I agree and I’ve been hit with this. Do we know how to point it to pi-hole or turn it off?
actually I found where you can turn it off
tools, options, general, network settings, settings, uncheck Enable DNS over HTTPS
If this is the same feature I mentioned here, the solution is:
‘network.trr.mode=5’, using ‘about:config’
@R_V could you please check if disabeling it, using the gui, has the same effect?
I am running Firefox V62 (64bit) and I don’t see any issues yet. And don’t see the flag mentioned in settings to disable it!
What version do you have installed?
I couldn’t find network.trr.mode when I searched previously. I see it now and it is set to 0.
so my unchecking “tools, options, general, network settings, settings, uncheck Enable DNS over HTTPS” may have added it.
I can confirm that unchecking tools, options, general, network settings, settings, uncheck Enable DNS over HTTPS works.
For the life of me I could not figure out what was going on. I was checking my host file, I was running ipconfig /flush and /all and couldn’t find the problem. On a lark I tried ie and chrome. Both used the pi-hole. When I’d us Firefox nightly I was seeing very little activity on the pi-hole when watching the pihole -t output. The other browser showed a lot of activity. That’s when I found this and other threads.
A post was merged into an existing topic: [FYI] Google / Chrome: “Experimenting with same-provider DNS-over-HTTPS upgrade”
Sorry to necro this thread, but this “feature” was officially released today and there is an option in the settings to add your own DNS entry. Should we just add our Pi-hole address into that?
Pi-hole doesnt do DoH.
pi@noads:~ $ sudo netstat -nltup | grep 'Proto\|pihole-FTL' Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 18952/pihole-FTL tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 18952/pihole-FTL tcp6 0 0 :::53 :::* LISTEN 18952/pihole-FTL tcp6 0 0 ::1:4711 :::* LISTEN 18952/pihole-FTL udp 0 0 0.0.0.0:53 0.0.0.0:* 18952/pihole-FTL udp 0 0 0.0.0.0:67 0.0.0.0:* 18952/pihole-FTL udp6 0 0 :::53 :::* 18952/pihole-FTL
- 4711 is the Pi-hole API and 67 is DHCP
Thanks for the pointer!
Ah, okay. So we should just turn this feature off like the rest of the thread said months ago?
It wasnt on in the first place for me ???
Right, it wasn’t on for me either after the latest update but I was mostly asking if it’s recommended to just keep it off since it doesn’t work with Pi-hole anyway.
Logic says yes
Haha, thank you!
Firefox DoH opt-out mode is being rolled out for just the United States. We hate ourselves here.
Makes you wonder who/what decides.
EDIT: just checked Debian laptop and is same.
You have to opt-in.
I have Firefox 73.0.1 on MacOS and the default is OFF.
As you can choose a provider of DNS over HTTPS, I do wonder if this could be my pi-hole in the future… anyone can tell me if this is, or is not possible?
What would be the purpose or benefit of encrypting local DNS traffic on your LAN?
not so much indeed. But one thing could be that I want to make sure that Firefox uses the DNS I specify and doesn’t change without me noticing it.
As discussed in this thread, people are not sure that the settings of their browser might not change with an update.
If your browser does not honor your networks DNS settings and chooses to contact DNS servers of its choice instead, the only instance where you could control this is your very browser.
This is entirely independent from the protocol being employed, and there is absolutely nothing that Pi-hole could do about it.
If you’d want to control that possible misbehaviour at network level, you’d have to introduce a DPI firewall at the gateway or on the device where your browser lives to selectively block port 443 requests and quite possible have to break the connections encryption as well (not very feasible).