Changes

Trusted Recursive Resolver

203 bytes added, 20:30, 7 October 2019

Updated request timeout prefs. Updated notes on DNS enhanced services (rfc1918 is not allowed by default - see pref), botnets are not affected by TRR.

Entries are added to the TRR blacklist when the resolution fails with TRR but works with the native resolver, or if the subsequent connection with a TRR resolved host name fails but works with a retry that is resolved natively. When a hostname is added to the TRR, its domain gets checked in the background to see if the whole domain should be blacklisted to ensure a smoother ride going forward.

=== network.trr.~~request-timeout~~ request_timeout_ms ===

(default: ~~3000~~1500) is the number of milliseconds a request and the corresponding response from the DoH server is allowed to take until considered failed and discarded. === network.trr.request_timeout_mode_trronly_ms === (default: 30000) is the number of milliseconds a request and the corresponding response from the DoH server is allowed to take until considered failed and discarded in TRR-only mode.

=== network.trr.early-AAAA ===

to "example.com".

== ~~Gotchas~~ Notes == === DNS ===

~~=== Security ===Warning: if~~ TRR bypasses system DNS so you ~~were relying on an~~ might not be using any 'enhanced' DNS ~~service for~~ services provided by your default DNS server which may include Web Content Filtering or basic Malware~~/Botnet~~ Protection, phishing protection~~, or RFC 1918 filtering, you won't be using it anymore (at least in Firefox) if you enable TRR~~.

== See also ==

Valentin.gosu

Confirm

89

edits

Changes

Trusted Recursive Resolver

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools