Terminology

Service/Daemon

Blockade runs in the background as a service on Windows and as a SysV daemon on Linux.  It quietly does its work without any intervention from the user.

Name Server

Blockade listens on port 53 (both UDP and TCP) for incoming DNS queries.  In this way it is acting as a typical DNS server.

Relay Name Server

Blockade acts as a DNS client as well.  By default it is configured to use Google's Public DNS (8.8.8.8).  This relay name server can be modified to use whatever DNS server you wish.

Blocklist

Blockade uses an internal blocklist full of domains that have been deemed to contain malware, tracking or ads.

Custom Blocklist

Blockade does not rely on the Blocklist alone.  Domains to be blocked can be added to the Custom Blocklist at any time.  They are included in the process for determining whether a domain should be blocked or not.

Exceptions

While Blockade uses both the Blocklist and the Custom Blocklist to determine what domains should be blocked, Exceptions allow you to let a domain through the blockade.


Configuration

Single Device Configuration

A single server or device can be configured to send only its DNS queries to the Blockade server.  This is great for testing how Blockade works as well as ensuring that the user will not be impacted when the entire network is switched over to Blockade.

Use this configuration to test any line of business applications that are required on a daily business.  Any web services that are being blocked can easily be added back into the mix via a new Exception.  Conversely, if Blockade is not blocking enough and you need to add to the Custom Blocklist, this is the time to perform those changes and test everything accordingly.

Small Group Configuration

A small group of devices can also be configured manually, similar to a single device configuration.  this allows for a small segment of your network to utilize Blockade as you test everything out on your way to a full network deployment.  Again, the process requires that you manually add the Blockade server to the DNS settings on each device in the group.

Network-Wide Configuration

In addition to manually configuring static devices and servers to use Blockade, the DHCP server or local router can also be configured to use Blockade for all of the DNS queries for each of the devices that are currently leasing IP addresses through your DHCP server.  This may include WiFi devices as well, such as phones, tablets, laptops, etc.

A network-wide configuration makes it very simple to cover your entire network and all of your devices from malware related content, tracking systems, and ads.  You will begin to see how much tracking is actually occurring across your entire network.


Process

DNS Query

When blockade received a DNS query on port 53, an interregation of the query yields the domain in need of resolution.  The extracted domain is compared first against the Blocklist, then the Custom Blocklist.  

No Match:

If no match is found, the query is pushed upstream to the Relay Name Server for resolution.  Any response from the Relay Name Server is simply sent back to the requesting client.  The Relayed Queries counter is incremented and the query/domain is added to the list of Relayed Queries for review.

Match:

If a match is found, the query is compared one last time against the Exceptions list.  If it is in the Exceptions list, it is relayed upstream and follows the process as if it was never matched agaisnt the Blocklist to begin with.  If the domain is not in the Exceptions list, the query is blocked.  The Blocked Queries counter is incremented and the query/domain is added to the list of Blocked Queries for review.

The requesting client is still waiting for a response at this point.  In order to trick the client, we respond back to the requesting client but we return the IP address of the Blockade server instead of the real IP address.  Effectively blocking the request.

Block Server

When blockade blocks a DNS request, it sends back the IP of the Blockade server.  This is useful since the requesting client is likely a browser.  Since the browser may be attempting to serve and image, the Block Server is listening on port 80 for HTTP requests.  Since the browser has the Blockade servers IP address for the blocked domain lookup, it makes an HTTP request to the Block Server component of Blockade.  

All HTTP requests to the Block Server are met with a response of a single Metiix 'M' logo.  This not only makes the HTTP response much faster, it allows the user to know that Metiix Blockade has blocked that portion of the web site, or the entire site all together.

Blocklist

Every 24 hours, Blockade checks for updates to its Blocklist.  When an update is available, it uses its Blocklist cache to only pull down the portions of the Blocklist that have been modified.  After re-assembling the blocks, the Blocklist is up-to-date with the latest list of domains to block.

We work to curate a list of domains to add to the Metiix Blocklist on a daily/weekly basis.  We do not whitelist anything that we find.  It is our opinion that you should be able to add exceptions or custom entries to Blocklist without our influence.

History

Blockade only keeps a list of the most recent queries in the Queries List, Relayed Queries List, as well as the Blocked Queries List.  All of these lists are stored in memory and are reset whenever the Blockade server is restarted.  None of the history leaves the server.  Metiix does not care what queries are running against your Blockade server and we do not request any of this data.


Modified almost 4 years ago

Was this article helpful?   Yes  ·  No


Related Articles
Profile

The Profile button (within the Management drop down)...

Queries

Queries are a list of every domain element that is...

Blocklist

This is the Blockade Server master database, which...

Blocked Queries

Blocked Queries are a list of every domain element...

Exceptions

Exceptions are domains you allow to pass through the...

What is Blockade?

Blockade is DNS based server software designed to...

Custom Blocklist

Metiix Blockade currently blocks over four hundred...

Domain Check

At the top of the Blockade Admin...

Blockade Architecture

TerminologyService/DaemonBlockade runs in the...