Bug 84994

Summary: Mozilla keeps stale DNS to IP lookup
Product: [Retired] Red Hat Linux Reporter: Edward J. Huff <ejhuff>
Component: mozillaAssignee: Christopher Blizzard <blizzard>
Status: CLOSED WONTFIX QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.3   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2003-02-25 19:38:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Edward J. Huff 2003-02-24 19:24:07 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Description of problem:
When a site moves to a new IP number, it is necessary to exit
Mozilla in order to access the site.  Otherwise, the old IP number
is used and if the web server there is still running, you get
stale web pages or error messages.

Mozilla should honor the expiration time specified by DNS and
redo the lookup if the IP number is stale.


Version-Release number of selected component (if applicable):

rpm -q mozilla
mozilla-1.0.1-2.7.3

How reproducible:
Always

Steps to Reproduce:
1.Set up two web servers on different IP addresses.
2.Make foo.bar.com point to IP #1 with 1 hour expiration.
3.Access foo.bar.com using Mozilla
4.Change foo.bar.com's IP number to IP #2, and wait an hour or two.
5.Reload page foo.bar.com, see the page from IP #1.
6.Exit from Mozilla, restart, access foo.bar.com, see page from IP #2.


Actual Results:  Mozilla caches DNS lookups forever.

Expected Results:  Mozilla should cache DNS lookups with expiration dates.

Additional info:

This has happened to me twice.  It can be very mysterious,
especially if you don't specify -n on tcpdump.

Webmasters can't figure out what is wrong.  It took me
a while to recognize the problem the second time, but
watching with tcpdump -n made it clear.
Comment 1 Christopher Blizzard 2003-02-25 19:38:31 UTC 
Actually, this is entirely up purpose.  One possible attack vector for stealing
someone's form information is to change the IP address in between DNS lookups. 
This is why the name -> address information is pinned down.