How Data Really Travels Across the Internet

A step-by-step, plain-language story of what happens when you type **google.com* and press Enter.*

---

The big idea (in one minute)

Computers don’t send a whole web page in one go. They wrap your message in layers (like nested envelopes), pass it to the next device, and unwrap it at the other end. These layers are called the OSI model:

1. Physical – signals on wires / Wi-Fi
2. Data Link – local delivery using MAC addresses
3. Network – global delivery using IP addresses
4. Transport – reliable delivery using ports (TCP/UDP)
5. Session – keep a conversation open
6. Presentation – formats, encryption (TLS)
7. Application – what apps say (HTTP for the web)

We’ll follow a single request to google.com through these layers, and we’ll include DNS, your router, your ISP, switches, and Google’s data center.

---

0) Before anything else: finding Google’s IP (DNS)

You can’t send a letter without an address. “google.com” is a name, but the internet routes by numbers (IP addresses).

What happens:

• Browser cache → OS cache → router cache
• If no one knows, your computer asks your DNS resolver (ISP or public DNS like 1.1.1.1 / 8.8.8.8).
• Resolver checks with root servers → .com servers → Google’s authoritative DNS.
• Returns an IP address (IPv4 or IPv6).

👉 Outcome: your computer now knows Google’s IP.

---

1) Application layer (Layer 7): your browser prepares the request

• You press Enter.
• Browser creates an HTTP GET request.
• Uses HTTPS, so everything is wrapped in TLS encryption.
• Destination port: 443.

---

2) Presentation layer (Layer 6): make it safe and readable

• Your browser and Google perform a TLS handshake.
• Google’s certificate proves it’s really Google.
• Both sides agree on encryption keys.

👉 Only you and Google can read the traffic.

---

3) Session layer (Layer 5): keep the conversation alive

• A session is established.
• Multiple requests/responses reuse the same secure connection.

---

4) Transport layer (Layer 4): reliable delivery with TCP

• TCP adds ports:
  • Source port = random high number
  • Destination port = 443
• TCP performs a 3-way handshake.
• Breaks request into segments, numbers them, ensures retransmission if lost.

👉 Guarantees that your request arrives whole and in order.

---

5) Network layer (Layer 3): global addressing (IP)

• Adds source IP (your device via ISP) and destination IP (Google).
• Packets get a TTL (time to live).
• Packet is sent to your default gateway (home router).

---

6) Data Link layer (Layer 2): local delivery with MAC addresses

• Your computer uses ARP to find the router’s MAC address.
• Creates a frame:
  • Source MAC = your NIC
  • Destination MAC = router
• Switches forward frames inside the LAN.

---

7) Physical layer (Layer 1): actual signals

• Frames turn into electrical signals, radio waves, or light pulses.
• Transmitted over Wi-Fi, Ethernet cable, or fiber.

---

8) Your home network: router + (optional) switch

• Router strips Layer 2 info, looks at IP, applies NAT (private → public IP).
• Records port mappings for replies.
• Sends packet to ISP wrapped in a new frame.
• Switches just forward frames locally.

---

9) Your ISP: access, aggregation, and core

• Access router receives the packet.
• Internal routers and switches forward it toward the core.
• Routing protocols:
  • Inside ISP: OSPF or IS-IS.
  • Between ISPs: BGP (Border Gateway Protocol).
• Each router rebuilds Layer 2, decrements TTL, forwards packet.

---

10) The global internet: IXPs, cables, and anycast

• Packet may cross Internet Exchange Points (IXPs).
• Long-distance travel often uses undersea fiber optic cables.
• Google uses anycast: same IP advertised worldwide → your packet goes to the nearest healthy Google edge.

---

11) Google’s edge and data center

• Edge load balancers accept your connection.
• Traffic may pass firewalls, DDoS protection.
• Inside the data center:
  • Leaf-spine switches move packets between racks.
  • Load balancer sends request to a web server.
• Web server generates an HTTP response (HTML, CSS, JS references).

---

12) The return trip: reverse layering

• Google sends response back:
  • Application → Presentation → Session → Transport → Network → Data Link → Physical.
• Your ISP and router handle it back to your device.
• Router NAT table maps reply to your device.
• Your device reassembles TCP segments, decrypts TLS, and hands data to browser.
• Browser renders the page.

---

13) Switches vs Routers (clear distinction)

• Switch (Layer 2): moves frames locally using MAC addresses.
• Router (Layer 3): moves packets between networks using IP addresses.

👉 Memory trick:

• Switch = Same network.
• Router = Road between networks.

---

14) Extra pieces in the real world

• CDNs: cache content close to you.
• Caching: browser and DNS caches reduce repeat trips.
• Firewalls / WAF: block malicious traffic.
• VPNs: wrap your traffic in another encrypted tunnel.
• QoS: prioritize video calls over downloads.

---

15) Troubleshooting by layers

• Layer 1: unplugged cable, weak Wi-Fi.
• Layer 2: VLAN misconfig, blocked MAC.
• Layer 3: wrong IP/gateway, routing loop.
• Layer 4: firewall blocking ports.
• Layer 5–7: TLS errors, app errors, 404/500.

---

16) Quick recap of the journey

1. DNS resolves google.com → IP.
2. Browser builds HTTPS request.
3. TLS encrypts it.
4. TCP ensures reliable delivery.
5. IP addresses it globally.
6. MAC addresses deliver locally.
7. Physical medium moves bits.
8. Router → ISP → internet backbone → Google.
9. Google’s data center responds.
10. Your browser decrypts, parses, and displays.

---

Glossary

• IP address: internet number (like a street address).
• MAC address: local hardware ID (like an apartment buzzer).
• Port: numbered door for applications.
• Packet: unit at IP layer.
• Frame: unit at Data Link layer.
• TLS: encryption protocol.
• NAT: translates private to public IP.
• Router: connects networks.
• Switch: connects devices locally.
• DNS: phonebook of the internet.

---

Final thought

Every click on the web is a complex dance: names become n