How Web Browsing Works

How Web Browsing Works

What happens when you type a URL in a browser?




10,000-foot View


5,000-foot View[*]

  1. If requested page is in browser cache and is fresh, render the cached content
  2. DNS lookup to find the IP address of the requested domain name (e.g. =
  3. Connect to the web server via a TCP+TLS handshake
  4. Browser sends an HTTPS request to the server
  5. Server sends HTTPS response
  6. Browser renders the HTML

DNS Cache Lookup

Browsers search for IP addresses in the following order of DNS caches:

  1. Browser
  2. OS
  3. Router
  4. ISP
  5. DNS via root servers

OSI Model

  1. Physical layer
  2. Data link layer
  3. Network layer (IP)
  4. Transport layer (TCP, UDP) - divides outbound msg into packets; reassembles inbound packets into msg; flow & error control
  5. Session layer
  6. Presentation layer
  7. Application layer (HTTP, FTP) - the protocol in which the end-to-end, client/server communicate

What about TLS/SSL?

  • TLS doesn't fit the OSI model[*], but it can be considered to be in a "Security" layer
  • TLS and its predecessor, SSL, both are commonly referred to as SSL
  • Provides the cryptographic/encryption protocol to ensure secure communication

Transport Layers

  • TCP
    • Cast
    • Request/Response
    • Unicast
    • 1 sender; 1 receiver (point-to-point)
    • "Guaranteed" delivery?:  Yes
  • UDP
    • Cast
      • Publish/subscribe
      • Broadcast or multicast
      • 1 sender; many receivers/listeners
    • "Guaranteed" delivery?:  No
    •  QUIC
      • built on top of UDP
      • reduced latency & bandwidth
      • Easier to change at the app level vs. the kernel level

TCP+TLS Handshake - Overview

TLS Details

  • Certificates - TLS uses certificates to verify the identity of endpoints.
  • Cipher - The algorithm for performing encryption/ decryption. Common ciphersuites are Diffie–Hellman and RSA; involves public & private keys:
    • Public Key - shared between client and server; basically used to encrypt messages
    • Private Key - NOT shared; basically used to decrypt messages

Load Balancing

  • Browser requests are usually handled by a "farm" of web servers.
  • Load Balancers (LBs) distribute the workload amongst the web servers.
  • NAT - Browsers just know about one IP address but different servers with various IP addresses can process the requests.  Network Address Translation (NAT) is a way of remapping one IP address into another by modifying datagram packets

Load Balancing - Types

  • Layer 4 load balancing operates at the intermediate transport layer (TCP), which deals with delivery of messages with no regard to the content of the messages. L4 LBs simply forward network packets to and from the upstream server without inspecting the content of the packets. They can make limited routing decisions by inspecting the first few packets in the TCP stream.
  • Layer 7 load balancing operates at the high-level application layer (HTTP), which deals with the actual content of each message. L7 LBs can make sophisticated routing decisions based on the content of the message (the URL or cookie, for example). L7s can also apply optimizations and changes to the content (such as compression and encryption).


Java Notes

Java Notes

ETF & Mutual Fund Rankings

ETF & Mutual Fund Rankings