Networking & HTTP — How the Internet Works
Why Networking Fundamentals Matter
Every web application, API call, and cloud service depends on the network. Understanding how data travels from a browser to a server and back is essential for debugging issues, optimizing performance, and designing robust distributed systems.
Why this matters for your career:
- Network issues are among the hardest to debug — understanding the stack helps
- HTTP/HTTPS knowledge is required for web development, API design, and security
- DNS misconfiguration is a common cause of downtime
- TLS/SSL certificates are essential for production deployments
- Interviewers often ask about TCP, DNS, and what happens when you type a URL in a browser
What Happens When You Type a URL in a Browser?
- You type
https://www.example.comin the browser - Browser checks its cache for the DNS record of
www.example.com - If not cached, browser queries a DNS resolver (usually your ISP's DNS server)
- DNS resolver recursively queries root → TLD → authoritative nameservers
- Browser gets the IP address (e.g.,
93.184.216.34) - Browser establishes a TCP connection to the IP on port 443 (HTTPS)
- TLS handshake occurs to negotiate encryption
- Browser sends an HTTP GET request
- Server processes the request and returns an HTTP response
- Browser renders the HTML, fetches additional resources (CSS, JS, images)
The OSI Model
The OSI model describes network communication in 7 layers:
| Layer | Number | Function | Example Protocols | |-------|--------|----------|-------------------| | Physical | 1 | Raw bit transmission over wire/air | Ethernet, Wi-Fi | | Data Link | 2 | Framing, MAC addresses | Ethernet, ARP | | Network | 3 | Routing, IP addressing | IP, ICMP | | Transport | 4 | End-to-end reliability | TCP, UDP | | Session | 5 | Session management | TLS (partially) | | Presentation | 6 | Data encoding, encryption | TLS, SSL | | Application | 7 | User-facing protocols | HTTP, FTP, DNS, SMTP |
In practice, TCP/IP networking combines layers 3-4 (TCP/IP) and layers 5-7 are often grouped together.
TCP vs. UDP
| Feature | TCP | UDP | |---------|-----|-----| | Connection | Connection-oriented (3-way handshake) | Connectionless | | Reliability | Guaranteed delivery, retransmission | Best-effort, no guarantee | | Ordering | In-order delivery | No ordering | | Flow control | Yes (sliding window) | No | | Congestion control | Yes | No | | Speed | Slower (overhead) | Faster (no overhead) | | Use cases | HTTP, HTTPS, SSH, SMTP, FTP | DNS, VoIP, video streaming, gaming |
TCP Three-Way Handshake
Client Server
| SYN (Seq=x) |
|------------------------->|
| SYN+ACK (Seq=y, Ack=x+1) |
|<-------------------------|
| ACK (Seq=x+1, Ack=y+1) |
|------------------------->|
| Connection Established |
This handshake adds one round-trip time (RTT) to every new HTTP connection, which is why HTTP/2 and HTTP/3 use connection multiplexing.
HTTP Protocol
HTTP Methods
| Method | Purpose | Idempotent | Safe | |--------|---------|------------|------| | GET | Retrieve a resource | Yes | Yes | | POST | Create a resource | No | No | | PUT | Update/replace a resource | Yes | No | | PATCH | Partial update | No | No | | DELETE | Remove a resource | Yes | No | | HEAD | Get headers only | Yes | Yes | | OPTIONS | Check available methods | Yes | Yes |
HTTP Status Codes
| Code Range | Category | Example | |------------|----------|--------| | 1xx | Informational | 101 Switching Protocols (WebSocket) | | 2xx | Success | 200 OK, 201 Created | | 3xx | Redirection | 301 Moved Permanently, 304 Not Modified | | 4xx | Client Error | 404 Not Found, 401 Unauthorized | | 5xx | Server Error | 500 Internal Server Error, 503 Service Unavailable |
HTTP/1.1 vs. HTTP/2 vs. HTTP/3
| Feature | HTTP/1.1 | HTTP/2 | HTTP/3 | |---------|---------|--------|--------| | Transport | TCP | TCP | QUIC (UDP-based) | | Head-of-line blocking | Yes | At TCP level | No | | Multiplexing | No (pipelining limited) | Yes | Yes | | Header compression | No | Yes (HPACK) | Yes (QPACK) | | Server push | No | Yes | Yes | | Connection reuse | Keep-alive | Full multiplexing | Full multiplexing | | Adoption | Legacy | Modern (2020+) | Cutting edge (2023+) |
DNS (Domain Name System)
DNS translates human-readable domain names into IP addresses. The resolution process is hierarchical:
Browser → Local Cache → Resolver → Root (.) → TLD (.com) → Authoritative (example.com)
DNS Record Types
| Type | Purpose | Example |
|------|---------|--------|
| A | IPv4 address | example.com → 93.184.216.34 |
| AAAA | IPv6 address | example.com → 2606:2800:220:1:248:1893:25c8:1946 |
| CNAME | Canonical name (alias) | www.example.com → example.com |
| MX | Mail exchange | @ → mail.example.com |
| TXT | Arbitrary text (verification, SPF) | v=spf1 include:_spf.google.com |
| NS | Nameserver | example.com → ns1.example.com |
| SOA | Start of authority | Zone transfer parameters |
TLS/SSL
TLS (Transport Layer Security) encrypts data between client and server.
TLS 1.3 Handshake
Client Server
| ClientHello (key_share) |
|------------------------->|
| ServerHello + Certificate + Finished |
|<-------------------------|
| Finished |
|------------------------->|
| Encrypted Data |
|<=========================>|
TLS 1.3 requires only one round trip (1-RTT) vs. TLS 1.2 which requires 2-RTT. TLS 1.3 also removes insecure cipher suites and provides forward secrecy by default.
HTTPS Flow Summary
TCP Handshake (1 RTT) + TLS Handshake (1 RTT with TLS 1.3) → First byte of HTTP request at 2 RTT. With HTTP/3 over QUIC, the connection is established in 0-RTT for repeat visitors.
Common Network Debugging Commands
| Command | What It Does |
|---------|-------------|
| ping example.com | Check reachability and round-trip time |
| traceroute example.com | Show each hop from client to server |
| nslookup example.com | Query DNS records |
| dig example.com | Detailed DNS query |
| curl -v https://example.com | Full HTTP request/response debug |
| tcpdump -i eth0 port 443 | Capture network packets |
| ss -tuln | List listening ports |
| netstat -an | Network statistics (older) |
Summary
Networking is the backbone of modern computing. Understanding TCP/IP, DNS, HTTP, and TLS helps you build reliable web applications, debug production issues, and design scalable systems. Every web developer should know what happens when they type a URL in their browser.
Key takeaways:
- DNS resolves domain names to IP addresses through a hierarchical lookup
- TCP provides reliable, ordered connections via a three-way handshake
- UDP is faster but unreliable — used for streaming, DNS, gaming
- HTTP/2 and HTTP/3 improve performance over HTTP/1.1 with multiplexing
- TLS encrypts HTTP traffic — TLS 1.3 reduces handshake to 1 RTT
- HTTPS = HTTP over TLS (port 443)
- When type a URL: DNS → TCP → TLS → HTTP request → server processes → HTTP response → browser renders
What's Next: Data Structures
The next chapter covers fundamental data structures — arrays, linked lists, trees, hash tables, and when to use each.
HTTP Headers Reference
Request Headers
| Header | Purpose | Example |
|--------|---------|--------|
| Host | Target domain | Host: example.com |
| User-Agent | Client identification | User-Agent: Mozilla/5.0... |
| Accept | Expected response format | Accept: application/json |
| Authorization | Authentication credentials | Authorization: Bearer token |
| Content-Type | Body format | Content-Type: application/json |
| Referer | Previous page URL | Referer: https://google.com |
| Cookie | Stored cookies | Cookie: session=abc123 |
| Cache-Control | Caching directives | Cache-Control: no-cache |
Response Headers
| Header | Purpose | Example |
|--------|---------|--------|
| Content-Type | Response body format | Content-Type: text/html; charset=utf-8 |
| Content-Length | Body size in bytes | Content-Length: 1234 |
| Set-Cookie | Set a cookie | Set-Cookie: session=abc123; HttpOnly |
| Cache-Control | Caching instructions | Cache-Control: max-age=3600 |
| Location | Redirect target | Location: /new-page |
| Access-Control-Allow-Origin | CORS policy | Access-Control-Allow-Origin: * |
Understanding HTTP headers is essential for debugging API issues and configuring web servers correctly.