1.1 How the Internet Works — Quick Revision
Compact cheat sheet. Print-friendly.
How to use this material (instructions)
- Skim top-to-bottom in one pass before quizzes or interviews.
- If a row feels fuzzy — reopen the matching lesson in
README.md → 1.1.a…1.1.e.
- Drills —
1.1-Exercise-Questions.md.
- Polished phrasing —
1.1-Interview-Questions.md.
1.1.a History of Web
Web 1.0 vs 2.0 vs 3.0
┌──────────┬─────────────────┬──────────────────┬──────────────────────┐
│ │ Web 1.0 │ Web 2.0 │ Web 3.0 │
├──────────┼─────────────────┼──────────────────┼──────────────────────┤
│ Mode │ Read-only │ Read-write │ Read-write-own │
│ Era │ ~1991–2004 │ ~2004–present │ Emerging / evolving │
│ Content │ Static pages │ UGC, social, │ Decentralized, │
│ │ │ APIs, mashups │ wallets, ownership │
│ Users │ Consumers │ Creators │ Owners / participants│
└──────────┴─────────────────┴──────────────────┴──────────────────────┘
Key dates (anchor timeline)
| Year | Event |
|---|
| 1969 | ARPANET — first packet-switched network (US research) |
| 1983 | TCP/IP becomes standard on ARPANET |
| 1989 | Tim Berners-Lee proposes WWW (CERN) |
| 1991 | First website / HTTP/HTML in use |
| 1993 | CERN puts WWW software in public domain (no patent lock-in) |
| 1994 | W3C founded; Mosaic → commercial browsers |
Three pillars of the Web
| Pillar | Role |
|---|
| HTML | Structure & semantics of documents |
| HTTP | How clients request and servers respond |
| URL | Global address for a resource (scheme://host/path) |
1.1.b How Computers Communicate
OSI 7 layers + mnemonic
Please Do Not Throw Sausage Pizza Away → Physical, Data link, Network, Transport, Session, Presentation, Application
| # | Layer | Typical unit / idea |
|---|
| 7 | Application | HTTP, DNS, SMTP — user-facing protocols |
| 6 | Presentation | Encoding, encryption (conceptual) |
| 5 | Session | Dialog management (often folded into app) |
| 4 | Transport | TCP/UDP segments — end-to-end reliability/ports |
| 3 | Network | IP packets — routing, logical addressing |
| 2 | Data link | Frames — MAC, switches, local delivery |
| 1 | Physical | Bits on wire/fiber/radio |
TCP/IP 4 layers (common mapping)
┌─────────────────────────────────────┐
│ Application (HTTP, DNS, SSH…) │ ← OSI 5–7
├─────────────────────────────────────┤
│ Transport (TCP, UDP) │ ← OSI 4
├─────────────────────────────────────┤
│ Internet (IP, ICMP, routing) │ ← OSI 3
├─────────────────────────────────────┤
│ Link (Ethernet, Wi‑Fi…) │ ← OSI 1–2
└─────────────────────────────────────┘
TCP vs UDP
┌─────────────┬────────────────────────────┬────────────────────────────┐
│ │ TCP │ UDP │
├─────────────┼────────────────────────────┼────────────────────────────┤
│ Connection │ Connection-oriented │ Connectionless │
│ Reliability │ Retries, ordering, acks │ Best-effort, no ordering │
│ Overhead │ Higher (state, headers) │ Lower │
│ Use cases │ Web, email, file transfer │ DNS (often), VoIP, games │
└─────────────┴────────────────────────────┴────────────────────────────┘
TCP 3-way handshake
Client Server
│── SYN (seq=x) ──────────────►│
│◄── SYN-ACK (seq=y, ack=x+1) ─│
│── ACK (ack=y+1) ────────────►│
│ Connection ESTABLISHED │
Encapsulation (sending down the stack)
[App data] → Segment (TCP/UDP hdr + payload) → Packet (IP hdr + segment)
→ Frame (L2 hdr/trailer + packet) → Bits on physical medium
Each hop may re-frame at L2; IP addresses usually unchanged end-to-end (unless NAT).
Key ports (memorize these)
| Port | Service |
|---|
| 20/21 | FTP (data / control) |
| 22 | SSH |
| 25 | SMTP |
| 53 | DNS |
| 67/68 | DHCP (server / client) |
| 80 | HTTP |
| 110 | POP3 |
| 143 | IMAP |
| 443 | HTTPS |
| 993 | IMAPS |
| 995 | POP3S |
1.1.c Data Travels Worldwide
| Fact | Detail |
|---|
| Submarine share | ~95% of intercontinental data goes via submarine cables (not satellites for bulk) |
| Scale | 694+ submarine cable systems (count varies by source/year) |
| Fiber / DWDM | Light in fiber; DWDM = many wavelengths (colors) on one fiber → huge capacity |
| Repeaters | Undersea repeaters/amplifiers roughly every 80–100 km to restore signal |
| Packets | Typical MTU ~1500 bytes on Ethernet (IP packet payload capped by path MTU) |
| Routing | BGP exchanges routes between autonomous systems (AS); policy + path selection |
| IXP | Internet Exchange Point — networks peer & swap traffic locally |
| CDN | Edge caches closer to users → lower latency, offload origin |
| Latency | Speed of light + hops; hard lower bound — London↔NYC ~30–40 ms RTT fiber (order of magnitude; real paths higher) |
1.1.d Domain Names / IP / MAC / Routing
Three address types
Domain → Human-meaningful names (google.com) — resolved via DNS
IP → Global logical routing (203.0.113.5) — Layer 3, routable
MAC → Local hardware identity on a segment — Layer 2, flat, broadcast domain
IPv4 vs IPv6
| IPv4 | IPv6 |
|---|
| Size | 32-bit | 128-bit |
| Notation | Dotted decimal | Hex groups (2001:db8::1) |
| Addresses | ~4.3B (exhausted in practice) | Vast space |
| NAT | Very common | Designed to reduce need (still exists in places) |
Public vs private (IPv4 examples)
| Range (RFC 1918) | Use |
|---|
10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 | Private LAN |
| Others (with exceptions) | Public routable (ISP-assigned) |
Special IPs
| Address | Meaning |
|---|
| 127.0.0.1 | Loopback (this host) |
| 0.0.0.0 | “Any” / unspecified (context-dependent) |
| 8.8.8.8 | Google public DNS (example of anycast resolver) |
| 169.254.x.x | Link-local (APIPA) when DHCP fails |
Hop behavior
- MAC changes each hop (L2 rewrites to next segment’s destination MAC).
- IP (src/dst) usually unchanged end-to-end unless NAT or tunneling.
ARP
ARP maps IP → MAC on the same subnet (broadcast “who has this IP?”).
Subnetting quick ref
/24 = 256 addresses, 254 usable hosts (minus network + broadcast in classic IPv4)./16, /8 — scale host bits accordingly: usable ≈ 2^(32-prefix) - 2 (classical IPv4).
1.1.e ISP and DNS
ISP tiers (simplified)
| Tier | Role |
|---|
| Tier 1 | Global backbone; often settlement-free peering with other tier-1s |
| Tier 2 | Regional/national; buys transit + peers at IXPs |
| Tier 3 | Last-mile / access ISP; sells to homes & businesses |
DNS resolution — 7-step model (conceptual chain)
- App asks OS stub resolver for
google.com.
- Stub checks OS cache; miss → queries configured resolver (often ISP or 8.8.8.8).
- Recursive resolver checks its cache; miss → starts iterative queries.
- Query root (
.) → referral to TLD servers (.com).
- Query TLD → referral to authoritative nameservers for
google.com.
- Query authoritative → get A/AAAA (or chain via CNAME).
- Answer cached (with TTL) → returned to stub → to app.
Key DNS records
| Record | Purpose |
|---|
| A | IPv4 address |
| AAAA | IPv6 address |
| CNAME | Alias to another name |
| MX | Mail server for domain |
| NS | Delegates DNS to nameservers |
| TXT | Arbitrary text (SPF, DKIM, verification) |
DHCP — DORA
| Step | Message | Direction |
|---|
| D | Discover | Client → broadcast |
| O | Offer | Server → client |
| R | Request | Client → server |
| A | Acknowledge | Server → client |
Client gets IP, subnet mask, gateway, DNS servers, lease time.
DNS security & transport
| Tech | What it does |
|---|
| DNSSEC | Cryptographic signing — authenticity & integrity (not confidentiality) |
| DoH | DNS over HTTPS (port 443, hides DNS in HTTPS to resolver) |
| DoT | DNS over TLS (dedicated port 853) |
Public DNS options (examples)
- 8.8.8.8 / 8.8.4.4 (Google), 1.1.1.1 (Cloudflare), 9.9.9.9 (Quad9), ISP default.
Master workflow — visiting google.com (16 steps)
- User enters URL; browser parses scheme/host/path.
- Browser checks HSTS/preload and builds HTTPS URL if applicable.
- DNS: resolve
google.com → A/AAAA (via stub → recursive → authoritative chain).
- OS returns IP(s); browser may pick one (e.g. Happy Eyeballs IPv6/IPv4 race).
- TCP SYN to 443 → 3-way handshake with chosen IP.
- TLS handshake: certs, cipher agreement, session keys.
- HTTP/2 or HTTP/3 connection; ALPN negotiates application protocol.
- Browser sends HTTP request (headers, optional body).
- Packets encapsulated: TCP segment → IP packet → Ethernet/Wi‑Fi frame.
- Default gateway receives frame; routing table sends toward ISP.
- NAT (typical home): private IP → public IP mapping on outbound.
- Many routers forward by longest-prefix match; BGP at ISP boundaries.
- Possibly IXP peering or tier-1 transit; submarine/long-haul as needed.
- Google edge (Anycast / CDN-like) receives traffic; load balancing internally.
- Server processes request; response encrypted over TLS, chunked/compressed.
- Browser renders HTML; parallel fetches (CSS/JS/images); caching for repeat visits.
One-liner definitions (20+ terms)
| Term | One-liner |
|---|
| Protocol | Agreed rules for format and order of messages between systems. |
| Packet | Unit of data at Layer 3 (IP header + payload), routed independently. |
| Router | L3 device; forwards packets between networks using IP & routing tables. |
| Switch | L2 device; forwards frames by MAC within a LAN (VLAN-aware in managed switches). |
| Firewall | Enforces allow/deny rules on traffic (stateful often tracks connections). |
| Proxy | Intermediary that forwards client requests (may cache, filter, anonymize). |
| VPN | Encrypted tunnel over untrusted network; virtual presence on another network. |
| Load balancer | Distributes traffic across servers for scale and availability. |
| Latency | Time for a signal/request to travel (RTT = round-trip). |
| Bandwidth | Max data rate capacity of a link or path (theoretical upper bound). |
| Throughput | Actual achieved data rate under real conditions. |
| ISP | Internet Service Provider — access and/or transit to the global Internet. |
| DNS | Hierarchical naming system resolving hostnames to IP addresses. |
| DHCP | Auto-assigns IP configuration (address, mask, gateway, DNS) via lease. |
| NAT | Maps many private IPs to fewer public IPs at a gateway. |
| ARP | Resolves IP to MAC on the same broadcast domain. |
| BGP | Path-vector protocol; ISPs exchange reachability for IP prefixes. |
| CDN | Geographically distributed caches to serve content closer to users. |
| IXP | Physical location where networks interconnect and exchange traffic. |
| TLD | Top-Level Domain (e.g. .com, .org) — DNS tree under root. |
| TTL | DNS: cache lifetime for a record; IP: hop limit (decremented per router). |
| Encapsulation | Wrapping data in successive headers as it descends the stack. |
| Handshake | TCP’s synchronized start (SYN, SYN-ACK, ACK) before data transfer. |
| MTU | Maximum Transmission Unit — largest frame/payload size on a link segment. |
End of 1.1 quick revision.