HTTP Protocol
The underlying protocol that carries web application traffic between the web server and the client is known as Hypertext Transport Protocol. The most common implementation of the protocol, is defined in RFCs 7230–7237, which replaced the older version RFC 2616. The latest version is HTTP/2 published on May 2015, and it is defined in RFC 7540.
HTTP is a client-server protocol, a web browser (Client) makes a request to a server and the server returns a responds to the request.
HTTP is a clear-text protocol, all traffic between client and server is un-encrypted.
What is a Request?
A Client sends a request to the server, the request has two parts: the header and body. The header contains all of the information related to the request itself, response expected, cookies, and other relevant control information. The body contains the data exchanged
Header
Host: This specifics the host and port number of the resource being requested. A web server may contain more than one site, or it may contain technologies such as shared hosting or load balancing. This parameter is used to distinguish between different sites/applications served by the same infrastructure.
User-Agent: This field is used by the server to ID the type of client which will received the information. It is useful for developers in that the response can be adapted according to the users configuration.
Cookie: Cookies are temp values exchanged between the client and server and used among other reasons, to keep session information
Content-Type: This indicates to the server the media type contained within the requests body.
Authorization: HTTP allows for per-request client authentication through parameter. There are multiple modes of authentication most common being Basic, Digest, NTLM and Bearer.
Response
When the server receives a request it processes the information and sends a response. To ensure the client request is successful the client would check the response status code to ensure the request was successful.
To understand the client server model better we need examine how DNS works.
DNS
DNS stands for Domain Name System, it is the phone book of the internet. DNS is a database of names and IP addresses, it translate domain name to IP address.
domain name = ip address
DNS Overview
- User types in website address and request information
- Browser sends request to recursive server to find IP address
- Recursive server will then contact root name server
- Ask the tld name server
- Ask the authoritative name server.
- IP address is located and recursive server will send information back to user
- Receive the answer
Request Information
The process begins when you ask your computer to resolve a host name, such as visiting http://google.com. The first place your computer looks for the corresponding IP address is its local DNS cache, which stores information that your computer has recently retrieved. If your computer doesn’t already know the answer, it needs to perform a DNS query to find out.
Recursive Server
If the information is not stored locally, your computer queries the recursive DNS servers from your internet service provider(ISP). These specialized computers perform the legwork of a DNS query on your behalf.
Recursive DNS name servers are responsible for providing the proper IP address of the intended domain name to the requesting host. Think of it as a search engine which searches other pages; it is one that responds to each query by asking other names servers for the answer. The recursive server will check to see if it has any DNS records cached for the domain you are trying to reach. If not, the recursive server then queries the root DNS server for the TLD of the domain.
Root Name Servers
If the recursive servers don’t have the answer, they query the root name servers. A name server is a computer that answers questions about domain names, such as IP addresses. There are 13 servers which act similar to a telephone switchboard. The don’t know the answer, but they can direct DNS queries to someone that knows where to find it.
TLD Name Server
The root name servers will look at the first part of our request, reading from right to left. Direct the query to the top level domain (TLD). Each TLD such as those for .com, .org, and .us has its own set of names servers, which act like a receptionist for each TLD. These servers don’t have the information we need, but they can refer us directly to the server that do have the information
Authoritative DNS Server
The TLD name servers review the next of our request and direct our query to the name servers responsible for this specific domain. These authoritative name servers are responsible for knowing all the information about a specific domain, which is stored in DNS records.
The purpose of the authoritative DNS Server is to responds to recursive DNS servers, providing answers with the IP “mapping of the requested website. Their responses contain all the essential DNS information for each website, such as corresponding IP addresses, a list of mail servers, and other necessary DNS records.
Primary vs Secondary
Every domain name has at least two name servers, provided by the hosting provider in order to get a website online.
A primary DNS server is in charge of perusing information related to the domain zone from a record that is stored on the web server of a hosting account. The primary server is additionally in charge of corresponding with the secondary DNS server, which is know as a zone exchange or zone transfer. Every domain name is given its DNS records for redundancy, and to make the recovery procedure of the server administration easier. When a request is issued to a domain name it goes through the primary DNS server first to reach the websites server.
Secondary DNS servers act as a backup when primary servers fails to direct a user to the web hosting server. A secondary DNS server, also known as slave server, is in change of acquiring zone data from the primary DNS server quickly.
Relationship between primary and secondary DNS:
Primary DNS servers hold the master copy of the zone record while secondary DNS servers usually obtain data from the primary DNS.
Secondary DNS provides redundancy to primary DNS servers, improving the security level.
Record Type
The recursive server retrieves the A record for the domain from the authoritative name servers and store the record in its local cache. If anyone else requests the host record for the domain, the recursive server will already have the answer and will not need to go through the lookup process again. All records have a time-to-live value, which is loke an expiration date. After a while, the recursive server will need to ask for a new copy of the record to make sure the information doesn’t become out-of-date.
Record types are part of a bigger structure known as DNS zones. DNS zones are configurations implemented on Domain Name Servers. Continuing our last example, when a specific authoritative DNS server directs a recursive server for a specific TLD, it directs it to a certain TLD zone, a form of a hierarchical layout of several domains and or sub domains.
A DNS record has three details attached:
- a record name
- a record data or record type
- TTL
Receive the answer
Armed with the answer, recursive server returns the A record back to your computer. Your computers stores the record in its cache, reads the IP address from the record, then passes this information to your browser. The browser then opens a connection to the webserver and receives the website.
Please checkout the below links
Resume website — https://tommarler.org
Linkedin — https://www.linkedin.com/in/tom-m-bb4857112/
