Control your Traffic — Principle

Everyday, we view a lot of websites, we see many videos without care about how it works. Do you want to know the details? just follow me to take a look, and to see how to control it as well.

Basic workflow

The workflow of browser — website.

  • User inputs a website url
  • Browser sends a dns query to dns server for this domain
  • Browser receives the domain ip records
  • Browser sends a query to the website server
  • Browser receives the response data of from the website server
  • Browser draws the website by the data
  • User views the website contents

The two major transactions in the workflow:
1) DNS server transaction
2) Web server transaction

What’s the meaning of Control Traffic

So controlling the traffic means we need to control dns query as well as web server query.

Notes: From above we can see that before sending query to the website server, we need know the IP address of the website and the mapping “domain <–>  IP” stored in the DNS server. And normally, the DNS query step is hidden for users.

Why we need to Control the Traffic?

Before that, we need to know the reason, right?

In some cases, we want to:
1) Connect some websites directly
2) Connect some websites by proxy A (high speed)
3) Connect some websites by proxy B (more security)

How to Control

How to Control DNS Query

Here we only talk about how to control the DNS from the client side. Because we cannot touch the DNS server, we cannot control it.

There are so many DNS clients we can use. I just recommend the dnsmasq for a beginner, since it’s a full feature DNS client, and easy to start with.

Dnsmasq

For example, you can configure your dns config and put it into /etc/dnsmasq.d/example.conf:

server=/.google.com/8.8.8.8

The configuration means to use Google’s DNS server to resolve the domain like *.google.com. Normally, some DNS servers, like openDNS which are geo based DNS, would return the IPs closest to your location, so it would speed up your query time.

How to Control Website Query (http query)

In this step, we’ve already got the IP of the website. And we want connect with this IP by a proxy. So, here we can use iptables by maintaining an IP list in iptables and forwarding the traffic to the specific proxy if matched.

The End

Now, you can write your own dnsmasq configuration file and plan your traffic path with dnsmasq + iptable.

Ok, this article is just a brief introduction. There are some problems we have to face:
1) What if the DNS server returns wrong IP records?
2) What if the DNS query is hijacked?
3) It’s really hard to maintain the IP list for the iptables. Is there any other way to handle it? (IPSet)

I’ll talk about these next time. Have fun 🙂

3 thoughts on “Control your Traffic — Principle”

Comments are closed.

%d bloggers like this: