Here's a preview from my zine, How DNS Works! If you want to see more comics like this, sign up for my saturday comics newsletter or browse more comics!
read the transcript!
When a resolver gets a DNS query, it has 2 options:
Illustration of a resolver, represented by a box with a smiley face holding a magnifying glass.
resolver: I could tell you what the authoritative nameservers, said… or I could LIE!
block ads / malware
Illustration of conversation between a resolver and a a browser, represented by the Firefox logo of a fox wrapped around a globe
browser: what’s the IP for doubleclick.net?
(ad domain, definitely exists)
resolver: that domain doesn’t exist
PiHole blocks ads this way.
reason to lie: to show you ads (rude!)
browser: what’s the IP for zzz.jvns.ca?
(doesn’t exist)
resolver: here’s an IP that will show you ads!
This is called “DNS hijacking”.
reason to “lie”: internal domain names
browser: what’s the IP for corp.examplecat.com?
(doesn’t exist on the public internet)
corporate resolver: here’s an internal IP address!
reason to lie: airport DNS resolvers sometimes lie
browser: what’s the IP for google.com?
airport resolver: you didn’t log in yet so I will lie! here is our login page’s IP!
how does your computer know which resolver to use?
When you connect to a network, the router tells your computer which search domain and resolver to use (using DHCP).
Illustration of a router, represented by a box with antennae and a smiley face
router: 192.168.1.1 search domain: lan
Saturday Morning Comics!
Want another comic like this in your email every Saturday? Sign up here!
