There goes an uproar when the government, of any sovereignty, initiates control of the internet of things used by its citizens. From websites restriction to placing bans, even though it starts out being for a good cause, it would always get hijacked along the way with loads of undertone to those kinds of actions.
And so the ISP is the first point of contact because if you get the source you limit the resources.
But how does this work?
Before we go down certain roads, let us get enlightened on some simple terms and terminologies for easy grasping of this concept:
A router is a device owned by an ISP (Internet Service Provider). This device reads the data sent from your device. It marks who sent it and where it is going, then it helps the data get there (like a transporter).
A Firewall is a device owned by an Internet Service Provider (ISP). Just like the security guard at an entrance, the ISP is used in restricting access to DATA coming inside its network.
The Domain Name System(DNS) is usually owned by an ISP. It possesses the location of the website(s) you visit. Likewise, if it does not know the website’s location, it will ask other DNS servers for you, on your behalf.
So back to our previous question. How does Internet Restriction Work?
Deep Packet Inspection
Your device(s) (smartphone and personal computer) package the information you send and receive online into packets of machine data. Internet Routers then read those data packets to determine what they are, who they’re from, and where they’re going.
Say, you visited an illegal website like http://winfreemoney.com.ng/, your ISP detects it as an illegal website, the ISP uses its Firewall to inspect your information and then blocks the website. So, goes for any website it tags as illegal.
Another example is the recent happening in Nigeria. Since the government finds a website called Twitter illegal, all ISPs are instructed to inspect the information (video, photo, API calls, website) and then blocks access to the webpage.
- The user is trying to reach www.twitter.com
- The firewall has been configured to drop any request to get to Twitter
- The Router knows that if any request gets to it, it can simply ask the DNS server how to get to Twitter
- Hence the user gets an error in their browser. The site does not load.
There is an 80% chance that you have a traditional name like (Seyi, Chidozie, Koffi, Kamara etc.). But you also have an English name (Taylor, Jane, Chris, etc.), one that is universally easy to pronounce and spell.
In computer networking, think of a website like “www.twitter.com” as the English name, with Twitter’s IP address “126.96.36.199” as the traditional name. Hope you get it?
The work of a DNS server is to match the “English name” of a website to the “Traditional name.” When you want to access a website like Google.com, Twitter.com, etc. on your browser, the following happens.
- Your browser packages the data (English name of the website) and sends it to your ISP via its Internet Router.
- Your ISP gives the data to its DNS server to do the matching of English name to Traditional name.
- The DNS server checks the traditional name, if it doesn’t, it will ask other DNS server friends. They are all connected.
- Your ISP sees the location of the website and then delivers it back to your browser. Now, your browser can directly access the website. It’s that simple. Note that this happens for every website you visit at a very high speed.
Now, let us say an ISP doesn’t want you to access a specific website, it simply just tells its DNS server to block the traditional name and English name of that website. Now, you can never access the website.
- In the diagram above, the user is trying to reach Twitter.com
- The router asks the DNS server how to get reach Twitter
- Since the “traditional name” of Twitter saved in its memory has been deleted, the DNS server can no longer tell how to reach Twitter.com
- Hence the user gets an error on their browser
IP Address Filtering
Hope you still remembered the traditional name and English name concept mentioned in the DNS filtering section?
The concept applies in this section too.
Say, an ISP does not want you to visit a specific traditional name, they will use their Firewall device to stand between your browser and traditional name from your device.
This is a cool technology used in a lot of small, medium & big enterprises, and also ISPs to protect their network from attackers and do other cool things.
Now you can feel like a Pro and brag about your new knowledge to your friends. Don’t forget to read more and reference where you got the information from. That’s practically how you will get more information.
Writing on Medium is my own little way of contributing to humanity while keeping my intelligence alive. By reading, the reader will learn and enjoy the writeup as we take on new journeys. I myself, will have to walk my own talk.
Donate Here: twittertwitter