![\"\"](\"https:\/\/kera.name\/articles\/wp-content\/uploads\/2007\/09\/firefox.png\" "\\"Firefox")
I'm sitting on a large University network, over which all HTTP access must be routed through a proxy server. The proxy server performs load balancing, content filtering, virus scan injection on certain content types and the like, and connections cannot be made to remote port 80 through the network without using it.<\/p>\n
This isn't a problem as long as you configure your web browser (and any other web client) to make HTTP requests through the proxy.<\/p>\n
Now, recently I noticed that my Firefox 3.0.6 had developed an irritating tendency to briefly hang upon connecting to certain websites. I couldn't observe a noticeable pattern in which sites were affected, but it seemed to be a pretty consistent problem. The little hangs were hindering my workflow by introducing multi-second wait times during general use of the web.<\/p>\n
However I eventually developed a theory which \u2014 directly or indirectly \u2014 might lead to a nice solution.<\/p>\n
My theory is based on the notion of the University's HTTP proxy being horrendously overloaded, which is already clearly evident in its general performance. Dropped connections and temporary unavailability of sites are fairly common, especially in the early evening when Nottingham's 10,000 students on campus get home from Uni and start scouring the net before dinner.<\/p>\n
It's not a stretch to suggest that any DNS lookups performed by the same server might be somewhat latent. Where do DNS lookups come into it? Observe.<\/p>\n
<\/p>\n
Take a typical HTTP v1.1 GET request, without using an HTTP proxy.<\/p>\n
The browser first determines the IP address associated with GET http:\/\/www.google.com\/search?q=lolphin HTTP\/1.1 The fully qualified path is included in the request to allow for server virtualisation; these days one IP address may host many different sites with different domains, so the domain name must be sent in the request to make clear to the server which domain name was entered by the user.<\/p>\n When an HTTP proxy is used the request is the same, but instead of connecting to the IP address obtained by resolving The HTTP proxy receives the request, performs the DNS lookup itself and performs the steps required to retrieve the webpage just as if it were a normal web client sending a typical request.<\/p>\n But that lookup performed by the proxy server is the clincher. Because the University proxy here is so overwhelmed by traffic and presumably runs on inadequate hardware, it takes longer than usual for the DNS lookup to be performed.<\/p>\n This might manifest simply as an added delay in connection times when retrieving webpages through the proxy, but apparently Firefox 3.0.6 hangs whilst waiting for a response from a proxy. The result is several seconds of wait time, during which Firefox becomes unresponsive.<\/p>\n (I have no actual evidence for this other than my own experience; if anyone fancies poring through Bugzilla and finding any relevant extant bug report please leave a comment on this article.)<\/p>\n <\/p>\n One way around this problem is to prevent the HTTP proxy from having to perform the DNS lookup at all.<\/p>\n Notice that in the HTTP request we specify the domain name of the website twice: in the URL; and in the "Host" directive. The proxy [should] resolve the domain found in the URL (not the "Host" directive, which is purely information for the web server), but if this domain is actually already an IP address then no lookup is necessary.<\/p>\n GET http:\/\/123.45.678.90\/search?q=lolphin HTTP\/1.1 The "Host" directive is left untouched so the web server still knows what domain name we want to access.<\/p>\n Unfortunately Firefox itself doesn't provide a way to force this behaviour; Firefox always<\/i> performs DNS lookups through a proxy server if you've defined one.<\/p>\n Update:<\/b> It's a known bug [1] \u2014 apparently relevant only when using an automatic proxy configuration file (".pac") \u2014 that's being tracked [2]. It seems the lookups in the PAC specifically are the problem; these are what Firefox uses to determine what proxy server to use based on the requested site's address.<\/p>\n In the meantime the problem can be alleviated by entering proxy details directly in the "Manual Proxy Configuration" area; this is not a robust solution as any changes to the network configuration could render your manual configuration obsolete. However it will prevent proxied lookups from blocking the browser's main thread, which causes a momentary hang.<\/p>\n [1] http:\/\/kb.mozillazine.org\/Firefox_hangs<\/a><\/a> I explore the foibles of DNS lookups with proxy servers in Firefox 3, and try to determine why they cause my browser to hang intermittently.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[40,9,16],"_links":{"self":[{"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/posts\/392"}],"collection":[{"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/comments?post=392"}],"version-history":[{"count":5,"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/posts\/392\/revisions"}],"predecessor-version":[{"id":397,"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/posts\/392\/revisions\/397"}],"wp:attachment":[{"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/media?parent=392"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/categories?post=392"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kera.name\/articles\/wp-json\/wp\/v2\/tags?post=392"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}www.google.com<\/code> with a DNS lookup (or possibly a cache hit). It then connects to the server at that IP address on port 80 and sends something like the following:<\/p>\n
\nHost: www.google.com
\nConnection: close<\/p><\/blockquote>\nwww.google.com<\/code> a client connects to the IP address of the desired proxy server. It may need to resolve a domain like myproxy.mynetwork.com<\/code> to get that IP address, but it never resolves the IP address of www.google.com<\/code><\/i> in this scenario. It doesn't need to.<\/p>\n
\nHost: www.google.com
\nConnection: close<\/p><\/blockquote>\n
\n
\n[2] https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=235853<\/a><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"