Skip to Content

A stick figure smiling

Here's a preview from my zine, How DNS Works! If you want to see more comics like this, sign up for my saturday comics newsletter or browse more comics!

Image of a comic. To read the full HTML alt text, click "read the transcript".

browse more comics! get the zine!
read the transcript!

When a resolver gets a DNS query, it has 2 options:

Illustration of a resolver, represented by a box with a smiley face holding a magnifying glass.

resolver: I could tell you what the authoritative nameservers, said… or I could LIE!

block ads / malware

Illustration of conversation between a resolver and a a browser, represented by the Firefox logo of a fox wrapped around a globe

browser: what’s the IP for
(ad domain, definitely exists)
resolver: that domain doesn’t exist

PiHole blocks ads this way.

reason to lie: to show you ads (rude!)

browser: what’s the IP for
(doesn’t exist)
resolver: here’s an IP that will show you ads!

This is called “DNS hijacking”.

reason to “lie”: internal domain names

browser: what’s the IP for
(doesn’t exist on the public internet)
corporate resolver: here’s an internal IP address!

reason to lie: airport DNS resolvers sometimes lie

browser: what’s the IP for
airport resolver: you didn’t log in yet so I will lie! here is our login page’s IP!

how does your computer know which resolver to use?

When you connect to a network, the router tells your computer which search domain and resolver to use (using DHCP).

Illustration of a router, represented by a box with antennae and a smiley face

router: search domain: lan

Saturday Morning Comics!

Want another comic like this in your email every Saturday? Sign up here!

I'll send you one of my favourite comics from my archives every Saturday.
© Julia Evans 2024 | All rights reserved (see the FAQ for notes about licensing)