Phase 1: How the Internet Works (IP, DNS, Routing)

Series: Networking for Web Developers
Time commitment: 3–4 days, 1–2 hours daily
Prerequisites: Basic programming experience, using a terminal

Introduction

Every time you open a browser and visit a website, an enormous amount of machinery kicks into motion. Packets of data travel through fiber-optic cables, bounce off routers across continents, and arrive at your screen in milliseconds. Most developers treat this as magic. This post removes the magic.

By the end you'll be able to trace a browser request from your laptop all the way to a web server — and explain every step in between.

What You'll Learn

✅ Understand what the internet actually is (physically and logically)
✅ Explain IP addresses — IPv4, IPv6, and CIDR notation
✅ Describe how packets travel across the internet via routing
✅ Trace a full URL request from browser to server
✅ Explain DNS at a conceptual level (deep dive in NET-5)
✅ Understand what ISPs and CDNs do

What Is the Internet?

The internet is a global network of interconnected networks. It is not a single thing owned by one company — it is millions of separate networks (your home network, your ISP's network, a university's network, a cloud provider's network) all agreeing to communicate using common protocols.

At the physical level, the internet is:

• Copper and fiber-optic cables running under streets, oceans, and buildings
• Wireless radio (WiFi, 4G/5G) connecting devices to access points
• Routers and switches directing traffic between networks
• Data centers housing the servers that store websites, APIs, and databases

The internet backbone is a collection of high-capacity fiber-optic links connecting major hubs around the world — these are operated by large Tier 1 ISPs and carry the bulk of global traffic.

IP Addresses

Every device on the internet has an IP address — a unique numerical identifier that tells the network where to deliver packets.

IPv4

IPv4 addresses are 32-bit numbers written as four octets:

192.168.1.1
203.0.113.42

Each octet is 0–255. This gives about 4.3 billion possible addresses — which ran out around 2011 as internet-connected devices exploded in number.

Special IPv4 ranges:

IPv6

IPv6 addresses are 128-bit numbers written in hexadecimal:

2001:0db8:85a3:0000:0000:8a2e:0370:7334

They can be abbreviated by collapsing consecutive zeros with :::

2001:db8:85a3::8a2e:370:7334

IPv6 provides 340 undecillion addresses — enough for every grain of sand on Earth to have its own IP address, several times over. Most modern networks support both (dual-stack).

CIDR Notation

CIDR (Classless Inter-Domain Routing) describes a range of IP addresses using a prefix length:

192.168.1.0/24   → 192.168.1.0 to 192.168.1.255  (256 addresses)
10.0.0.0/16      → 10.0.0.0 to 10.0.255.255       (65,536 addresses)
203.0.113.5/32   → exactly one address

The /24 means the first 24 bits are the network prefix; the remaining 8 bits identify hosts. You'll encounter CIDR constantly when working with cloud networking (VPCs, security groups, firewall rules).

How Packets Travel: Routing

Data on the internet is broken into packets — small chunks (typically 1,500 bytes) that travel independently and are reassembled at the destination. This is called packet switching (as opposed to circuit switching, which is how traditional phone calls work).

Routers

A router is a device that forwards packets toward their destination. When a packet arrives, the router:

1. Reads the destination IP address in the packet header
2. Looks up its routing table to find the best next hop
3. Forwards the packet out the appropriate interface

Each router only needs to know how to get closer to the destination — it doesn't need a complete map of the internet.

Hops

Each router a packet passes through is a hop. You can count hops with traceroute:

# macOS / Linux
traceroute google.com
 
# Windows
tracert google.com

Sample output:

 1  192.168.1.1     (your home router)         1 ms
 2  10.0.0.1        (ISP gateway)              5 ms
 3  203.0.113.1     (ISP backbone)            12 ms
 4  198.51.100.10   (peering exchange)        18 ms
 5  172.217.0.1     (Google's edge router)    20 ms

BGP — The Internet's Routing Protocol

Border Gateway Protocol (BGP) is the protocol that routers use to share routing information across different networks (Autonomous Systems). BGP is how the internet's routers agree on how to reach every IP address in the world.

When you see news about "BGP hijacking" — that's when a network incorrectly announces it owns IP addresses it doesn't, accidentally (or maliciously) rerouting traffic.

DNS — From Domain to IP

Humans use domain names (google.com), but the internet uses IP addresses (142.250.80.46). DNS (Domain Name System) is the phone book that translates one to the other.

Here's the short version of how DNS works:

The full DNS deep dive is in NET-5: Deep Dive — DNS: How Domain Names Resolve (coming soon). For now, the key concept is: your browser can't connect anywhere without first resolving a domain name to an IP address.

What Happens When You Type a URL

This is one of the most common technical interview questions — and genuinely useful to understand. Here's what happens when you visit https://example.com:

Let's walk through each step:

Step 1: Parse the URL

The browser breaks down https://example.com/path?query=value:

• Scheme: https — use TLS-encrypted HTTP
• Host: example.com — domain to resolve
• Path: /path — resource to request
• Query: query=value — parameters

Step 2: DNS Resolution

The browser checks its cache first. If not found, it asks the OS resolver, which asks a recursive resolver (usually your ISP's or a public one like 8.8.8.8). The resolver walks the DNS hierarchy and returns an IP.

Step 3: TCP Connection

The browser opens a TCP connection to port 443 (HTTPS). TCP uses a three-way handshake:

Client → Server: SYN
Server → Client: SYN-ACK
Client → Server: ACK

This takes one round-trip time (RTT). On a typical connection, that's 10–80ms.

Step 4: TLS Handshake

Because this is HTTPS, the browser and server negotiate an encrypted channel using TLS. This adds another 1–2 RTTs. The full TLS process is covered in NET-6: TLS/HTTPS (coming soon).

Step 5: HTTP Request

The browser sends an HTTP request:

GET / HTTP/1.1
Host: example.com
Accept: text/html
User-Agent: Mozilla/5.0 ...

Step 6: HTTP Response

The server responds:

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1256
 
<!DOCTYPE html>
<html>...

Step 7: Rendering

The browser parses the HTML, discovers assets (CSS, JS, images), fetches them (triggering more DNS lookups, TCP connections, HTTP requests), and renders the page.

ISPs and the Network Hierarchy

Not all networks are equal. ISPs are organized in a hierarchy:

Tier 1 ISPs own the backbone infrastructure and peer with each other for free (settlement-free peering). They don't pay anyone to route traffic — they are the internet's foundation.

Tier 2 ISPs buy transit from Tier 1 ISPs and sell it downstream. They may also peer with other Tier 2 networks.

Tier 3 ISPs (your home ISP) are "last mile" providers — they deliver internet access to homes and businesses.

Internet Exchange Points (IXPs)

IXPs are physical locations where many networks meet and exchange traffic directly, reducing the number of hops and improving performance. Major IXPs include AMS-IX (Amsterdam), DE-CIX (Frankfurt), and LINX (London).

CDNs — Bringing Content Closer

Content Delivery Networks (CDNs) are geographically distributed caches. Instead of serving all traffic from one data center, CDNs replicate content at edge nodes close to users.

When a user requests example.com/logo.png:

1. DNS resolves the CDN's domain to the nearest edge node's IP
2. The edge node serves the cached image
3. If the cache is cold (first request), the edge fetches from origin and caches it

Benefits:

• Latency: Serving from 20ms away vs. 200ms across the world
• Availability: Traffic is distributed — no single point of failure
• Bandwidth cost: Origin receives far fewer requests

Popular CDNs: Cloudflare, AWS CloudFront, Fastly, Akamai.

Network Latency and Bandwidth

Two metrics matter most in networking:

Latency — the time for a packet to travel from source to destination (one-way) or round-trip time (RTT). Measured in milliseconds (ms).

Bandwidth — how much data can flow per second. Measured in Mbps or Gbps. A fiber-optic cable can carry 100 Gbps+; your home connection is typically 100–1,000 Mbps.

Latency and bandwidth are independent:

• A satellite connection can have high bandwidth but terrible latency (500ms+)
• A fiber connection typically has both low latency and high bandwidth

For interactive web apps, latency matters more than bandwidth. A 200ms RTT means every request-response cycle takes at least 200ms, regardless of how fast the connection is.

Practical: Inspect Your Network Path

Try these commands to see the concepts in action:

# See your current IP address (external)
curl ifconfig.me
 
# Trace the network path to a server
traceroute google.com
 
# Resolve a domain name to IP
dig google.com
 
# See how long DNS, connection, and first byte take
curl -w "\nDNS: %{time_namelookup}s\nConnect: %{time_connect}s\nTTFB: %{time_starttransfer}s\nTotal: %{time_total}s\n" \
     -o /dev/null -s https://example.com
 
# Ping to measure round-trip latency
ping -c 5 google.com

Sample curl timing output:

DNS:     0.012s
Connect: 0.028s
TTFB:    0.065s
Total:   0.072s

This shows DNS resolution took 12ms, TCP connection took 16ms more, and the server started responding 37ms after connection. This decomposition is invaluable for diagnosing slow requests.

Summary

The internet is a global network of interconnected networks. Here's what you now understand:

✅ IP addresses identify every device — IPv4 (32-bit, ~4 billion) and IPv6 (128-bit, practically unlimited)
✅ Packets travel independently, hopping through routers toward their destination
✅ Routers use routing tables and BGP to forward packets globally
✅ DNS translates domain names to IP addresses before any connection is made
✅ A URL request involves DNS lookup → TCP handshake → TLS → HTTP exchange → rendering
✅ ISPs form a hierarchy from backbone Tier 1 down to your last-mile provider
✅ CDNs cache content at edge nodes to reduce latency for users worldwide

This foundation makes every subsequent topic in this series click into place — because everything happens on top of these layers.

What's Next

Phase 2: TCP/IP & Transport Layer (coming soon)

In Phase 2 we go deeper into the transport layer — the TCP three-way handshake, reliability guarantees, UDP trade-offs, ports, and sockets. This is the layer your application code talks to directly.

Series Index