DNS over HTTPS causes long buffering in YouTube
Categories
(Core :: Networking: HTTP, defect, P1)
Tracking
()
People
(Reporter: cj65535, Assigned: kershaw)
References
(Blocks 1 open bug)
Details
(Whiteboard: [necko-triaged][necko-priority-queue])
Attachments
(3 files)
346.45 KB,
image/jpeg
|
Details | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
phab-bot
:
approval-mozilla-beta+
dmeehan
:
approval-mozilla-esr115+
|
Details | Review |
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0
Steps to reproduce:
Set "DNS over HTTPS" to "Max Protection", using Cloudflare as a provider, then hard-refresh any video on youtube.
Sometimes it works with default or increased protection, but max protection is the only way it's 100% consistent
Actual results:
There's a consistent 10+ second delay compared to not using DNS over HTTPS. Sometimes it's 30 seconds, sometimes it's more.
In addition to that, the video will keep sometimes freeze at the 20 second mark for a while.
In the network monitor, I see a lot of "NS_Binding_Aborted" for "videoplayback?[...]" which are otherwise absent when DNS over HTTPS is disabled. (See attached screenshot)
Expected results:
The video loads nearly instantly and doesn't pause at the 20 second mark when DNS over HTTPS is completely disabled. This should be the normal behavior
Comment 1•1 month ago
|
||
The Bugbug bot thinks this bug should belong to the 'Core::Networking' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.
Thanks a lot for this report! I started having this problem with YouTube about a week ago. I tried many different things, including using a fresh user profile, rolling back to an older Firefox version, disabling hardware acceleration and different decoders in about:config, but nothing helped. Turning off secure DNS completely fixed it! I can confirm that any of the 3 protection options (using either Cloudflare or NextDNS) breaks YouTube. It causes a very long delay when it tries to load ads at the beginning of a video.
Comment 3•1 month ago
|
||
I've been unable to reproduce this locally. Can you check this in a new profile (via about:profiles)?
If it reproduces with a new profile, can you take a network log from about:logging, download the log/profile, and send it to necko@mozilla.org? (you'd probably need to put it somewhere like dropbox, since logs can be large.
If it doesn't reproduce in a new profile, can you check if it's being caused by an extension? (Temporarily disable all extensions).
You can also check what settings you've modified, to see if they're causing it. (You can to about:support and check "Important Modified Preferences"; you can also go to about:config and show only modified preferences, though note a ton of them are modified by the browser itself as part of normal operation, but if you changed any about:config preferences by hand they should show up there.
Thanks!
(In reply to Randell Jesup [:jesup] (needinfo me) from comment #3)
If it reproduces with a new profile, can you take a network log from about:logging, download the log/profile, and send it to necko@mozilla.org? (you'd probably need to put it somewhere like dropbox, since logs can be large.
I tried with a new profile, and I could reproduce it consistently. I tried on my laptop as well. The only setting I changed was setting the DNS over HTTPS setting to strict + Cloudflare
However, when I tried in a sandbox instance of Windows, I could not reproduce it. I am not sure if it has anything to do with the way sandbox works or not.
I tried to send you the email, but it couldn't get delivered, it says "Your message wasn't delivered to necko@mozilla.org because the address couldn't be found, or is unable to receive mail. ". I tried sending the log as an attachment (~8mb) and as a google drive link as well, but neither worked. I use Gmail if that helps.
If it doesn't reproduce in a new profile, can you check if it's being caused by an extension? (Temporarily disable all extensions).
Just out of curiosity, I tried installing and enabling Ublock Origin and Privacy Badger in the sandbox instance, and I still couldn't reproduce the issue.
You can also check what settings you've modified, to see if they're causing it. (You can to about:support and check "Important Modified Preferences"; you can also go to about:config and show only modified preferences, though note a ton of them are modified by the browser itself as part of normal operation, but if you changed any about:config preferences by hand they should show up there.
I assume this is no loger relevant, but I still checked, and there didn't seem to be anything of importance.
Assignee | ||
Comment 5•1 month ago
|
||
Sorry, the correct email address is necko@mozilla.com
Could you send the log again?
Thanks.
(In reply to Kershaw Chang [:kershaw] from comment #5)
Sorry, the correct email address is necko@mozilla.com
Could you send the log again?
Thanks.
Log sent
I also couldn't reproduce it in a virtual machine. That's why I initially thought it has something to do with hardware acceleration, which is false. But now I see why it worked fine there. For some reason, the DNS provider list for max and increased protection on the VM is empty, so I guess it just never uses secure DNS even for default protection.
I think I found a possible reason for this issue. My provider doesn't support IPv6. If I connect using my phone (IPv6 is supported by my mobile carrier), it fixes the problem even when using "max protection" for secure DNS. I was able to reproduce the problem with 2 different ISPs that don't support IPv6. First using Firefox 127 on Windows 10 and second using Firefox ESR 115.12 on Windows 7.
In all cases I used a new profile with all about:config settings in the default state and no extensions installed. Default protection is not 100% reproducible, only max protection is.
Comment 9•1 month ago
|
||
I had DNS over HTTPS enabled through Increased Protection and was having the buffer logo show up, and a refresh usually resolved it instantly. It would happen on many videos but not all.
I tried Quad9 and NextDNS and they both had issues.
Disabling DNS over HTTPS or using the Default Protection resolved the buffering issues.
Assignee | ||
Comment 10•1 month ago
|
||
Hi Reporter,
Could you try to download this test build and see if you can still reproduce this issue? If yes, could you try to get a http log again?
Thanks.
Assignee | ||
Comment 11•1 month ago
|
||
For those without IPv6 support, please go to about:config
and enable the preference network.http.http3.retry_different_ip_family
. Then, check if this issue still persists.
Thank you.
Reporter | ||
Comment 12•1 month ago
|
||
(In reply to Kershaw Chang [:kershaw] from comment #10)
Hi Reporter,
Could you try to download this test build and see if you can still reproduce this issue? If yes, could you try to get a http log again?
Thanks.
I tried the build, and it worked flawlessly. I hard-refreshed a couple dozen times and it didn't fail a single time.
For those without IPv6 support, please go to about:config and enable the preference network.http.http3.retry_different_ip_family. Then, check if this issue still persists.
I did that with a new profile using version 127.0.1 . Max Protection seemed to fail less frequently, but it was still like a 50% success rate. Do you need a network log for this as well ?
Assignee | ||
Comment 13•1 month ago
|
||
I did that with a new profile using version 127.0.1 . Max Protection seemed to fail less frequently, but it was still like a 50% success rate. Do you need a network log for this as well ?
Yeah, a networking log would be very helpful. Thank you.
Assignee | ||
Comment 14•1 month ago
|
||
Updated•1 month ago
|
Assignee | ||
Updated•1 month ago
|
Updated•1 month ago
|
Assignee | ||
Comment 15•1 month ago
|
||
This is what happened based on the log:
- We created an HTTP/3 connection to the YouTube site with the IPv6 address, but the connection couldn't be established because IPv6 is not supported.
- We started another fallback connection.
- The fallback connection wasn't used because our
SpeculativeTransaction
only considers NS_BASE_STREAM_CLOSED as a success. Since theSpeculativeTransaction
was closed with NS_OK here, the transaction didn't consider this fallback connection as successful.
Updated•1 month ago
|
Reporter | ||
Comment 16•1 month ago
|
||
(In reply to Kershaw Chang [:kershaw] from comment #13)
I did that with a new profile using version 127.0.1 . Max Protection seemed to fail less frequently, but it was still like a 50% success rate. Do you need a network log for this as well ?
Yeah, a networking log would be very helpful. Thank you.
Here's a link with two logs https://we.tl/t-SXzZXUWxpS (the link expires in 7 days)
Comment 17•1 month ago
|
||
Pushed by kjang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/149729a2c3ba Make sure fallback connection work, r=necko-reviewers,jesup
Comment 18•1 month ago
|
||
This is affecting Google Drive too, since its video player uses the YouTube infrastructure in different ways.
Please upload a small MP4 video to Google Drive and try playing it to test if your patch fixes it too.
Assignee | ||
Comment 19•1 month ago
|
||
Original Revision: https://phabricator.services.mozilla.com/D215016
Updated•1 month ago
|
Comment 20•1 month ago
|
||
beta Uplift Approval Request
- User impact if declined: Youtube videos may stall
- Code covered by automated testing: yes
- Fix verified in Nightly: yes
- Needs manual QE test: no
- Steps to reproduce for manual QE testing: N/A
- Risk associated with taking this patch: Low
- Explanation of risk level: This patch only adds another check for the close reason.
- String changes made/needed: N/A
- Is Android affected?: yes
Assignee | ||
Comment 21•1 month ago
|
||
Comment on attachment 9409874 [details]
Bug 1904168 - Make sure fallback connection work,
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: Youtube videos may stall
- User impact if declined: Youtube videos may stall
- Fix Landed on Version: 129
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This patch is very straightforward.
Comment 22•1 month ago
|
||
bugherder |
Updated•1 month ago
|
Updated•1 month ago
|
Comment 23•1 month ago
|
||
uplift |
https://hg.mozilla.org/releases/mozilla-beta/rev/bc83c839682f
Updated•1 month ago
|
Comment 24•1 month ago
|
||
Clearing tracking request added for Fx127, this will ride the train with Fx128
Comment 25•1 month ago
|
||
Comment on attachment 9409874 [details]
Bug 1904168 - Make sure fallback connection work,
Approved for 115.13esr.
Comment 26•1 month ago
|
||
uplift |
https://hg.mozilla.org/releases/mozilla-esr115/rev/50b824509129
Updated•1 month ago
|
Comment 27•1 month ago
|
||
https://hg.mozilla.org/releases/mozilla-esr115/rev/d80101c053542194d169cfb69802e650748c7f75
Backed out of ESR115 for causing build failures (also backed out Bug 1878510 and Bug 1900191)
Push: https://treeherder.mozilla.org/jobs?repo=mozilla-esr115&revision=50b824509129bc83debf5203ca0817163aa1074f
Example: https://treeherder.mozilla.org/logviewer?job_id=464303443&repo=mozilla-esr115&lineNumber=12291
Updated•1 month ago
|
Assignee | ||
Comment 28•1 month ago
|
||
Hi, could you reland the patch in this bug?
The build failure should not be caused by this one. Thanks.
Comment 30•1 month ago
|
||
uplift |
https://hg.mozilla.org/releases/mozilla-esr115/rev/4f55e14dce55
Updated•1 month ago
|
Updated•1 month ago
|
Updated•26 days ago
|
Description
•