The 3 things that happens:
http://www.example.com on Browser
The operating system looks at /etc/host file,first for the ip address of http://www.example.com(this can be changed from /etc/nsswitch), then looks /etc/resolv.conf for the DNS server IP for that machine
Pick 172.16.200.30 (call it dinky)
Now dinky could be configured in 2 ways:
If “dinky” is Recursive DNS, following is what going to happen:
STEP 1:You enter http://www.example.com in the browser. So the operating system’s resolver will send a DNS query for the A record to the DNS server 172.16.200.30
STEP 2:The DNS server 172.16.200.30 on receiving the query, will look through its tables(cache) to find the IP address(A record) for the domain http://www.example.com. But it does not have the entry.
STEP 3: As the answer for the query is not available with the DNS server 172.16.200.30, this server sends a query to one of the DNS root server,for the answer. Now an important fact to note here is that root server’s are always iterative servers.
[POINTER #1: How to query ROOT DNS Server]
STEP 4: The dns root server’s will reply with a list of server’s (referral) that are responsible for handling the .COM gTLD’s.
STEP 5: Our DNS server 172.16.200.30 will select one of the .COM gTLD server from the list given by the root server, to query the answer for “www.example.com”
STEP 6: Similar to the root server’s , the gTLD server’s are also iterative in nature, so it replies back to our DNS server 172.16.200.30 with the list of IP addresses of the DNS server’s responsible for the domain(authoritative name server for the domain) http://www.example.com.
STEP 7: This time also our DNS server will select one of the IP from the given list of authoritative name servers, and queries the A record for http://www.example.com. The authoritative name server queried, will reply back with the A record as below.
http://www.example.com = <XXX:XX:XX:XX> (Some IP address)
STEP 8: Our DNS server 172.16.200.30 will reply us back with the ip domain pair(and any other resource if available). Now the browser will send request to the ip given, for the web page http://www.example.com.
NOTE:In the above Dinky gets a list of servers and has to choose one Server from the list to further proceed. The most Famous DNS server software BIND uses a technique called as rtt metric(Round Trip Time metric). Using this technique, the server tracks the RTT of each root server, and selects the one,with lower RTT.
If “dinky” is Iterative DNS (or Non-Recursive DNS), following is what going to happen:
In this mode Dinky will only get referral to other DNS servers and will not provide final answer on behalf of our resolver.
Since our DNS server 172.16.200.30 (Dinky) is not a recursive name server(which means its iterative), it will give us the answer if it has in its records. Otherwise will give us the referral to the root servers(it will not query the root server’s and other servers by itself.)
Now its the job of our resolver to query the [#1]root server, [#2].COM TLD servers, and [#3]authoritative name server’s, for the answer.
STEP 1: You enter http://www.example.com in the browser. So the operating system’s resolver will send a DNS query for the A record to the DNS server 172.16.200.30 .
STEP 2: The DNS server 172.16.200.30 on receiving the query, will look through its tables(cache) to find the IP address(A record) for the domain http://www.example.com. But it does not have the entry.
STEP 3: Now instead of querying the root server’s, our DNS server will reply us back with a referral to root servers. Now our operating system resolver, will query the root servers for the answer.
Now the rest of the steps are all the same. The only difference in iterative query is that
if the DNS server does not have the answer, it will not query any other server for the answer, but rather it will reply with the referral to DNS root server’s
But if the DNS server has the answer, it will give back the answer(which is same in both iterative and recursive queries)
in an iterative query, the job of finding the answer(from the given referral), lies to the local operating system resolver.
POINTER 1 : How to query ROOT DNS Server?
the root name server(.) is the most important resource in the name server heirarchy. when any name server is asked for an information which it does not have, the first thing that name server does is asking one of the (.)root name server.
there are 13 root name servers as follows.
Now the ip address of all the root servers mentioned above are known to all the DNS software packages, by default. Which means all the DNS servers can reach these root servers without any other DNS server.
Why only 13 DNS Servers?
The main reason is because when you plan a big architecture like DNS root server’s, you need to go into several depths to analyse performance issues. So as i said there are 13 IP addresses. If you are a networking guy or a system administrator, you might already know that UDP is better than TCP where performance is the requirement. And due to performance issues, a UDP packet used for DNS is limited to 512 bytes, if your payload goes above 512 bytes, then TCP will be used.
TCP involves very high overhead, because it includes multiple steps and procedures to establish a TCP connection, that can slow the entire process.
UDP is better suited for reliability and the second one is suited for performance. Things like DNS should never be slow, hence it by default works on UDP. And a single UDP packet should contain all this 13 IP addresses along with other UDP proto
col information (416 bytes of 13 ip addresses and remaining protocol information of UDP). Yeah sure you can easily have 30 or 40 DNS root server IP addresses, but you will not be able to send all of them in one UDP packet (you will have to send them in multiple packets, that will reduce the performance). Hence for performance and low network overhead the root servers are limited to 13 IP addresses.
Even India had 3 DNS root servers. One in Bangalore, Chennai, and New Delhi.
There is a technology called as Anycasting that plays a major role in achieving this distributed architecture of DNS root servers. In simple terms anycasting is a technology that makes multiple servers, in fact many servers in different locations to share a single IP address. Which means, many servers will be available at that one address. Whenever a request is send to an anycast IP address, then networking routers will route that request to the nearest server possible. This means if i want to reach f.root-servers.net from India the nearest possible location is Chennai (which is shown in the map), rather than reaching some other location in the world. This is the reason why DNS root servers rely heavily on IP anycasting technology.
NOTE: A ALIAS record (say pointing it to ELB endpoint ) is not exposed to commands like HOST. Whereas if we pointed a domain to ELB endpoint using CNAME record then DNS Resolver will show it as an alias to ELB endpoint.
Layer 5: This is the layer from where our applications tries to establish connection to a server. For example imagine that you have Firefox Browser installed
on your machine, and you are trying to establish connection with http://www.google.com. Now the Browser knows how to open a temporary port and request a connection to 80 port
on http://www.google.com server.This layer is called as the application Layer, where all our applications try to establish connections. Be it a browser,ftp client,ssh client.
Layer 4: This is the layer where our topic comes into picture, this layer is named as Transport Layer, There are two protocols in this layer(TCP,UDP). Either of them
can be used, Mostly in our day to day life we use TCP(because most of the applications require a reliable connection which TCP provides).UDP is also used for example,
in order to query a DNS server we normally use UDP protocol. Most of you must have heard about segments in network or MSS (Maximum Segment Size), Now TCP provides
reliability in communication with the help of something called as Positive Acknowledgment with Re-transmission (PAR).
Step1: Machine 1 wants to initiate a connection with machine 2, So machine 1 sends a segment with SYN(Synchronize Sequence Number). This segment will inform the machine 2 that Machine 1 would like to start a communication with Machine 2 and informs machine 2 what sequence number it will start its segments with.
Note: Sequence Numbers are mainly used to keep data in order.
Step2: Machine 2 will respond to Machine 1 with “Acknowledgment” (ACK) and SYN bits set. Now machine 2’s ACK segment does two things; they are as below.
1. It acknowledges machine 1’s SYN segment.
2.It informs Machine 1 what sequence number it will start its data with.
Step 3:Now finally machine 1 Acknowledges Machine 2’s initial sequence Number and its ACK signal. And then Machine 1 will start the actual data transffer.
Note: Initial Sequence Numbers are randomly selected while initiating connections between two machines.
CONTENT LENGTH – 936b
The means that the client has sent a get request with 936b and session prevails till the entire 936b has reached and then the 2nd GET request is issued.
.jpg .doc .css etc
When the URL is entered in the browser , the DNS , TCP and HTTP request is made. Once the Server send the HTML page to browser , the browser parse it and create an object in memory called DOM. While the browser creates the DOM it gets alot of reference such as Images, JS. when it sees those references they are downloaded. Some of the resources may be served from a different domain which adds up the DNS resolution , TCP connections.
DOM – At the top is the HTML tag and below 2 tags
1.Head Tag (more browser related things like title, search-enginge keywords etc)
2.Body Tag(content of the page.)
3 Primarily used resource types are :
a.CSS – they dictate the Font size and layout of webpage.
b.Scripts like JS – the dynamic element and they change DOM dynamically (Menu button, then 3rd components such as FB LIKE button, inline Twitter streams etc)
CSS and Scripts doesnt require to be external, they can internally embedded in the code as well.
Modern Browsers does many things in parallel like build a DOM while downloading resources in parallel. But this is not good as JS can do many things after or even during the page is loading. (one such function is document.write which will inject html code while the browser is reading it which can even change whole meaning of the already create DOM/Page). As a result whenever the Browser come across a Script the browser stops building the DOM and then executes the scripts. Since some scripts are external , the browser has to download it and execute it before it can continue parsing the HTML.
2 types of resources block/delay the rendering of the page – CSS (until all CSS are downloaded and processed the browser will not paint the page) and JS block the construction of the DOM becos they do that bcos browser can only paint what they understood and put into the DOM.
Best Practice :
CSS [so that they can downloaded earlier by the browser]
JS [placed at the bottom so that minimum things are lost if any issue caused to scripts. ]
JS makes the webpage more dynamic but the inclusion of XMLHttpRequest made the JS even more dynamic by contacting server and get response without page reload/refresh.
Cookies are primarily used to make the stateless webapp to statefull webapp.
“session-only cookies” that last only for a particular browsing session, or permanent cookies that last for multiple session.
Example of HTTP Request/Response
Example of HTTP request
GET /dumprequest HTTP/1.1 Host: rve.org.uk
Connection: keep-alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36
Example of HTTP response
Headers received from 126.96.36.199
Request time: 0.30609 s
||HTTP/1.1 200 OK
||Sun, 08 Jun 2014 15:13:00 GMT
||If you’re reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.