Let’s have a look up the series of IP communication about browsing a web server site(DNS and http) as representative.
Name resolution by DNS
PC in first resolve the name(site URL) by DNS. For example, if want to access to “www.yahoo.co.jp”, query the IP address of “www.yahoo.co.jp” to DNS server set to PC. Some DNS servers are limited internally, others are published on the Internet. As an example of published, IP address “126.96.36.199” is a famous DNS server provided by google for free.About basic knowledge of DNS, reffer this link.
Establish TCP connection
Next, toward the IP address of www.yahoo.co.jp, establish the TCP connection. In first, send the TCP syn from PC
to Web Server, and from Web Server TCP syn/ack is sent as return. And, TCP ack is sent from PC. Then establishment is done. This negotiation is called Three way handshake.
Request for html file by http GET method
PC does not wait the opponent after sends TCP ack, does more communication of http GET method.
For example, send the strings with ASCII in initial of TCP payload,
which is conforming to the http Standard.
after /(slash) following request file name such as “index.html” in principle but in almost site, requesting only / results in returnning the file set to web server as default.
HTTP/1.1 means request by HTTP version 1.1.
HTTP Status Code and reception of required file
When requesting above is done, there comes from Server to PC the strings
and required files is sent. If file size is more than 1460 Byte over MSS value, Server OS or Application sends two or more packets divided by TCP segmentation. (not IP fragmentation but TCP segmentation）
“200” is the value of HTTP status code and means “Successful”.
grasp the HTTP packet flow with telnet
This flow is easy to understand using telnet client. For example, add the feature of telnet client with windows7/8/10 and type as below with command prompt. (adding the feature of telnet client is able to do with 30 seconds, how to add the feature of telnet client）
(case sensitive) and Enter twice, then return the strings below with ascii
Like this, http version need not match between client and server. In caution, if you miss spell, www.yahoo.co.jp
site returns 400 Bad Request immediately. This means telnet client is sending message every input character.
It is inefficient, but not violate with HTTP Standard.
as seen above, http is represented in a form easy to understand by humans. There are other such communication such as SMTP, FTP, SIP etc.
On the other hand, DNSis not a format of ascii, but binary which is difficult to understand by humans and easy to understand by machine.