Hello people,
I have a DNSSEC validation error using 1.1.1.1 in firefox
I made the settings in firefox
network.trr.mode = 2
network.trr.bootstrapAddress = 1.1.1.1
network.security.esni.enabled = true
but i still have error message with DNSSEC is it a bug? am i protected?
I am having the same problem with Cloudflared (dns-over-https) and stubby (dns-over-tls).
it’s very strange, let’s wait if someone can understand the reason
@GustavoF to re-enable DNSSEC verification in Firefox: type about:config in the address bar and then change the network.trr.mode value from 2 to 3.
I still have to figure out why cloudflared and stubby aren’t working properly with DNSSEC verification.
I found out the problem: I use Pihole and a backup DNS in case the first one is not accessible (not in a round robin fashion but with the strict-order option in dnsmasq). What happened was that the SERVAIL answer from Cloudflare triggered the Backup DNS (not DNSSEC enabled) which gave the “wrong” answer to the test.
this is really strange but the change worked well, with the network.trr.bootstrapAddress function I think I will not have any problems disconnecting, thanks for the help.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
