Weird dns (?) cache behavior
Hi all, I am facing a weird network behavior on my Tumbleweed box. I noticed it long ago but I just thought I was doing something wrong. Anyway... I'll try to cut it short. Yesterday I was updating some remote virtual server, connecting to a domain and adding Let's Encrypt certificates. The server had been inaccessible from the internet up to that moment, and I was used to connect to it through a vpn connection which made it visible under its LAN IP 192.168.1.43. After doing my thing, I tried to connect to it through the new domain name (the VPN was disconnected). The server hosts a Wordpress installation, which almost always replies with an HTTP 301 to canonicalize the url. Here comes the weird part: Firefox (which I had almost always used before) tried to connect to the old 192.168.1.43 IP as soon as it received the 301. After fighting for half a day with rewrite rules on the server, it occurred to me that *maybe* it was a caching problem on the client side. Actually, wget and curl both do the right thing: they are redirected to the expected canonicalized URL. I tried with Falkon, which I had seldomly used with the old IP to access the server. Falkon also exhibits the caching problem, although less extensively than FIrefox (some URL forms do work, other get redirected to the old IP). Finally, I tried with Chromium, which I never used at all. It worked perfectly. To make sure I was not dreaming, I installed the "HTTP Header Live" addon in Firefox to actually see what was going on. The result left me stunned: after receiving HTTP 301, Firefox shows a redirect to https://192.168.1.43, and the redirect is dated Monday, 06 december 2021 *always*. Needless to say, doing the same thing with curl/wget reports the correct redirect URL and current date/time. I tried innumerable times to flush the DNS cache, I even stopped completely the nscd service. BTW, the fact that each application behaves differently hints at an application-level caching (I even proceeded to flush Firefox internal DNS cache), but why are they behaving this way? I have this same consistent behavior *now*, after closing/reopening the various applications innumerable times, even after several system reboots. How can this be possible. What is going on under the hood? Please help me shed some light on this behavior. Thank you in advance Cris [image: cloudHQ] https://www.free-email-tracker.com Powered by cloudHQ https://www.free-email-tracker.com
On 10/12/2021 01.40, Cristiano Guadagnino wrote:
Hi all, I am facing a weird network behavior on my Tumbleweed box. I noticed it long ago but I just thought I was doing something wrong. Anyway... I'll try to cut it short.
... Eumm... I am about to go to bed, so tired, and I did not check your email in depth, but I have an idea. Firefox has its own DNS service, doesn't use the system service, so you can get weird results. Look for "DNS over https" in settings, I think that is the name. Unset that, and try again, maybe it helps, or at least, gets you consistent results with other browsers. -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)
Hi Carlos, thank you for your reply! Il giorno ven 10 dic 2021 alle ore 03:06 Carlos E. R. < robin.listas@telefonica.net> ha scritto:
Eumm... I am about to go to bed, so tired, and I did not check your email in depth, but I have an idea. Firefox has its own DNS service, doesn't use the system service, so you can get weird results.
Look for "DNS over https" in settings, I think that is the name. Unset that, and try again, maybe it helps, or at least, gets you consistent results with other browsers.
DNS over HTTPS is disabled in Firefox (it was already, did not change it). Unfortunately, I have three different behaviors: Firefox, Falkon, the rest of the world (curl, wget, Chromium), so having consistent behavior is tougher than it might seem :-( Cris
On 2021-12-09 18:40:26 Cristiano Guadagnino wrote:
|Hi all, |I am facing a weird network behavior on my Tumbleweed box. |I noticed it long ago but I just thought I was doing something wrong. |Anyway... I'll try to cut it short.
Perhaps this will help: https://stackoverflow.com/questions/13063496/firefox-invalidate-dns-cache Leslie -- Distribution: openSUSE Leap 15.3 x86_64
HI Leslie Il giorno mar 14 dic 2021 alle ore 17:48 J Leslie Turriff < jlturriff@mail.com> ha scritto:
On 2021-12-09 18:40:26 Cristiano Guadagnino wrote:
|Hi all, |I am facing a weird network behavior on my Tumbleweed box. |I noticed it long ago but I just thought I was doing something wrong. |Anyway... I'll try to cut it short.
Perhaps this will help: https://stackoverflow.com/questions/13063496/firefox-invalidate-dns-cache
Leslie
Thank you Leslie for your reply. Invalidating Firefox' DNS cache was one of the first things that I tried. Unfortunately it didn't work: this is one of the things that makes me think there must be something really weird going on, but I cannot really imagine what it could be. Given the timespan of the problem (I'm still having the problem in Firefox and, in a lesser fashion, in Falkon) I'm led to believe it is due to an external source (my internet provider DNS resolver), but if it was so, then how is it possible that e.g. wget does not have the problem? I'm really out of ideas. Cris
Hello, Am Dienstag, 14. Dezember 2021, 20:19:05 CET schrieb Cristiano Guadagnino:
Invalidating Firefox' DNS cache was one of the first things that I tried. Unfortunately it didn't work: this is one of the things that makes me think there must be something really weird going on, but I cannot really imagine what it could be. Given the timespan of the problem (I'm still having the problem in Firefox and, in a lesser fashion, in Falkon) I'm led to believe it is due to an external source (my internet provider DNS resolver), but if it was so, then how is it possible that e.g. wget does not have the problem? I'm really out of ideas.
In your first mail, you wrote that you get a (cached) HTTP 301 redirect. HTTP redirects happen at the HTTP level, so your DNS server is innocent. I'd guess your firefox has the redirect in its content cache - after all, a 301 means "Moved Permanently". Try to delete the website content cache. Another thing I'd try is to create a new firefox profile and to test with that. I'm quite sure that the new profile won't do that redirect. Regards, Christian Boltz --
For VERBOSE - I'd tend not to enable it because it only makes the haystack bigger, without adding more needles ;-) I hear that, but sometimes you need to know where in the haystack you found the needle. But okay. [> Christian Boltz and Steve Beattie in https://gitlab.com/apparmor/apparmor/-/merge_requests/586]
participants (4)
-
Carlos E. R.
-
Christian Boltz
-
Cristiano Guadagnino
-
J Leslie Turriff