How blocking works
How does internet blocking work?
How does IP blocking work?
When you enter a URL, the device uses a service called DNS to translate the URL into an IP address. However, an internet service provider can set up a firewall that blocks connections to specific IP addresses.
IP blocking is a more thorough system than DNS blocking (which blocks the URL to IP translation) as it can’t be bypassed by switching the DNS service. Both methods rely on having access to someone in the loop of communication between the user and website to work. States accomplish this by making ISPs or whoever controls the local internet backbone infrastructure do the blocking.
How does DNS blocking work?
DNS is like a phonebook that translates URLs (e.g., www.google.com) into IP addresses (e.g., 8.8. 8.8. 8.8). IP addresses are what devices actually use to communicate on the internet - even you have one. But since random numbers are hard to remember, we have a DNS service handle the translating from one into the other. But with a DNS block in place, the DNS service doesn’t give out an IP address when asked about a blocked URL. In some cases, it may even give an IP that will route users to a website set up by the authorities to warn them of their wrongdoing.
DNS-blocking relies on having access to someone in the chain of communication between the user and website to work. For states, this means demanding that local ISPs modify their DNS databases. However, DNS blocking is one of the easiest methods to overcome, as users with the barest minimum of technical knowledge can change the DNS address on their device.
How does deep packet inspection (DPI) work?
This content blocking measure is very costly, as the firewall has to check all of the data the user is sending or receiving. State actors employ them by forcing ISPs to implement firewalls that can carry out DPI tasks or by enforcing these controls at the local internet backbone infrastructure.
How does HTTP-based blocking work?
This is one of the cheapest and most ubiquitous methods to implement. It is also one of the easiest censorship methods to circumvent.