ChickenRun
26-11-2019, 06:24 PM
Sick and tired of all the various threads that complain about various sites being unable to access, so here's a quick primer on how the internet works.
Imagine you are at Expo, and somehow halls 4, 5 and 6 have been linked into one giant hall. The hall is filled with desks and chairs, like some school exam. You sit at one desk. You cannot talk to anyone else in the hall, but you can pass messages to the people right next to you, in front and behind you.
Your position in the hall (e.g. row 10, seat 10) is similar to what we call an IP address. Everyone in the hall has a unique position, and similarly everyone on the internet has a unique IP address. (Well some people don't, but let's not go there and complicate things.)
Your name is similar to what we call a domain name. Examples of domain names are google.com (not www.google.com), singtel.com.sg, sbf.net.nz. These are names that are easy to remember, but do not give any information on your position at all.
Now say you want to send a message to a friend (e.g. Tan Ah Kow) who is in the hall, but you have no idea where he is. However, there is a person (e.g. row 100 seat 100, nobody cares about his name, but everyone asks him for other people's positions anyway) designated in the hall to keep track of where everyone is. Also, everyone knows the exact position of this person in the hall. This person is like what we call a DNS server.
So, you write down on a piece of paper, "To: row 100 seat 100, From: row 10, seat 10, Message: Please tell me where Tan Ah Kow is". You then pass this paper to your neighbour, and he will pass it on to his neighbour, until it reaches row 100 seat 100. This poor bastard then looks up his record books, finds Tan Ah Kow's position, and sends this message to his neighbour:"To: row 10 seat 10, From: row 100, seat 100, Message: Tan Ah Kow is at row 50, seat 50".The message finds its way back to you, and now you can send messages to your friend, because you now know where he is.
This is basically how the internet works. There are a few points to note:
1. Without the DNS, nobody knows where anyone is, and no messages can be passed along. (in general)
2. Your message is in plain view of everyone who passes the message along. This is called an unencrypted connection.
3. Everyone who sees the message knows which position sent it, and which position it is going to.
Now, every internet service provider (ISP) in Singapore runs their own DNS. Normally, you will send the position requests to them. The government regulates what positions they are able to reply to you, and what they cannot. So, even though you know that some sites exist e.g. this forum, thisav.com etc, if the DNS doesn't tell you the position, you cannot send messages to them, they cannot send messages back to you, and you cannot surf these sites.
To get around this, you have to use other DNS that is not regulated by the government, i.e. Google DNS (8.8.8.8) or Cloudflare DNS (1.1.1.1). This solves point 1 above. Basically, instead of using row 100 seat 100, you use some other DNS e.g. row 400 seat 400 that the government cannot regulate.
To tackle point 2, we have what is called an encrypted connection. This is commonly done using https. Basically, you and your friend make a code that only the two of you know. Then, you code your messages so that even though people along the way know the two of you are communicating, nobody can understand what the message is.
Point 3 is where VPNs come into play. Because you don't want people to know who you are sending messages to, you get a middle man to do it. Instead of sending a message to Tan Ah Kow directly, you employ your VPN man, Sam Leong. He gives you a code that only he knows how to read, and his position. You write your coded message and send it to him. Everyone along the way knows you are sending Sam Leong a message, but nobody can understand what it says.
When Sam receives the message, he decrypts it and sends the plain message to Tan Ah Kow. Tan Ah Kow replies to him, but nobody knows that it is actually you who is sending the message. Sam receives his reply, encrypts it, and sends it back to you. Only you are able to decrypt the message.
I hope with this, we will see less threads of people asking why this/that site suddenly cannot access, and will not confuse DNS with VPN anymore.
Imagine you are at Expo, and somehow halls 4, 5 and 6 have been linked into one giant hall. The hall is filled with desks and chairs, like some school exam. You sit at one desk. You cannot talk to anyone else in the hall, but you can pass messages to the people right next to you, in front and behind you.
Your position in the hall (e.g. row 10, seat 10) is similar to what we call an IP address. Everyone in the hall has a unique position, and similarly everyone on the internet has a unique IP address. (Well some people don't, but let's not go there and complicate things.)
Your name is similar to what we call a domain name. Examples of domain names are google.com (not www.google.com), singtel.com.sg, sbf.net.nz. These are names that are easy to remember, but do not give any information on your position at all.
Now say you want to send a message to a friend (e.g. Tan Ah Kow) who is in the hall, but you have no idea where he is. However, there is a person (e.g. row 100 seat 100, nobody cares about his name, but everyone asks him for other people's positions anyway) designated in the hall to keep track of where everyone is. Also, everyone knows the exact position of this person in the hall. This person is like what we call a DNS server.
So, you write down on a piece of paper, "To: row 100 seat 100, From: row 10, seat 10, Message: Please tell me where Tan Ah Kow is". You then pass this paper to your neighbour, and he will pass it on to his neighbour, until it reaches row 100 seat 100. This poor bastard then looks up his record books, finds Tan Ah Kow's position, and sends this message to his neighbour:"To: row 10 seat 10, From: row 100, seat 100, Message: Tan Ah Kow is at row 50, seat 50".The message finds its way back to you, and now you can send messages to your friend, because you now know where he is.
This is basically how the internet works. There are a few points to note:
1. Without the DNS, nobody knows where anyone is, and no messages can be passed along. (in general)
2. Your message is in plain view of everyone who passes the message along. This is called an unencrypted connection.
3. Everyone who sees the message knows which position sent it, and which position it is going to.
Now, every internet service provider (ISP) in Singapore runs their own DNS. Normally, you will send the position requests to them. The government regulates what positions they are able to reply to you, and what they cannot. So, even though you know that some sites exist e.g. this forum, thisav.com etc, if the DNS doesn't tell you the position, you cannot send messages to them, they cannot send messages back to you, and you cannot surf these sites.
To get around this, you have to use other DNS that is not regulated by the government, i.e. Google DNS (8.8.8.8) or Cloudflare DNS (1.1.1.1). This solves point 1 above. Basically, instead of using row 100 seat 100, you use some other DNS e.g. row 400 seat 400 that the government cannot regulate.
To tackle point 2, we have what is called an encrypted connection. This is commonly done using https. Basically, you and your friend make a code that only the two of you know. Then, you code your messages so that even though people along the way know the two of you are communicating, nobody can understand what the message is.
Point 3 is where VPNs come into play. Because you don't want people to know who you are sending messages to, you get a middle man to do it. Instead of sending a message to Tan Ah Kow directly, you employ your VPN man, Sam Leong. He gives you a code that only he knows how to read, and his position. You write your coded message and send it to him. Everyone along the way knows you are sending Sam Leong a message, but nobody can understand what it says.
When Sam receives the message, he decrypts it and sends the plain message to Tan Ah Kow. Tan Ah Kow replies to him, but nobody knows that it is actually you who is sending the message. Sam receives his reply, encrypts it, and sends it back to you. Only you are able to decrypt the message.
I hope with this, we will see less threads of people asking why this/that site suddenly cannot access, and will not confuse DNS with VPN anymore.