English فارسی Suomi
Français Nederlands Translate

Circumvention Tools

CircumventionTools: HowTheNetWorks

How the Internet Works

The Internet is a decentralized worldwide network of computer networks. Although many people use the terms "the Internet" and "the Web" interchangeably, the Internet is the physical connection of computer networks together with certain methods of communication. The Web is one of many ways of communicating using the Internet. You can also use the Internet for e-mailfile sharing, Usenet news, and chat.

Connecting to the Internet

The easiest way to use the Web is often to find a local Internet café or telecenter that provides Web access. If you need to set up our own computer with an Internet connection, you would, typically, open an account with an Internet Service Provider (ISP). You may need some extra equipment, such as a modem or a router, to enable your computer to connect with the ISP.

The ISP in turn may purchase its own Internet access from a national provider (unless it is a branch of a national provider). National providers may similarly receive their connection from one of the multinational companies that maintain and operate the servers and connections that are called the backbone of the Internet. The backbone is made up of major server installations at critical points, and global connections between them via fiber optic cables and satellites. These connections enable communications between Internet users in different countries and continents. National and international providers connect to this backbone through special routers known as gateways, which are  connections that allow one network to communicate with another. Gateways, just like other routers, may be a point at which Internet traffic is monitored or controlled.

When you connect to the Internet, your computer is normally assigned a numeric IP address, which can be written as four numbers in the range 0-255, separated by dots. Like a postal address, it uniquely identifies a single computer on the Internet. Depending on your Internet Service Provider, your computer may be assigned different IP addresses at different times that it connects to them. All Web sites and Web servers also have IP addresses. For example, the IP address of www.frontlinedefenders.org is 217.173.101.253.

Visiting a Web site

When you want to visit a Web site, you normally type the "name" of the Web site into your browser and not the IP address. For example, to access the Frontline Web site you would type in http://www.frontlinedefenders.org instead of 217.173.101.253. The name of the Web site is also called the domain or domain name.

After you type the domain name into the browser, your computer sends a message with this name to the Domain Name System (DNS). This system consists of dedicated computers on the Internet that translate names into IP addresses. The DNS means that you need to remember only the Web site's name rather than a complex string of numbers. After the DNS server translates the domain name into an IP address, it shares that information with your computer.

Now your computer can try to connect to the Web site using its IP address. A path from your computer to the destination Web site must be found. This path may travel through countries, oceans and space; it could be thousands of miles long and could pass through numerous computers. How does it know which way to go, when there are hundreds of millions of different Web sites? The task of directing your message to the Web site (and back) is performed by routers, and the process is known as routing.

For our purposes, it's worth noting that routers can be given simple instructions on how to behave and can be used as a tool for censorship. Any router can be manipulated to record, re-direct, or block access to certain Web sites.

net

Example of what happens when you find a Web page:

  1. You type in http://globalvoicesonline.org/. The computer sends the domain name to a selected DNS server (using its numeric address), which sends a message back, containing the IP address for the Global Voices Web site.
  2. The browser then sends a request for a connection to that IP address.
  3. The request goes through a series of routers until it reaches a router that finds the specific computer needed.
  4. This computer sends information back to you, allowing your browser to send the full URL and receive the data to display the page.

Every connection between computers or routers that a message goes through is called a hop. The number of hops is the number of computers or routers your message comes in contact with along its way. Below is a sample path taken by a computer to get to www.globalvoicesonline.org. This request passes through at least fourteen computer connections (hops) before reaching its destination.

traceroute to globalvoicesonline.org (72.249.186.50), 64 hops max, 40 byte packets
 1  192.168.1.1 (192.168.1.1)  2.425 ms  0.673 ms  0.637 ms
 2  192.168.15.1 (192.168.15.1)  3.824 ms  1.068 ms  1.139 ms
 3  10.92.32.1 (10.92.32.1)  10.712 ms  9.581 ms  98.359 ms
 4  gig-5-3-lbrtnymtn-rtr1.hvc.rr.com (24.164.160.173)  10.720 ms  10.774 ms  11.147 ms
 5  pos-3-1-nycmnya-rtr1.nyc.rr.com (24.164.160.78)  12.533 ms  12.042 ms  11.206 ms
 6  tenge-0-3-0-nwrknjmd-rtr.nyc.rr.com (24.29.97.6)  12.456 ms  13.922 ms  13.821 ms
 7  ae-4-0.cr0.nyc30.tbone.rr.com (66.109.6.78)  15.844 ms  22.984 ms  14.024 ms
 8  ae-1-0.pr0.nyc20.tbone.rr.com (66.109.6.163)  14.605 ms  14.592 ms  43.455 ms
 9  207.88.182.73.ptr.us.xo.net (207.88.182.73)  14.707 ms  14.437 ms  22.936 ms
10  te-4-0-0.rar3.nyc-ny.us.xo.net (207.88.12.26)  24.168 ms  16.683 ms  16.947 ms
11  207.88.14.9.ptr.us.xo.net (207.88.14.9)  45.446 ms  45.360 ms  46.136 ms
12  207.88.14.10.ptr.us.xo.net (207.88.14.10)  70.949 ms  69.782 ms  70.112 ms
13  207.88.185.38.ptr.us.xo.net (207.88.185.38)  70.162 ms  73.824 ms  73.137 ms
14  switch19.rimuhosting.com (65.99.204.18)  70.630 ms  70.344 ms  70.264 ms
15  server1.globalvoicesonline.org (72.249.186.50)  72.347 ms  72.747 ms  74.179 ms

Destination reached!

GVO

If you have used the Internet, you know that normally all of these complex processes are hidden and you don't need to understand them in order to find the information you need. However, when people or organizations attempting to limit your access to information interfere with the operation of the system, your ability to use the Internet may be restricted.

Why This Matters

Censorship can occur at different points in the Internet infrastructure, covering whole domains or subdomains, individual protocols, or specific content identified by filtering software. The best method to avoid censorship will depend on the specific censorship technique used. You may need to understand these differences in order to use the appropriate measures to use the Internet effectively and safely.


EDIT