The internet runs on numerical addresses… 32 bits for IP version 4, and 128 bits for version 6. Humans like text based names, especially when the names mean something to us. Every computer on the internet has a numerical address, either assigned manually by the person running the network, or automatically by DHCP (or other things for IP version 6, but we’re not going there today). If your computer/laptop/phone doesn’t have an address manually assigned, it looks for a DHCP server nearby which will assign it something, along with a bunch of other appropriate network settings that it should know.
One of those settings is a DNS server or a few of them. DNS converts site names to the numerical address for it, and it’s an essential internet service which every provider is expected to offer, either directly or borrowing someone else’s service on behalf of their customers. Normally the way it works is your router will request DHCP from your ISP, and then your PC/laptop/phone will request DHCP from your router and the DNS servers get passed along, or the router will provide itself as a DNS server and act as a relay to your ISP’s assignments so that everyone can get DNS service. What’s important is that your PC/laptop/whatever gets DNS servers in that DHCP message. It really is essential to the internet.
But yes, for whatever reason, your ISP has put in rules to their DNS server that a lookup for your porn web site (i’ll imagine porn.example.com for the sake of this post) will fake a does-not-exist response. Unable to look up the numerical address of porn.example.com, you can’t visit it.
The solution, as you’ve pointed out, is to use a different DNS server with no such rule. Yes, that’s google’s. They’re providing correct answers to queries and you get the numerical address of your porn site just fine.
DNS is like a phone book – you use it to look up the IP address of a webserver when all you have is the url.
So if you want to go to www.reddit.com, you ask your DNS provider to give you the IP address of the reddit.com server, and use that address to connect (all in the background).
Most folks use DNS provided by their ISP – which means that the ISP can simply refuse to give you the IP address of specific sites. Changing the DNS means querrying a different server, which can give you results you would not otherwise get.
The Domain Name System is kind of like a phone book of the Internet. Users want to use words and names to refer to services and will enter the domain name of the service they want to use. But the computers will instead of numbers and therefore require the numbered Internet address of the service. So when a user enters a domain the computer use DNS to find the IP address of the service and then send the request to that address.
In a lot of cases it is inconvenient to configure network settings on all computers in a network. They need things like an address, a gateway, netmask, etc. And they need to know the address of the DNS server to use. In order to configure all this we use DHCP. When a computer connects to a network it will send out a DHCP request asking for the network settings. This request never leaves the local network and usually the router is configured to answer these DHCP requests.
Most ISPs set up their own DNS servers in the routers they ship. And they provide the address of their DNS servers in the configuration guide for those who set up their own routers. A common way to block traffic in a relatively soft way is to refuse to serve DNS responses for those domains. This is kind of like providing phone books with certain entries removed. You can still send traffic to the addresses, it is just that you can not look up the address if you only have the domain name.
It have become common for governments to require that ISPs do block certain entries in their DNS servers. This is most common with child pornography sites but some governments require this for distributors of copyrighted material as well. I have not yet heard of legal porn being blocked though but it would not surprise me. This is however a relatively soft way to block traffic. A lot of these filters even redirect you to a site explaining why the content is blocked, although this does not work well with HTTPS. It is seen as a way to prevent accidental exposure to certain content. But it is easy to circumvent if you know how to, or know how to look it up.
A select few authoritarian governments actually block traffic, not just the DNS requests. This is much harder to circumvent but not impossible.
so, computers work with IP addresses, like 192.168.10.18 (for the older IP4 system), or 2001:db8:85a3::8a2e:370:7334 (for the newer IP6 system).
Now, as you can see, those can be a *bitch* to type in correctly and check if you got right. So, we use something called “URLs” (Uniform Resource Locator), which is the “www . google. com” you type in.
DNS, the Domain Name Service, is the way we link the human readable URLs to the machine readable IP address. Your computer basically goes and asks a DNS service “who is [www.google.com](http://www.google.com)?” and that DNS sends back “they are ip address 8.8.8.8”, and then your computer now knows where to route your messages to.
So, what your ISP has done is set themselves up as the default DNS server for you, so they can check where your trying to get to, and block what they deem “unacceptable”. what you’ve done is bypass that “forcing” your computer to use a different DNS server, which doesn’t have those restrictions.
DHCP, Dynamic Host Configuration Protocol, is something mostly unrelated, its for automated assignment of an IP address from a set range without having to manually type it into the PC. basically they just ask a local server for a IP address and get told one they can use.
Every computer on a network has a unique numerical address called IP address. IP address (version 4 specifically, which is most common today) is represented as a series of four numbers, like [151.101.193.140](https://151.101.193.140).
DNS (Domain Name System) was invented to translate a more human-friendly name like [www.reddit.com](https://www.reddit.com) (the domain name) to the IP address above. It’s often described as like a phone book, a lookup table to translate memorable names into hard-to-remember numbers.
When you type that domain name in your browser, your computer is making requests to one or more DNS servers in series to determine the IP address of the web server you need to talk to. Which DNS server your computer asks first is part of the network configuration of the device.
DHCP (Dynamic Host Configuration Protocol) is a mechanism for a gateway device (eg. a network router) to provide network configuration details to computers that want to connect to it. Usually DHCP is used to assign an IP address to a computer, and the rules by which those IPs will be assigned. But DHCP can also be used to specify a default DNS server that can be used by the connected computers.
Some organisations (schools, companies, ISPs, governments etc) use that mechanism to block certain websites. It’s like handing you a custom phone book where they’ve crossed out the entry for John Smith’s phone number, so if you try calling him you can’t look up what his number is. Or they change the phone number to connect you to a machine that just has a recording that says “Sorry, you’re not allowed to talk to John Smith. Contact your phone company if that’s a problem.” They aren’t blocking the website so much as modifying the DNS records to prevent your computer looking up how to connect to it.
When you specify a custom DNS server on your device, you are overriding the default DNS server configured in the router’s DHCP settings, which is probably set to DNS servers operated by your ISP. You may also just be able to configure DHCP in your router to use a different DNS server, so all devices will use that custom configuration by default instead of having to configure each device separately.
Latest Answers