MozillaWiki

Trusted Recursive Resolver: Difference between revisions

Page Discussion

Trusted Recursive Resolver (view source)

Revision as of 21:02, 24 September 2020

No change in size ,  24 September 2020
m
Fixes in the spirit of https://bugzilla.mozilla.org/show_bug.cgi?id=1571734
(link to DNS over HTTPS article)
m (Fixes in the spirit of https://bugzilla.mozilla.org/show_bug.cgi?id=1571734)
 
Line 70: Line 70:
; network.trr.blacklist-duration :
; network.trr.blacklist-duration :


(default: 60) is the number of seconds a name will be kept in the TRR blacklist until it expires and then will be tried with TRR again. The default duration is one minute.
(default: 60) is the number of seconds a name will be kept in the TRR blocklist until it expires and then will be tried with TRR again. The default duration is one minute.


Entries are added to the TRR blacklist when the resolution fails with TRR but works with the native resolver, or if the subsequent connection with a TRR resolved host name fails but works with a retry that is resolved natively. When a hostname is added to the TRR, its domain gets checked in the background to see if the whole domain should be blacklisted to ensure a smoother ride going forward.
Entries are added to the TRR blocklist when the resolution fails with TRR but works with the native resolver, or if the subsequent connection with a TRR resolved host name fails but works with a retry that is resolved natively. When a hostname is added to the TRR, its domain gets checked in the background to see if the whole domain should be blocklisted to ensure a smoother ride going forward.


; network.trr.request_timeout_ms :
; network.trr.request_timeout_ms :
Line 136: Line 136:
(default: true) When true, the DNS+TRR cache will be cleared when a relevant TRR pref changes. (uri, bootstrapAddress, excluded-domains)
(default: true) When true, the DNS+TRR cache will be cleared when a relevant TRR pref changes. (uri, bootstrapAddress, excluded-domains)


== Dynamic Blacklist ==
== Dynamic Blocklist ==


To keep the failure rate at a minimum, the TRR system manages a dynamic
To keep the failure rate at a minimum, the TRR system manages a dynamic
persistent blacklist for host names that can't be resolved with DOH but works
persistent blocklist for host names that can't be resolved with DOH but works
with the native resolver. Blacklisted entries will not be retried over DOH for one minute.
with the native resolver. Blocklisted entries will not be retried over DOH for one minute.
"localhost" and names in the ".local" TLD will never be
"localhost" and names in the ".local" TLD will never be
resolved via DOH.
resolved via DOH.
AdamRoach
Confirmed users
632

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1231062"