policy will give network admin control over that feature.
     
    Vexira, Makaveli and dave14305 like this.
  18. nlurker

    nlurker Occasional Visitor

    Joined:
    Sep 4, 2018
    Messages:
    41
    Is it likely/possible that Roku and other devices will implement DOH, making it impossible for me to block ads on them?
     
  19. consorts

    consorts Senior Member

    Joined:
    Sep 9, 2018
    Messages:
    232
    Location:
    nyc
    L&LD likes this.