What is a DNS Proxy?

This article will discuss DNS proxying from the consumer perspective. In recent years, DNS proxying services (such as SmartDNS) have become very popular among people who want to watch streaming video from other countries. For example, if you are an American and want to watch a BBC stream from the UK, the BBC will block you. If you are a Netflix subscriber in the UK and want to watch Netflix’s USA content, Netflix will block you.

This sort of geographical blocking is primarily caused by video licensing laws. So, if Netflix buys the rights to broadcast a TV show in the USA, they could be sued if they then broadcast it to the whole world. Of course, these pre-internet licensing arrangements are an anachronism, but they are still the law.

Nevertheless, many people find geo-blocking to be unjust. For example, many European Netflix subscribers pay the same subscription fees that American subscribers do, but get access to a much smaller video library. Also, paying customers lose access to their service if they merely go on vacation to a different country.

Consequently, people have sought to evade geographical blocking in large numbers. Sort of like when people used Uber even when it was illegal. It’s a popular rebellion of sorts.

So, the primary way people rebel is to trick the streaming server into thinking that they are in the same country. This is done with a thing called a proxy server. The concept is pretty simple. Suppose that you are in the USA, and want to watch BBC coverage of an important event like the Brexit vote (which was virtually ignored by the US news media) but you are blocked. However, you have a friend in the UK who can view the BBC’s stream. So, what if he could forward the stream to you? That would solve your problem; he would become your proxy. If there were a lot of other people around the world who wanted to watch the BBC, your friend might set up a server to handle the load, and start charging a fee for his proxy service.

And that is what has happened; there are now a plethora of streaming-video proxy services. Now, you are probably wondering where this “DNS” thing comes in. This part is a little more complicated, but it’s not rocket science.

First, let’s look at the need. Suppose that you are a journalist and you need to be able to watch streaming news from all around the world. You could subscribe to a proxy server in each country, but that would be expensive and difficult to manage with a couple of hundred URLs and passwords to keep track of. When news breaks in Elbonia, you would have to find the URL to your Elbonian proxy service, log into their site, and then enter the URL of the Elbonian news station that you need to watch.

Now we can see the need for some improvements over a simple proxy server. Ideally, you would find a service that had servers all around the world so that you would only need one subscription. You would log into their website, specify that you wanted to watch ElbonianNews.com, and then their Elbonian server would log onto the website and forward the stream to you.

Now we see the potential for another improvement: what if you could skip the step of logging into your proxy company’s website? What if your browser could automatically handle that for you? If it could, then you could just keep a bookmark to ElbonianNews.com, and go to it with just one click. This is where DNS comes in.

DNS stands for “domain name service” and is a free service provided by your ISP. Normally, DNS works well enough that you don’t have to think about it. It’s just sort of there in the background; a kind of internet plumbing. Its job is to translate the URLs that you type into your browser into IP addresses.

Every computer on the internet has an IP address, which is a number. Servers also have names like “google.com” and these names are called domain names. You can go to google.com by typing in its IP address (172.217.20.46) but that gets tedious after a while. If you type in “google.com” your browser will ask your ISP’s domain-name server for the IP address, and then take you to google.com.

You could just bookmark 172.217.20.46 and use it whenever you wanted to go to Google. In fact, that might be noticeably quicker. However, the reason why we don’t do that is because websites frequently move to different IP addresses. For example, when a website moves to a new hosting company, it gets a new IP address. So, if you had its IP address bookmarked, you would get an error message, and have no way to find the site. You could then look up the domain name in your ISP’s DNS, get the new IP address, and then bookmark it. However, all of this would be done for you automatically if you bookmarked the domain name instead.

So, DNS is like a phone-book, but it lists the addresses of websites instead of people’s phone numbers. Now, imagine that there are 50 other such phone-books around the internet. What are they for? If you are old enough to remember, there wasn’t just one paper phone-book. The phone company also gave you a “yellow pages” book listing most of the businesses in your city. Next to the “white pages” that listed people’s phone numbers, there were the “blue pages” that listed the numbers of government offices. And big-city phone companies even published “baby” phone-books that only listed the phone numbers in your neighborhood. So, even in the pre-internet world, there were four kinds of phone-books published in each major city, no doubt totaling hundreds of different phone-books across the country. And similarly today, we have multiple DNS servers, which you can switch to by just changing a setting in your network control panel.

Here we are talking about using DNS to help us watch streaming video, but there are other reasons too. One reason might be speed. If your ISP’s DNS server is a little slow, then you will see a delay every time you browse to a new website. And if you switch to a faster third-party DNS server, you can eliminate the delay. Another reason is censorship. Perhaps your government has ordered all ISPs in your country to remove certain domain names from their DNS servers. So, when you try to go to the outlawed website, you get an error message from your browser and think that the site has been taken offline. But in reality, the website is still running, and you could reach it with a censorship-free DNS server.

For example, in 2012, the Indian government sent court orders to Indian ISPs such as Reliance Communications to block torrent sites as well as Vimeo.com – the video-sharing website. Of course, an Indian ISP can’t shut down sites in other countries like Vimeo, so they blocked them in their DNS. In 2015, India ordered ISPs to block porn sites. But Indians who were using third-party DNS services didn’t notice anything awry.

A DNS service can make streaming easier by changing the IP addresses of streaming sites to their own proxy servers. That sounds complicated, but it’s really pretty simple. Normally, if you type ElbonianNews.com into your browser, you will go directly to that website. However, their server will be able to see your IP address, lookup the country it was issued in, and then send you an error message instead of their stream. However, if you are using a third-party DNS server/proxy service they will send your browser the IP address of their proxy server in Elbonia. The proxy server will then log onto ElbonianNews.com, and since the proxy server is in Elbonia, with an Elbonian IP address, it will evade the geo-block, fetch the stream, and forward it to you.

That’s how a DNS proxy system works, but our discussion is not complete because streaming websites can fight back. If a streaming site wants to stop proxying, they can simply blacklist all of the IP addresses of the proxy servers that are accessing their website. Just like you, they can search the web, find a DNS proxy service, find their list of IP addresses, and then block them. It’s not very hard to do. In fact, you can do it yourself if you have a website. If your server is running Linux, you can block an IP with the iptables command:

iptables -I INPUT -s 100.200.150.189 -j DROP

Of course, a blocked proxy service could then buy more IP addresses and use those until they are blacklisted. And so, there is an “arms race” type of situation just like you see with torrents and NZB websites.

Before signing up with a proxy service, you might want to send a message to their tech support and ask them something like this: “I live in country X and want to watch stream Y from country Z. Will I be able to do that with your service?”

DNS services also usually offer a VPN, perhaps for an extra fee. However, if you are just streaming, a VPN might be overkill. At the time of this writing, I was unable to find any cases where an individual was prosecuted for watching streaming video. If you are hyper-paranoid, you might want the encryption that a VPN provides, but keep in mind that the horsepower needed to do the encryption might slow down your stream. When using a torrent app, a lawyer can see your IP address in any swarm you participate in. That’s not the case while streaming where only your proxy company and ISP have access to your packets.

See for Yourself

If you are outside of the UK, you can see how DNS proxying works by doing the following:

  1. Go to the BBC Player website.
  2. Click on a live stream.
  3. You will get an error message.
  4. Take advantage of the 5-day money-back guarantee of SmartDNS and sign-up.
  5. Enter the SmartDNS server IP addresses into your network settings.
  6. Restart your computer or device.
  7. Go back to the BBC page, and you should be able to watch their streams.

If you are in the UK, you can perform the above test with one of sites on Wikipedia’s List of websites blocked in the United Kingdom.

Click here to ask a question.