On 7/14/20 12:32 PM, William Herrin wrote:
On Tue, Jul 14, 2020 at 12:17 PM Michael Thomas <m...@mtcc.com> wrote:
On 7/14/20 12:09 PM, William Herrin wrote:
On Mon, Jul 13, 2020 at 3:12 PM Mehmet Akcin <meh...@akcin.net> wrote:
I am hosting a live show a few times a month about internet infrastructure and
today's topics were, your favorite questions asked network engineers - you can
watch the recording here
https://www.youtube.com/watch?v=o3pvikTrF0M
if you have suggestions on topics to cover helping network operations
engineering that you want to see in here, please feel free to contact me
off-list, and let's create unique content that can be helpful to others.
"What happens when you type www.google.com in your browser bar and hit
enter?" is one of my favorite questions. Half the field of computing
happens next. Keyboard interrupts fire. Bits are poked in dram, sram,
maybe even tcam. Packets are sent. Fonts are composed into pixels.
There's a crazy amount you can talk about and the right answer is:
string things together in order for 5 or 10 minutes without getting
anything horribly wrong.
Oh, I thought this was a trick question of whether it takes you directly
to google, or does a search.
That's a good start. First thing the browser does decide whether
that's a URL or a search question. How does it decide? And then what
happens?
I will prompt you to keep talking. After all, I'm rooting for you to
succeed so that I can hire you.
Heh. Ok, it has some heuristic which looks for things that appear to be
a url, or a fragment of a url and if it looks like it's a URL will make
a canonical representation of url. it's an interesting question whether
it chooses http or https or both in a happy-eyeballs kind of way and i
don't know the answer to that. for search, i creates a canonical url to
google which obeys its query engine's API/parameters.
In both cases, a library routine will be called which knows how to do a
HTTP(S) GET method which will in turn queries DNS for the host part of
the url which may use port 53/UPD or the new fangled DoH which I'm
uncertain whether it runs on plain old 80/443 or something new. Once the
IP address is fetched, it might literally do Happy Eyeballs to determine
whether the host is reachable by IPv6 (assuming there was a AAAA record
for the host), which of course involves connecting a TCP (or now
QUIC/UDP) socket and performing the three-way handshake to initiate a
connection, or whatever the QUIC equivalent is since they are trying to
jam all of the TCP and TLS handshakes into as few exchanges as possible.
In both cases, a TLS is spun up doing PFS(? I know IPsec does),
cert-exchange from the server to the client but extremely rarely client
to server where signatures are created and verified.
I could keep going down the stack but I'll warn you ahead of time that I
get dodgy at the PHY layer and fancy MAC stuff -- I'm not actually a
network engineer, so things like VLAN's and 802.1x don't roll off my
tongue, so you can probably stop this interview now :)
Mike
