status
this chapter is in active development
expect live edits and rapid iteration (except for when i am really busy with other stuff) while this material is written.
the request
what happens when you curl a url.
status
this chapter is in active development
expect live edits and rapid iteration (except for when i am really busy with other stuff) while this material is written.
what happens when you curl a url.
type a url, hit enter, stare at the screen, wonder if the vpn is acting up again.
that dead air is not magic.
it is dns, tcp, tls, and http stumbling over each other to deliver a handful of bytes.
this chapter rips the sequence apart so you can point to the exact failure instead of chanting "must be the network."
every curl -v walks through the same gauntlet: name resolution, handshake, crypto, protocol.
miss one beat and you start chasing ghosts.
production outages rarely arrive with flames; they start with getaddrinfo() blocking on a bored resolver or tls waiting on a cert chain somebody forgot to renew.
the spec authors already wrote the receipts: RFC 1034/1035 for dns, RFC 9293 for tcp, RFC 8446 for tls 1.3, RFC 9112 for http/1.1, so we lean on them instead of rewriting lore.
pick a predictable target like https://example.org. random saas domains add soap opera plot twists no one asked for.
run curl -v https://example.org in one terminal while sudo tcpdump -i eth0 host example.org hoovers packets in another. rename the interface if yours is called something cursed like wlan0 or enp6s0f0.
take notes. timestamps, packet numbers, strace output. anything you cannot back with evidence stays outside this chapter.
dns lookup deals with stub resolvers, caches, and the recursive mess every request inherits.
tcp connect is the three-packet ritual that turns sockets into a pipe.
tls handshake explains why plaintext died, how sni keeps vhosts alive, and why session tickets shave latency.
http exchange obsesses over request lines, headers, chunking, and why http/2 still drags tcp baggage around.
tracing a request stitches everything back together with timing budgets and failure signatures so the story holds up.
none of this is hypothetical.
if you cannot back a claim with a packet capture, a syscall trace, or a spec citation, it does not belong here.
continue at your own risk.