There is an upcoming feature in Mozilla Firefox that will use DNS over HTTPS.
As it says in the linked post: Firefox does not yet use DoH by default. It has been available on an opt-in basis for some time now for users of nightly builds of Firefox, and at the moment it’s running as a shield test for builds of Firefox. Assuming the tests all go well, it could well become the default in the future.
Once enabled Firefox will use the proposed DNS over HTTPS protocol, directed by default to a Cloudfare DNS server, but changeable by the user. It will stop using your system’s DNS settings, except in cases where it can’t get through to the DoH server fast enough.
What this means for those using Firefox with Pi-hole: If you’re in the study, (or if it becomes the default in a future upgrade) then you might see ads or other content that you would expect to be blocked, and you’ll see less traffic in your Pi-hole log. Depending upon the relative speed of the DoH and DNS servers, the relative proportion of lookup traffic handled via each protocol could vary greatly. It will be entirely possible for a particular domain name to be blocked at one time, but not at another, which when combined with browser caching could lead to some odd results with partially blocked content, with things changing somewhat randomly during page-refreshes.
At the moment it’s something to be aware of if you run Firefox, and something to consider if your blocking starts to get a bit sketchy.
- For me, unless/until there is a way to work with this sort of thing rather than around it, it will simply be another browser feature (similar to chrome’s asynchronous dns) to switch off.
- Yes, I’m aware that DNS over HTTPS isn’t the only one with has its hand up (alongside DNS over TLS and DNSCRYPT) to be the new “default” standard for DNS. I’ve no interest in picking a side, but I would like it very much if there could be one clear winner soon please. Pretty please.