I'm playing with Wireshark to debug some IoT home automation projects I'm working on. I think I'd benefit from understanding more about how HTTP and TCP/IP are actually working. Most explanations I'm finding describe HTTP as "riding on top of" TCP/IP, but I'm asking more specifically about what is actually being sent.
Here's an example of a client/server interaction I captured:
Client: [SYN]
Server: [SYN, ACK]
Client: [ACK]
If I understand so far, they've now successfully established a TCP connection. The next capture, though, shows me
Client: POST /whatever
Server: 200 OK
Okay now I'm lost. Examining that capture shows me that I have an Ethernet, IP, TCP, and HTTP layer all in one frame. Is it actually as simple as the client adding a bunch of text after the TCP packet ends and squirting those extra bytes over to the router? Which, presumably, then parses the TCP/IP out and forwards it accordingly? This is the source of my confusion. By "rides on top of" is it meant (in a physical sense) that HTTP is just a series of bytes that are sent in the same frame, after the TCP packet? Is the HTTP in this case considered to be the payload of the TCP/IP?
And of course to finish
Server: [FIN, ACK]
Client: [ACK]
Client: [FIN, ACK]
Server: [ACK]
//In this case the server terminates the connection.
Edit: A commenter below asked a question which makes me feel as if I haven't been very clear about what I'm asking.
Imagine that I could stand between my client and the server (or perhaps it would be more accurate to stand between my client and the router and again between the router and the server). Ignoring the considerations when one has to physically send raw data over a physical medium (checksums, error correction codes, etc), what would the actual traffic look like, with respect to time? Would I see bytes for an ethernet layer followed by bytes for an ip layer, tcp, http, and so on?
The network layers use abstraction and encapsulation. The lower layers encapsulate the higher layers.
The destination device performs the reverse of the above, delivering the application data to the destination application.
Because of the abstraction and encapsulation at each layer, you can mix and match different protocols at different layers. For example, ethernet can carry any number of network protocols (IPv4, IPX, IPv6, AppleTalk, etc.) without knowing or caring what is in the payload of the ethernet frame. Conversely, IP doesn't know or care which data-link protocol (ethernet, Wi-Fi, token ring, PPP, frame relay, etc.) is carrying it.
Your web browser uses HTTP to communicate the data (HTML) between it and the web server. HTTP uses TCP to transport it to the web server. The web browser will request that TCP assign it a TCP address (port). The web server likely uses the well-known TCP port 80 for HTTP, and TCP will segment the stream of data from the application into TCP segments (do not confuse this with IPv4 fragmentation). TCP will create a connection with TCP on the OS of the web server, and TCP guarantees that the segments will arrive, and that the data presented to the destination application will be complete, and in order.
TCP can theoretically use any network-layer protocol, but in practice it only uses IPv4 or IPv6. IP will encapsulate the TCP segments into IP packets.
IP will use the data-link protocol of the interface through which that packets will be sent. On a PC, this is most likely either ethernet or Wi-Fi, but it can be something else like PPP. The data-link protocol will encapsulate the packets into frames for the data-link protocol. Each data-link protocol has a different frame format. If the destination device is on the same network, the frames are addressed and delivered directly to the destination. If the destination is on a different network, the frames are addressed and delivered to the gateway (router) configured in the source OS.
The interface will encode the bits in the frame and signal on the medium of the interface.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With