What happens when you open a browser and type a URL? Let’s find out.

1. Type https://xtenets.com/ in web browser. Firefox is browser of my choice:

2. DNS resolution happens. It depends on OS how exactly domain name is resolved. If you open page which you have already visited there is a chance DNS record is not expired and is still stored in browser memory. You can check list of DNS records in Firefox memory by opening following menu: about:networking#dns
   But what about opening URL for the first time or when cached record is expired?

   • sending dns lookup (actually it is not, see link 1) to domain resolver for the OS.
     Let’s imagine you are in local network 192.168.0.0/24 and resolver host address is 192.168.0.1
     UDP packet with DNS query is sent to 192.168.0.1 and if dns resolution is recursive client waits for result from the 192.168.0.1 resolver. A resolver breaks the name up into its labels from right to left.
     The first component (TLD) is queried using a root server to obtain the responsible authoritative server. Queries for each label return more specific name servers until a name server returns the answer of the original query.[] (iterative DNS resolution - see link 5)
   • receives IP address in DNS response

3. Browser opens TCP connection to webserver IP address : port 80. Layer 4 OSI, transport layer

   • TCP data is encapsulated into IP packet - layer 3 OSI, network layer

   • IP data is encapsulated into Ethernet frame - layer 2 OSI, link layer

   • OS calls driver of the network card and provides data to transfer via network.

   • If computer with browser is located in LAN it detects that IP address 1.2.3.4 received as result of DNS query is not local and should be sent to the default gateway 192.168.0.1. To send the message, it also requires default gateway MAC address. First, computer uses a cached ARP table to look up 192.168.0.1 for any existing records of default gateway MAC address (00:eb:24:b2:05:ac).

     If the MAC address is found, it sends an Ethernet frame with destination address 00:eb:24:b2:05:ac, containing the IP packet onto the link.

     If the cache did not produce a result for 192.168.0.1, computer has to send a broadcast ARP request message (destination FF:FF:FF:FF:FF:FF MAC address), which is accepted by all computers on the local network, requesting an answer for 192.168.0.1. Default gateway responds with an ARP response message containing its MAC and IP addresses. As part of fielding the request, default gateway may insert an entry for computer into its ARP table for future use. Computer receives and caches the response information in its ARP table and can now send the packet. (from wikipedia, link 9)

4. Browser sends HTTP GET request over TCP connection.

5. On a web server, an HTTP server is responsible for processing and answering incoming requests. (link 12, see link #13 for example of webserver )

6. On receiving a request, an HTTP server first checks whether the requested URL matches an existing file.

7. If so, the web server sends the file content back to the browser with 200 OK. If not, an application server builds the necessary file.

8. If neither process is possible, the web server returns an error message to the browser, most commonly 404 Not Found.

9. Browser parses response and shows data.

Definitions:

• A frame is a digital data transmission unit in computer networking and telecommunication. In packet switched systems, a frame is a simple container for a single network packet. In other telecommunications systems, a frame is a repeating structure supporting time-division multiplexing.
• A media access control address (MAC address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment.
• Encapsulation in TCP/IP stack, example for UDP protocol:

Links:

• 1 https://zwischenzugs.com/2018/06/08/anatomy-of-a-linux-dns-lookup-part-i/
• 2 dns: https://tools.ietf.org/html/rfc1034
• 3 dns: https://tools.ietf.org/html/rfc1035
• 4 DNSSEC1 AD and CD flags: https://www.freesoft.org/CIE/RFC/2065/40.htm
• 5 Iterative vs recursive resolution: https://stackoverflow.com/questions/9966280/difference-between-recursive-and-iterative-dns-lookup
• 6 frame: https://en.wikipedia.org/wiki/Frame_(networking)
• 7 error correction: https://en.wikipedia.org/wiki/Frame_check_sequence
• 8 TCPIP model: https://en.wikipedia.org/wiki/Internet_protocol_suite
• 9 ARP: https://en.wikipedia.org/wiki/Address_Resolution_Protocol
• 10 NDP: https://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol
• 11 DNS resolution: https://en.wikipedia.org/wiki/Root_name_server#Resolver_operation
• 12 Web server: https://developer.mozilla.org/en-US/docs/Learn/Common_questions/What_is_a_web_server
• 13 How to build web server: https://medium.com/from-the-scratch/http-server-what-do-you-need-to-know-to-build-a-simple-http-server-from-scratch-d1ef8945e4fa
• 14 https://stackoverflow.com/questions/10104082/unix-socket-sock-seqpacket-vs-sock-dgram
• 15 Internet standards: https://www.rfc-editor.org/standards