![A stick figure smiling](/images/welcome.jpg)
Here's a preview from my zine, How DNS Works! If you want to see more comics like this, sign up for my saturday comics newsletter or browse more comics!
![Image of a comic. To read the full HTML alt text, click "read the transcript".](/images/uploads/resolvers-can-lie.png)
read the transcript!
When a resolver gets a DNS query, it has 2 options:
Illustration of a resolver, represented by a box with a smiley face holding a magnifying glass.
resolver: I could tell you what the authoritative nameservers, said… or I could LIE!
block ads / malware
Illustration of conversation between a resolver and a a browser, represented by the Firefox logo of a fox wrapped around a globe
browser: what’s the IP for doubleclick.net?
(ad domain, definitely exists)
resolver: that domain doesn’t exist
PiHole blocks ads this way.
reason to lie: to show you ads (rude!)
browser: what’s the IP for zzz.jvns.ca?
(doesn’t exist)
resolver: here’s an IP that will show you ads!
This is called “DNS hijacking”.
reason to “lie”: internal domain names
browser: what’s the IP for corp.examplecat.com?
(doesn’t exist on the public internet)
corporate resolver: here’s an internal IP address!
reason to lie: airport DNS resolvers sometimes lie
browser: what’s the IP for google.com?
airport resolver: you didn’t log in yet so I will lie! here is our login page’s IP!
how does your computer know which resolver to use?
When you connect to a network, the router tells your computer which search domain and resolver to use (using DHCP).
Illustration of a router, represented by a box with antennae and a smiley face
router: 192.168.1.1 search domain: lan
Saturday Morning Comics!
Want another comic like this in your email every Saturday? Sign up here!