DNS resolution

What is DNS

Humans can have different identifiers(name, driving license number, PAN etc). Within a context, one identifier can be more appropriate than others. Like humans prefer to use “name” identifier, because they are more convenient to remember and refer to. Similarly in networks, hosts can have different identifiers. One of them is hostnamesuch as google.com, amazon.in, etc. Hostnames are easy to remember and refer hence are appreciated by humans.
But the variations in the hostname (can be of variable lengths, can have alphanumeric characters) make it difficult for machines(routers and other network devices) to process it. And for the above reason hosts are also identified by IP addresses (more rigid structure).

The different preferences for host identifiers demand for a directory service in the internet which translates the hostnames to IP addresses. And this is the main task of the domain name system(DNS). So in short form DNS is a distributed database in the internet which stores the record for hostnames translations.

Services provided by DNS

• Host Resolution: This is the main task of DNS. Suppose you hit the url www.samplehost.com/index.html. For sending the http request from your computer to the web server www.samplehost.com, your computer first obtain the IP address of www.samplehost.com. The DNS client running on your computer queries the DNS server for the resolution of hostname www.samplehost.com , and eventually receives the IP address. Then your computer initiates the TCP connection with resolved IP address.
• Host aliasing: Some hostnames can be complicated and hence can have one or more alias name. e.g. disco.dance.entertainment.com can have two aliases such as entertainment.com and www.entertainment.com. In this case disco.dance.entertainment.com is known as canonical hostname. DNS can be invoked to obtain the canonical hostname for the supplied alias as well as the IP address of the host.
• Load distribution: DNS can also be used for load distribution among replicated servers. The sites with heavy traffic or loads are replicated over multiple servers for high availability and other some other reasons(out of the scope of this blog). In this case when client makes query to the DNS server, it returns the set of IP addresses and rotates the ordering of IP addresses in each reply.
• Mail Server aliasing: We have observed that the email ids are like blog@gmail.com , blog@outlook.com etc. However, the hostname of the gmail or outlook servers are more complicated than gmail.com or outlook.com and are less convenient to remember(something like `xyz.nyc.dom.gmail.com` and `abc.cad.dom.outlook.com`). So in this case DNS server can be invoked by mail application to obtain the canonical hostname(`xyz.nyc.dom.gmail.com`) for the alias hostname (gmail.com)as well as IP address.

How does DNS works?

Whenever an application on a user’s machines needs to translate a hostname to IP, it invokes the client side of DNS with the hostname that needs to be translated. Then DNS in the user’s host send the query in the network and after some delay(in ms or secs) it receives a DNS reply with the mapping of hostname to the IPs. Finally this mapping is passed to the invoking application.

From the perspective of invoking application, DNS is a simple translation service which is what most of people think about DNS.

Now we will see how does this translation happens. What could be a simple design of this service; we can have a single DNS server which contains all the mappings and the clients which needs any translations should query to this server directly. But in todays era with such a high volume of requests in the internet and with such a huge growing number of hosts, this design will not work.
Problems with this design are:
1. Single point of failure.
2. Latency issues. (As a server near to one part of world will be far for from other part of the world)
3. Huge Request Volume.

In order to deal with these issues the design of DNS has to be distributed in nature. DNS uses large number of servers which are distributed around the world and so are the mapping of the hosts.

There are three classes of DNS: Root DNS Server, Top-Level Domain(TLD) DNS Server and Authoritative DNS server organised in a hierarchy as shown below.

Image is inspired from the book Compute Networks: Top Down approach

Let me explain these classes with an example. Suppose a client wants the IP address of www.amazon.in.
1. Client will first connect to one of the root DNS server which will return the IP address of one of the TLD DNS server for domain in .
2. Client will then connect to one of the TLD DNS server which will return the IP address of one of the authoritative DNS server for amazon.in .
3. Finally client will connect to one of the authoritative DNS server of amazon.in which will return the IP address of www.amazon.in .

Generally there is another DNS server comes in picture known as local DNS server which is provided by ISPs.(Internet server providers). So clients generally talks to local DNS servers and it’s the responsibility of local DNS server to talk to the respective other DNS servers(root, tld, authoritative) to resolve the hostname. Local DNS server also caches the results with some TTL which can be used in further queries.

DNS look up via different class of DNS servers

Types of DNS records.

DNS stores the mappings in form of resource records(RR) which are represented by four tuple which contains the following fields

(Name, Value, Type, TTL)

There are four types of DNS recored.

1. ForType=A ,Name is the hostname and Value is the IP address of the hostname. e.g. (www.random.com, 143.60.76.7, A, 10)is Type A record.
2. ForType=NS ,Name is the domain (such as amazon.in) and Value is the hostname of the authoritative DNS server that knows how to obtain the IP address for the hosts in the domain. e.g (amazon.in, dns.amazon.in, NS, 10) is a type NS record.
3. For Type=CNAME , Name is the aliased hostname and Value is the canonical hostname for that aliased hostname. e.g (entertainment.com, disco.dancer.entertainment.com, CNAME, 10)is Type CNAME record.
4. For Type=MX , Name is the aliased hostname for mail server and Value is the canonical hostname of that aliased mail server. e.g.(entertainment.com, mail.disco.dancer.entertainment.com, MX, 10) . Point to note here is that by using MX record a company can have the same aliased name for mail server and for some other server, say it’s company’s website. For e.g. google.com can be a hostname for a website as will as hostname for a the google mail server, this can be distinguished using the type of DNS record.

that the request hitting server IP on the appropriate port

The Internet is a very amazing part of our lives that came into existence fairly recently. In short, it is a global network that provides data, information, and communication through interconnected networks, guided and wireless technologies, and communication protocols. In the case of websites, it gives us the ability to connect to servers in huge data centers all over the world to access information and content stored on them.

The accessibility of the World Wide Web, one of the services offered over the Internet, is amazing in that anyone of almost any age can access it by simply typing some address into a web browser like Internet Explorer or Chrome and pressing “Enter”. This makes it very easy to take all the intricacies and complexity of the internet for granted and some people probably cannot imagine a world without it because they grew up with it. In this blog post, I will attempt to explain, from what I understand, what actually happens when a user types an internet Uniform Resource Locator (URL) like www.holbertonschool.com into a web browser and presses “Enter”.

The Process

The basic outline of steps when typing in a URL is listed below. I will go into more detail in the sections below.

1. The website Uniform Resource Locator (URL) is typed into the web browser
2. The browser performs a Domain Name System, (DNS) record lookup with a set series of steps in order to find the respective Internet Protocol (IP) address of the server that hosts the website
3. A Transmission Control Protocol (TCP) connection is opened between browser and host
4. An Hypertext Transfer Protocol (HTTP) request is sent to the website host server
5. The server, which contains tools such as load balancers, web servers, application servers, firewalls, and databases, handles the request sent by the browser
6. The server sends back an HTTP response with the requested web page attached
7. The browser displays the Hypertext Markup Language (HTML) and sends out additional HTTP requests for the CSS, Javascript, and other plugins.

Step 1 — The URL is typed into the web browser

https://outspokenmedia.com/https/claiming-all-domain-versions-in-google-search-console/

A URL is a syntactical way to identify a unique resource over the web. It has the following form and consists of four distinct parts:

protocol://hostname:port/path_to_resource_file

1. Protocol — the protocol used by the browser and server (usually HTTP or HTTP secured [HTTPS])
2. Hostname — the DNS domain name or IP address of the server hosting the content
3. Port — The TCP port number that the server is listening to for HTTP requests sent by the browser
4. Path to Resource File — The name/location of a specific document that you are trying to access

In our example, the URL www.holbertonschool.com contains no specific protocol, port, or file path, so the browser will likely use HTTP as the protocol, a port 80, which is default if no port is specified, and request the website at its root (/).

The hostname itself is made up of various levels of domain names. In www.holbertonschool.com, there are three domains in total. The www makes up the subdomain, holbertonschool is the primary domain, and .com is the Top Level Domain (TLD).

The browser can use all of these domains to identify the IP address of the server that hosts the website. The web uses a protocol called Transmission Control Protocol/Internet Procotol (TCP/IP) to communicate with servers. At a high level, TCP is a protocol that allows two hosts to communicate with each other and send reliable, ordered, and error-checked packets of data through receiving and sending locations called ports. An IP address is like the address to any device connected to the Internet.

Step 2 — The Browser Performs a DNS Record Lookup for the IP address

https://webhostinggeeks.com/guides/dns/

In order to know what server to ask for web content, the browser must know what IP address to contact that will serve the content that the user has specified. An IP address is a series of numbers which uniquely identifies all devices and things connected to the Internet and allows direct communication to them. There are two types of IP addresses: IPv4 and IPv6 which differ in their format. IPv4 is a series of 4 numbers from 0 to 255 separated by . such as 127.0.0.1 which is the local address of the computer you are currently on. IPv6 is a series of 8 groups of hexadecimal numbers separated by colons which solves the issue of saturated IP addresses since it allows trillion upon trillion times the number of IP addresses offered by IPv4. In our example, the browser must find the IP address of the server that hosts the holbertonschool website.

The reason that plain English domains exist for websites is because of the difficulty of remembering sequences of numbers. It is much easier to remember words and phrases. Thus, the Domain Name System (DNS) exists because of this translation between domain names and IP address numbers.

https://webhostinggeeks.com/guides/dns/

The browser does this through a DNS record lookup that goes through the following steps. If at any point, the IP address is found, the steps below it are simply skipped and the IP is sent back to the web browser.

1. Browser cache — the browser maintains a collection of DNS records for websites that you have recently visited. The browser searches this first.
2. Operating System cache — the operating system also maintains a collection of DNS records that can be searched for the information it needs. The browser communicates with the OS.
3. Internet Service Provider (ISP) cache — the operating system communicates with the Resolver server of your ISP. Your ISP maintains its own DNS Resolver server which can communicate with other servers associated with various domains all over the world for the specific information you requested.
4. If the IP address is not found, it does not exist and an error is returned

In the last step, the operating system contacts the resolver which communicates with the ISP DNS server to initiate a query to find the IP address by contacting various other DNS servers called Name Servers which search for the website based on the domains that the user typed into the browser (ie. www.holbertonschool.com in this case). The ISP DNS root server gives the resolver the address of the root name server (in this case, .com) and the resolver communicates with the root name server which finds the various name servers associated with the domain entered and reserved by the domain registrar (in this case, the name server is holbertonschool.com). The name server will find the IP address of www.holbertonschool.com in its records and give it to the resolver which then returns it to the browser.

Step 3 — A TCP Connection is Opened

http://www.library.mobrien.com/Manuals/MPRM_Group/tcp_connections_101.htm

The browser now has the IP address and is able to build a connection with the server that is associated with this IP address. TCP governs the reliability of the transmission of data and communicates with the website host server asking whether there are ports open to receive and send packets of data. In this case, since no port is specified in the URL, the browser will ask by default if port 80 is open for connections by sending a synchronization packet. If port 80 is not being used, the website host server will send back a synchronization/acknowledgement packet in which case, the browser will send back its own acknowledgement packet to the website host server which starts the TCP connection for data transfer. If any other ports are specified in the URL, these will be checked via the TCP protocol.

The TCP and IP protocols typically go hand-in-hand such that a full IP address usually specifies the actual IP address followed by a port number separated with a colon. For example, if the localhost was to be communicated at port 80, the full form of the IP address would look like the following: 127.0.0.1:80

Step 4 — An HTTP Request is Sent to the Website Host Server

The browser will then send a translation of the URL into the specified protocol, in this case, an HTTP GET request for the root page of the holbertonschool.com domain. This HTTP request message contains information in the form of various headers that define how the information and connections are to be handled by the servers.

http://www.ntu.edu.sg/home/ehchua/programming/webprogramming/http_basics.html

When the server receives this request message, it interprets this request, maps the request to a file or program on the server itself, and sends back a response. This response can even be an error if something went wrong or if the file or location does not exist on the server.

The issues of security have led to the need for more secure connections. A common one that is used by many websites nowadays is HTTPS which is the secure version of HTTP. In this system, Secure Sockets Layer (SSL) protocol is used to build a secure connection through a Public Key Infrastructure (PKI) system. This consists of a public key and a private key to encrypt and decrypt all communications. Anything encrypted using the public key can only be decrypted using the associated private key. When an HTTPS connection is requested, the website will send its SSL certificate to the browser which contains the public key for encryption and initiates an “SSL handshake”. The information traveling through the TCP connection in this way will be encrypted using the public key and the information sent back will be decrypted using the private key contained in the website host servers. All of this communication occurs over TCP port 443, so if www.holbertonschool.com’s servers are capable of HTTPS, connectons to port 80 will be redirected to port 443.

https://sucuri.net/guides/how-to-install-ssl-certificate

Step 5 — The Server Handles the Request Sent by the Browser

http://lj.platformatyourservice.com/wiki/Platform_Hardware_Stack

The website host server IP address contains the location of the web infrastructure that will handle the request. The goal of efficient web infrastructures is to build redundancy so that any errors or downtime will not completely halt all processing operations.

The initial connection might be a connection to a server that has a load balancer (like HAProxy) installed on it which uses algorithms to systematically direct traffic to the various other web servers that serve the content itself. Common algorithms include round robin, least connections, and IP hash.

1. Round robin — distributes traffic to groups of servers sequentially
2. Least connections — distributes traffic to servers based on which have the fewest connections at the time
3. IP hash — IP address is translated to a hash to determine which server handles the request (pseudo-random)

The load balancer is a single-point-of-failure in this case and thus, it might be beneficial to configure it with an active-passive copy of itself so that if the server in charge of the load balancer fails, another server containing this load balancer will be started up to continue distributing traffic while the primary load balancer server reboots or is fixed.

After the load balancer transmits the request to one of the servers to handle it, the message is received by the web server (like NGINX or Apache) and processed. The web server is in charge of serving static web content of the codebase, like the HTML and CSS pages themselves. If there is dynamic content that is requested such as PHP or Python code that specifically requests certain attributes or data, this goes to an application server which connects to a database (like a relational MySQL database) to draw information based on what is requested. The database might benefit from a Master-Slave cluster setup so that it is easier to update the server and pull data from it without conflict since only one server instance can have write privileges and the rest of the instances are synced to this server. This information is sent back to the application server which then sends it to the web server to incorporate into its response.

All this occurs assuming that a firewall (like ufw on Ubuntu) allows incoming and outgoing traffic through port 80 of the server side of the TCP connection. Firewalls are computer programs or hardware that can be configured to block incoming and outgoing connections from a network. The software can be installed on any server in the process. In this case, if a firewall is installed on the server carrying the load balancer or the servers containing the pages that were requested, if it is configured to allow incoming and outgoing traffic on port 80, the HTTP request and its subsequent interactions with the web server occur unhindered. If, however, the firewall is configured to block incoming and outgoing connections on port 80, the TCP connection step of this process would have failed and there would have been no connection between the browser and the server when the URL was typed. This is also true if only incoming traffic is blocked. If only outgoing traffic is blocked, the server attempts to send back the HTTP response after processing, but will be unsuccessful in doing so.

Step 6 — The Server Sends an HTTP Response

The server sends back an HTTP response after it interprets and handles the browser’s request. This response contains the status code followed by a series of optional headers that define and contain information about the content that is returned. After the status code and the headers, the actual response body/content that was requested is contained. If an HTML page was requested, the body will contain this content. The www.holbertonschool.com HTML content will be included in the response body like in the image blow.

http://www.ntu.edu.sg/home/ehchua/programming/webprogramming/http_basics.html

Step 7 — The Browser Displays the HTML Content

The browser is a program that is built to be able to interpret HTML content. Thus, it will receive the HTML content in the HTTP response body and display it to the user. Additionally, if there are additional plugins or styling referred to in the HTML code, the browser will send several other HTTP GET requests to the website host server for the files containing these styling codes and plugins. This is how the browser pulls the CSS and Javascript content that might be associated with the website function as well as the images, videos, and application plugins that might be called for in the HTML code. After all content is transferred, a complete web page will be displayed in the web browser!

that the traffic is encrypted

Have you ever wondered how much of World’s Internet traffic is encrypted?It is a difficult problem to scan all web servers to figure out if they serve HTTP (port 80) or HTTPS (port 443) and how many out there in the wild. The difficulty stems from several factors — not all servers allow port scanning, web servers may run on non-standard ports such as 8080, 8081 and 8888, and modern CDNs and cloud/virtual hosting may host several web sites at the same IP.

Encrypted Traffic in North America in 2015 (Source: Sandvine)

Even though it is difficult to find exact figures, data are pointing that we are moving in the right direction (more encrypted content). In 2015, Sandvine reported that about 30% of Internet traffic in North America is encrypted. Recent report on National Exposure Index by Rapid 7 gives a rough estimate that about 60% uses HTTP to serve web pages whereas 40% uses HTTPS. As you can see, the pendulum is swinging towards HTTPS. There isn’t sufficient information predict when we will reach 50% mark, but I am optimistic that with initiatives such as Let’s Encrypt, we will cross this mark next year.

Can we find out the distribution of encrypted traffic by county? Finding the IPs belonging to each country is a hard problem. The problem is made harder by the increased adoption of cloud infrastructures which blur the physical demarcation of IPs. Nevertheless, with not-so-accurate IP-geography mapping, it is interesting to see how different countries fare with respect to encrypted Internet traffic. In particular, I found Rapid 7’s country wise encrypted-unencrypted traffic ratio quite interesting (Figure below).

Percentage of Encrypted vs. Un-encrypted

I am somewhat skeptical about this result mainly because of the countries listed in the two ends of the spectrum. Nevertheless, estimation done right, such a measure could be a good yardstick on how secure a country’s Internet traffic is (Note that I infer encrypted traffic as a yardstick of security; it may not necessarily be the case — even encrypted traffic could be insecure — what if the certificates used to encrypt are expired, what if weak keys are used, what if the web servers are already compromised (and controlled by attackers) etc. — but one thing is for sure if they are not encrypted, the traffic is exposed to anyone who wants to listen to your data and susceptible to man-in-the-middle attacks).

In summary, we will see a world with a majority encrypted Internet traffic pretty soon!

that the traffic goes through a firewall

firewall demonstration

A firewall allows traffic to navigate in and out of your network based on predefined rules. The firewall keeps the bad traffic out and allows for the good traffic to go in and out. Basically, the firewall is a barrier between your internal network and the internet, so any signal that is either coming in or being sent from your computer has to pass through the firewall.

How do firewalls work?

A firewall works by filtering packets from and to your internal network by applying the first line of defense based on filtering specifics to that firewall. Internet is usually an interesting network connecting to millions of computers, in a browser, like google chrome, we enter the name of a website, a website address, within seconds we get a reply from other computes connected to the internet that stores the content from that site, as a result the website is displayed on the screen, GUI, sometimes hackers get access to this internet connection and they try to steal your sensitive information, such as: user IDs, passwords, bank details, debit card details, etc.. But the firewalls protect you from the online hackers. Firewalls maintain a list of allowed and not allowed computers. Consider two computers where one is named Bob and one is named Sam, Bob stores the website named www.example.com, while Sam is the hackers computer, and his name is written in the not-allowed list. Now you type in the address www.example.com in your internet web browser this request is then forwarded to the internet, since Bob stores the contents of that requested website it makes sense that he would reply. But the hackers, Sam, hack this connection and he too sends a reply, but since it is written in the not-allowed section of this lists held by the firewall, the firewall blocks the contents of this hacked connection despite them both being forwarded to the user, you. This is called packet filtering and the list is called the access list.

Firewalls also note which website you are currently on, since you are reading this on medium.com on the internet, your firewall has a conversion list that it is recording the name of the computer running this web address and the name of the address. Consider a hacker has hacked your connection and he has started sending some unwanted data, but that data reads as this website, but your firewall knows that you are using data from only this specific address, medium.com, so what the data hacker has sent was blocked by the firewall. This method of protection is called stateful inspection.

Now for the last method, picture two computers, Tyler and Sean, and both computers are connected to the internet through another computer, an orlo, so now when Tyler sends the request for www.github.com, it is sent to the orlo computer, and then the orlo computer requests to the internet for the data. the internet knows that the orlo computer has requested for this website address but it does not know that Tyler actually requested it. Thus, the orlo computer hides Tylers identity with the help of proxy firewalls. Which also protects you from other hackers hacking your connection.

Are there different types of firewalls?

There are both hard ware and software firewalls that can be used for the protection of your home or business network. Most operating systems have a software firewall implanted into the initial configuration. Such as Windows Firewalls for PCs that are set on by default. The three main types of firewalls (also represented earlier on) are packet filters (a firewall technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination Internet Protocol (IP) addresses, protocols and ports), stateful inspection (also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall), and proxies (a network security system that protects network resources by filtering messages at the application layer. A proxy firewall may also be called an application firewall or gateway firewall).

What are some firewall strategies for keeping networks secure?

A firewall can filter traffic based on the source IP address or the Destination IP address. The firewall will either discard or forward the packets. A firewall may use a directory for TCP connections (the application of the TCProtocol. The protocol is stateful, naturally, and typically proceeds in a SYN-ACK-data-FIN sequence, or SYN/RST in case of a rejected transmission) or filter by the ports being accessed.

that the request is distributed via a load balancer

Most users of the web are blissfully unaware of the sheer scale of the process responsible for bringing content across the Internet. There are literally miles of the Internet between you and the server you’re accessing.

To make things worse, sites that become extremely popular have to deal with consistent increases in monthly traffic, which can slow down the experience for everyone involved. Some sites can draw more visits in a month than comparable sites do in a year. Sites which bring in high-volume traffic may inadvertently be faced with frequent server upgrades, so that page speed and, in turn, usability, doesn’t suffer for their loyal customers. Often, however, simple hardware upgrades aren’t enough to handle the vast traffic that some sites draw.

So, the question that business owners, their UX designers, and their developers ought to be asking themselves is not only how to keep the day-to-day speed at a level which doesn’t impact usability, but also how to prepare for the kind of traffic your site may experience down the road.

Prepare for the Worst with Load Balancing

So how do you ensure that your site won’t burst into figurative flames as page visits skyrocket? Consider employing a technique called load balancing.

Load balancing refers to efficiently distributing incoming network traffic across a group of backend servers, also known as a server farm or server pool.

Load balancing distributes server loads across multiple resources — most often across multiple servers. The technique aims to reduce response time, increase throughput, and in general speed things up for each end user.

Modern high‑traffic websites must serve hundreds of thousands, if not millions, of concurrent requests from users or clients and return the correct text, images, video, or application data, all in a fast and reliable manner. To cost‑effectively scale to meet these high volumes, modern computing best practice generally requires adding more servers.

A load balancer acts as the “traffic cop” sitting in front of your servers and routing client requests across all servers capable of fulfilling those requests in a manner that maximizes speed and capacity utilization and ensures that no one server is overworked, which could degrade performance. If a single server goes down, the load balancer redirects traffic to the remaining online servers. When a new server is added to the server group, the load balancer automatically starts to send requests to it.

Loads are broken up based on a set of predefined metrics, such as by geographical location, or by the number of concurrent site visitors.

Members of a certain group — such as ‘people living in Europe’, for example, may be directed to a server within Europe, while members of another group take, for instance, ‘North Americans’ may be directed to another server, closer to them.

In this manner, a load balancer performs the following functions:

• Distributes client requests or network load efficiently across multiple servers
• Ensures high availability and reliability by sending requests only to servers that are online
• Provides the flexibility to add or subtract servers as demand dictates

Load Balancing Algorithms

Different load balancing algorithms provide different benefits; the choice of load balancing method depends on your needs:

• Round Robin — Requests are distributed across the group of servers sequentially.
• Least Connections — A new request is sent to the server with the fewest current connections to clients. The relative computing capacity of each server is factored into determining which one has the least connections.
• IP Hash — The IP address of the client is used to determine which server receives the request.

Load balancers are generally grouped into two categories: Layer 4 and Layer 7. Layer 4 load balancers act upon data found in network and transport layer protocols (IP, TCP, FTP, UDP). Layer 7 load balancers distribute requests based upon data found in application layer protocols such as HTTP.

Layer 7 load balancers can further distribute requests based on application specific data such as HTTP headers, cookies, or data within the application message itself, such as the value of a specific parameter.

Session Persistence or Sticky Sessions

Information about a user’s session is often stored locally in the browser. For example, in a shopping cart application, the items in a user’s cart might be stored at the browser level until the user is ready to purchase them. Changing which server receives requests from that client in the middle of the shopping session can cause performance issues or outright transaction failure. In such cases, it is essential that all requests from a client are sent to the same server for the duration of the session. This is known as session persistence. A method used with Application Load Balancing, to achieve server-affinity.

The best load balancers can handle session persistence as needed. Another use case for session persistence is when an upstream server stores information requested by a user in its cache to boost performance. Switching servers would cause that information to be fetched for the second time, creating performance inefficiencies.

Advantages

• Reasonably simple to implement for experienced network administrators.
• Reduces the need to implement session-failover, as users are only sent to other servers if one goes offline.
• Load balancer/router is often responsible for detecting offline servers, providing faster request-failover than round-robin DNS-based load balancing.

Disadvantages

• Difficult to set up for network administrators who are new to sticky sessions.
• Problems can be difficult to diagnose. See the sections below for the main issues.
• The load-balancer/router must be load-balanced itself, or it becomes a point of failure that will take down an entire cluster.
• Cannot provide global load-balancing (whereas round-robin DNS can).
• Session-failover is often not implemented, as there is reduced need. If a server goes offline, all users lose their session.

Dynamic Configuration of Server Groups

Many fast‑changing applications require new servers to be added or taken down on a constant basis. This is common in environments such as the Amazon Web Services (AWS) Elastic Compute Cloud (EC2), which enables users to pay only for the computing capacity they actually use, while at the same time ensuring that capacity scales up in response traffic spikes. In such environments, it greatly helps if the load balancer can dynamically add or remove servers from the group without interrupting existing connections.

Hardware vs. Software Load Balancing

Load balancers typically come in two flavours: hardware‑based and software‑based. Vendors of hardware‑based solutions load proprietary software onto the machine they provide, which often uses specialized processors. To cope with increasing traffic on your website, you have to buy more or bigger machines from the vendor. Software solutions generally run on commodity hardware, making them less expensive and more flexible. You can install the software on the hardware of your choice or in cloud environments like AWS EC2.

Load balancers ensure reliability and availability by monitoring the “health” of applications and only sending requests to servers and applications that can respond in a timely manner, helps you maximize both customer satisfaction and the return on your IT investments.

that the web server answers the request by serving a web page

A web server is a computer connected to a network and has special software installed. The software shows the files (such as HTML, CSS, PHP, js, jar, etc) of the main computer as a website to other computers on the same network. The main function of a web server or internet server is to respond to HTTP requests to deliver website content and services over the internet. It consists of a physical server, operating system (OS) and software used to simplify HTTP communication.

In this case, you may have a question that a computer connected with a network shows a website. So, if the main device remains off, then how can others use or find it? Obviously, you are unable to access if this really happens. Web hosting companies perform all the activities to mitigates this downtime issue. They maintain the web servers located on different data centers that can make the availability of the website for 24/7. The system may need to be restarted once a year or a month.

Generally, the web hosting companies and professional web app developers use the webserver software. Besides, people who own a website and want to use server-side technologies, such as, PHP or ColdFusion, can also use the webserver.

Here I will show how the web servers work.

Obtaining the IP Address

Generally, a website is assigned an IP address when it is first created on a web server. The browser first obtains the IP address from the domain name either by searching in its cache or requesting one or more DNS (Domain Name System) Servers.

Requesting the Full URL

After knowing the IP address the website is located at, the browser requests a full URL from the webserver.

Responding to the Request

Now the browser receives a response from the web server accessing the desired pages. If in any case, the pages do not exist or the browser experiences some errors, the web server will send the appropriate error message.

Now the browser receives a response from the webserver accessing the desired pages. You may see error 404 while accessing a page. It means the page does not exist, an error message sent by the webserver. Another is error 401 which means that your access is denied to us due to providing incorrect credentials such as username, password, etc.

Displaying the Web Page

Finally, the browser displays the web page or error message sending by the web server.

Popular Web Servers

Different types of web servers are available in the market. Apache HTTP Server, Microsoft IIS, Nginx Web Server, Apache Tomcat, and LightSpeed Web Server are the popular ones.

Let us know about some of the popular web servers.

Apache HTTP Server

Apache is a widely used and most popular web server that has been maintained and developed since 1995 through the Apache Software Foundation. It is distributed under an open-source license and available for various operating systems like Windows, Mac OS X, Unix, Linux, Solaris, Novell Netware, and FreeBSD.

Nginx Web Server

Nginx — pronounced as “Engine-Ex, is an open-source HTTP web server that has emerged as the second most popular Web server behind the Apache and Microsoft’s IIS. It currently powers popular websites like Pinterest, WordPress.com, Netflix, Hulu, CloudFlare, Zappos and Zynga, and is now also used as a reverse proxy, HTTP cache, and load balancer.

Nginx can run on Linux, Mac OS X, Solaris, AIX, HP-UX and BSD variants.

Microsoft IIS

Another popular web server is Microsoft IIS (Internet Information Service) that runs on Windows systems to serve requested HTML pages or files. It accepts requests from remote client computers and returns the appropriate response. IIS server is not open source though it has all the features of the Apache server.

It is developed and maintained by Microsoft, thus it works with all the Windows operating system platforms and will likely be unstable on Linux and Macs.

Apache Tomcat

Apache Tomcat is an open-source server software developed by the Apache Foundation (ASF). It’s written in Java and widely used by web developers when working on web application development. Apache Tomcat provides an environment in which one could run their java code.

It can be configured using an SSL certificate to secure sensitive data by providing a secure connection and used on Windows, Mac OS, Linux operating systems.

Summarizing all, web servers can be used by an individual or a web hosting company. The main job of a web server is to respond to the browser request to display the website content. As mentioned above that a web server must be set on data centers to be always online for the visitors. To mitigate the downtime issue, companies put their servers on different data centers around the world.

that the application server generates the web page

When building a web application, there are three main principles to bear in mind. From a customer’s point of view, the application should be simple, aesthetically pleasing, and address most of their problems. From the business aspect, a web application should stay aligned with its product/market fit. From a software engineer’s perspective, a web application should be scalable, functional, and able to withstand high traffic loads.

All these issues are addressed in the web application’s architecture. We’ll cover the basic concepts of any modern web application and explain how the architecture patterns may differ depending on the application you’re building.

What is Web Application Architecture?

So, what is a web application and how is it different from a website?

The basic definition of a web application is a program that runs on a browser. It’s not a website, but the line between the two is fuzzy. To differentiate a web application from a website, remember these three formal characteristics. A web application:

• addresses a particular problem, even if it’s simply finding some information
• is as interactive as a desktop application
• has a Content Management System

A website is traditionally understood to simply be a combination of static pages. But today, most websites consist of both static and dynamic pages, which makes almost all modern websites — you guessed it! — web applications. In this article, we will use the terms interchangeably.

Your computer, or smartphone, or any other device you’re browsing with is called a client. The other half of the web equation is called a server because it serves you the data you request. Their communication is called a client-server model, whose main concern is receiving your request and delivering the response back.

Web application architecture is a mechanism that determines how application components communicate with each other. Or, in other words, the way the client and the server are connected is established by web application architecture.

Web applications of different sizes and complexity levels all follow the same architectural principle, but details may differ. We will further explain how a basic request-response process works and what components comprise the architecture.

How does the web request work?

To understand the components of web application architecture, we need to understand how they are used in performing the most basic action — receiving and responding to a web request.

Web request-response cycle

Let’s look at Amazon.com to illustrate our explanation.

First, you visit amazon.com. You type in the URL and as you hit Enter, your browser prepares to recognize this URL, because it needs to know the address of the server where the page is located. So it sends your request to the Domain Name Center (DNS), a repository of domain names and their IP addresses. If you’ve already visited Amazon from the same browser, it will pull the address from the cache. Then, a browser sends the request to the found IP address using the HTTPS protocol.

Second, the web server processes the request. The web server where Amazon.com is located catches the request and sends it to the storage area to locate the page and all data that follows with it. But its route is held via Business Logic (also called Domain Logic and Application Logic). BL manages how each piece of data is accessed and determines this workflow specifically for each application . As BL processes the request, it sends it to storage to locate the looked-for data.

Third, you receive your data. Your response travels back to you and you see the content of the web page on your display. The graphical interface you see when scrolling Amazon’s or any other website is called the front end of an application — it depicts all UX and UI components so that a user can access the information they came looking for.

Web application architecture components and Three-Tier Architecture

Most web applications are developed by separating its main functions into layers, or tiers. This allows you to easily replace and upgrade each layer independently. This architectural pattern is called Multi- or Three-Tier Architecture.

Web application architecture following the three-tier pattern

Presentation layer

The presentation layer is accessible to users via a browser and consists of user interface components and UI process components that support interaction with the system. It’s developed using three core technologies: HTML, CSS, and JavaScript. While HTML is the code that determines what your website will contain, CSS controls how it will look. JavaScript and its frameworks make your website interactive — responsive to a user’s actions. Developers use JavaScript frameworks such as Angular and React to make the content on the page dynamic.

Business layer

This layer, also called Business Logic or Domain Logic or Application Layer, accepts user requests from the browser, processes them, and determines the routes through which the data will be accessed. The workflows by which the data and requests travel through the back end are encoded in a business layer. For example, if your application is a hotel booking website, business logic will be responsible for the sequence of events a traveler will go through when booking a room.

Although business rules can be a manifestation of the business logic, they are not the same. Sometimes business rules are extracted and managed separately, using a Business Rules Management System, as we discussed in our article on back office systems.

Persistence layer

Also called the storage or data access layer, the persistance layer is a centralized location that receives all data calls and provides access to the persistent storage of an application. The persistence layer is closely connected to the business layer, so the logic knows which database to talk to and the data retrieving process is more optimized.

The data storage infrastructure includes a server and a Database Management System, software to communicate with the database itself, applications, and user interfaces to obtain data and parse it. Typically you can store your data either in owned hardware servers or in the cloud — meaning, that you purchase data center management and maintenance services while accessing your storage virtually. Using the services of cloud technology providers such as Amazon, Google, or Microsoft, you can utilize Infrastructure-as-a-Service, Platform-as-a-Service, or serverless approaches to cloud management.

There are also components that usually exist in all web applications but are separated from the main layers:

Cross-cutting code. This component handles other application concerns such as communications, operational management, and security. It affects all parts of the system but should never mix with them.

Third-party integrations. Payment gateways, social logins, GDSs in travel websites are all integrations connected to the application’s back end via pieces of code called APIs. They allow your software to source data from other software and widen your functionality without coding it from scratch. Read how APIs work in our dedicated article.

Let’s see how the three-tier architecture is implemented in different types of web applications.

Example #1. Dynamic web pages, SPAs, and MPAs

The application’s front end can serve either static or dynamic content. In most cases, it’s a combination of both. Static Web Pages exist on a server as they are and contain information that doesn’t change. Dynamic Web Pages change information every day or in response to a user’s request — think of any news website or your Twitter feed. The combination of dynamic and static content makes up a web application. The simplest example of a web application with dynamic content is a Single Page Application.

Single Page Applications

The main purpose of SPAs is the ability to access all information from a single HTML page. Having moved the application logic to the client-side and using server-side only as data storage, developers can make the website run faster and ease the load off the server. The front end, aside from HTML and CSS, is written on a single framework, which dynamically generates content and transmits it to a user (think of a Facebook feed or your Gmail). Dependencies between components are tight. This means that making changes to one of the UX or UI elements necessitates rewriting the whole front end code.

Since SPAs move the logic to the client-side, they have to be written using client-side scripting. If you’re using client-side scripting technologies, you’re basically building templates, so when a user requests content, a server simply transmits this data back to the browser, which renders it according to the templates. This significantly reduces the server load, as opposed to server-side scripting. The core technology of client-side scripting is JavaScript. Along with its many frameworks, this language allows creation of both small and robust applications.

Single Page Application architecture

When the role of the server is reduced to data services, this is sometimes called thin server architecture.

We can’t talk about SPAs without mentioning the more traditional model — Multi-Page Applications.

Multi-Page Applications

In Multi-Page Applications, some content requests need a whole new web page to be retrieved from the server. These are massive applications with multi-layered UI. AJAX technology solves the difficulties of complex applications transferring a huge amount of data between server and browser, refreshing only selective elements of the application. At the same time, the given approach brings more complexity to the table being more difficult to develop as compared to that of the SPA.

MPA architecture

As opposed to the SPA’s client-side scripting, traditional applications are written using both client- and server-side languages. Server-side scripting means that all operations are performed on the server’s end, so when you request content, it processes the script, retrieves data from the storage and chooses the content to display. Server-scripting languages you should be familiar with include PHP, Java, Python, Ruby, C#, and more.

Example #2. Enterprise applications

Enterprise application is a highly customizable software that’s developed specifically for the needs of a particular organization. It usually has several business-oriented tools integrated under a single interface. Enterprise systems are also directly wired into the company’s existing workflow. They are robust, give access to a lot of users simultaneously, and share interfaces with various other enterprise tools. If you want to know more about the process of developing an enterprise architecture, check out article.

The two main distinctions enterprise application architecture has from a regular web application is the addition of another layer to the classic pattern — the service layer.

The service layer is another abstraction between Presentation and Business Logic. It’s an integration gateway that allows other software to access your business logic and resources without interacting with those resources directly. It works by passing messages through a separate interface and works like an API.

Enterprise application architecture

Apart from an extra layer, enterprise applications have access to data sources from other applications in an organization, making it a network of software solutions, connected by APIs. Besides, there are more groups of users who have access to different functional components — they can be business partners, clients, admins, and several groups of staff. Sometimes the presentation tiers are separate for all of them, so you can deploy the application as intranet or extranet.

that the application server request data from the database

A web server is nothing but a software program designed to handle web requests. While the terms Web server and Applications server are often used interchangeably to relate to the same thing.

Difference between a web server, an application server, and a database server:

Web server is nothing but the program that refer and accept all the fulfills incoming requests from clients for web resources over the World Wide Web. Some of the optional contents which usually are HTML pages, image files, video files, etc It may refer to a system comprised of hardware or software, or both where the web contents are stored.

An application server serves dynamic content to the end users using different protocols including HTTP. It’s a software framework which provides all the facilities required to create and run both web based and enterprise based applications. it is best suited for serving dynamic content and transferring applications from one device to another.

Database server is the term used to refer to the back-end system of a database application using client/server architecture. Based on the client requirement the database server plans and their platform will change.

Function of Web Server and Application Server

The main purpose of a web server is to make the static content accessible for the users to view on the web browsers. The job of an application server is to host and expose business logic applications and processes using several different protocols.