The internet works by breaking data into small packets, routing each packet independently through a global network of interconnected computers using a shared set of addressing and transmission rules called TCP/IP, and reassembling the packets into usable data at the destination. When you load a web page, watch a video, or send an email, the underlying process involves dozens of discrete steps — DNS lookups, TCP handshakes, packet routing across multiple networks, encryption and decryption, and content delivery from servers that may be thousands of kilometers away — all completing in fractions of a second.

The internet is not a single thing owned by any company or government. It is a network of networks: tens of thousands of independent networks operated by ISPs, universities, governments, and corporations, all voluntarily interconnected and agreeing to exchange traffic using common standards. There is no center. No single point that, if removed, would take down the whole system. This decentralized architecture, originally designed with military resilience in mind, is what makes the internet extraordinarily robust and what has allowed it to scale from a handful of research computers in the 1960s to connecting over 5 billion people today.

This article traces exactly what happens when you type a URL into a browser, explains the key protocols and infrastructure that make it work, and gives you a clear model of the layers of technology your data passes through every time you go online.

"The internet is not something you just dump something on. It's not a big truck. It's a series of tubes." — Senator Ted Stevens (2006). A famous mischaracterization, but the question of what the internet actually is remains one most people cannot answer precisely.

---

Key Definitions

Protocol: A set of rules that governs how data is formatted, transmitted, and received. Protocols allow devices from different manufacturers and running different software to communicate reliably.

IP address: A numerical label assigned to every device connected to a network. IPv4 addresses are 32-bit numbers (e.g., 192.168.1.1). IPv6 addresses are 128-bit (e.g., 2001:0db8:85a3::8a2e:0370:7334), providing vastly more addresses.

Packet: A small unit of data (typically 1,500 bytes or less) that includes the payload (actual data), source and destination IP addresses, and sequencing information.

Router: A device that forwards packets between networks, reading destination IP addresses and deciding the best next hop for each packet.

Latency: The time delay between sending data and receiving a response. Measured in milliseconds, it is a key factor in internet performance distinct from bandwidth (raw data transfer speed).

---

The Physical Infrastructure

Cables and Connections

The internet is primarily carried over physical cables. Fiber optic cables — thin strands of glass that carry data as pulses of light — form the backbone of the internet. Submarine fiber optic cables crisscross the ocean floors, connecting continents. The TeleGeography Submarine Cable Map (updated annually) shows over 400 active or planned submarine cables, carrying over 95% of all international internet traffic. The cable from New York to London can carry more than 100 terabits per second — enough to transmit the entire Library of Congress in a few seconds.

At the local level, the 'last mile' connection to homes and businesses uses various technologies: fiber optic (fastest, most expensive to deploy), coaxial cable (cable internet), copper telephone lines (DSL), or wireless radio links (fixed wireless, cellular LTE/5G). The last mile is often the bottleneck in internet performance for end users.

Data Centers

Websites and internet services run on servers housed in data centers — large facilities filled with thousands of computers, with redundant power, cooling, and network connectivity. Major cloud providers (Amazon Web Services, Microsoft Azure, Google Cloud) operate data centers on every continent. A single hyperscale data center facility may occupy hundreds of thousands of square meters and consume as much electricity as a small city.

The Protocol Stack: TCP/IP

IP: Addressing and Routing

The Internet Protocol (IP) is the fundamental addressing scheme of the internet. Every device connected to the internet has an IP address. IP defines how packets are formatted with source and destination addresses, and how routers should forward them.

IP routing is stateless and hop-by-hop: each router on the path to the destination looks at the packet's destination IP address, consults its routing table, and forwards the packet to the next router that is closer to the destination. Routers dynamically maintain routing tables using protocols like BGP (Border Gateway Protocol), which propagates reachability information across the internet's thousands of independent networks (Autonomous Systems).

IPv4, the dominant version, uses 32-bit addresses providing about 4.3 billion unique addresses — a number that proved insufficient as the internet grew. IPv6, with 128-bit addresses, provides approximately 340 undecillion addresses (3.4 x 10^38). Adoption of IPv6 has been gradual; both coexist today, with various transition mechanisms bridging them.

TCP: Reliable Delivery

IP alone does not guarantee reliable delivery — packets can be dropped, duplicated, or arrive out of order. TCP (Transmission Control Protocol) sits above IP and provides reliable, ordered delivery.

Before data is transferred, TCP performs a 'three-way handshake': the client sends a SYN packet to the server, the server responds with SYN-ACK, and the client sends ACK. This establishes a connection. Data is then transmitted in numbered segments, and the receiver acknowledges each one. If an acknowledgment is not received within a timeout period, the segment is retransmitted. The receiver reassembles segments in order, regardless of what order they arrived.

TCP also implements flow control (slowing transmission if the receiver's buffer is full) and congestion control (slowing transmission if the network is congested, detected by packet loss or round-trip time increases). These mechanisms make TCP highly reliable but introduce overhead and latency compared to UDP.

UDP: Fast, Unreliable Delivery

UDP (User Datagram Protocol) sends packets without establishing a connection, without acknowledgment, and without retransmission. What arrives, arrives; what is lost, is lost. This makes UDP faster and lower-latency than TCP, at the cost of reliability.

UDP is appropriate when real-time performance matters more than perfect delivery: video calls, live streaming, online gaming, DNS queries. A dropped frame in a video call is better than a delayed one; a retransmission would arrive too late to be useful.

QUIC (Quick UDP Internet Connections), developed by Google and standardized by the IETF as HTTP/3, runs over UDP but implements reliability and security at the application layer, providing TCP-like reliability with lower latency. It is now used for a significant portion of Google's traffic and is deployed by many major content providers.

DNS: The Internet's Address Book

How DNS Resolution Works

Every time you visit a website, your browser first needs to know the IP address of the server hosting it. Domain names like 'www.example.com' are human-readable but computers communicate via IP addresses. DNS resolution converts one to the other.

The process involves a hierarchy of DNS servers:

1. Your browser checks its local cache for a recent DNS lookup for this domain.
2. If not cached, your operating system asks a DNS resolver — typically your ISP's DNS server or a configured public resolver like Google (8.8.8.8) or Cloudflare (1.1.1.1).
3. The resolver checks its cache.
4. If not cached, the resolver queries a root name server — one of 13 sets of servers (operated by ICANN, Verisign, and others) that know which name servers are authoritative for each top-level domain (.com, .org, .uk, etc.).
5. The root server directs the resolver to the TLD (top-level domain) name server for .com.
6. The TLD name server directs the resolver to the authoritative name server for example.com.
7. The authoritative name server returns the IP address.
8. The resolver caches the result and returns it to your browser.

This entire process typically takes 20-120 milliseconds on the first lookup. Subsequent requests use the cache.

DNS Security

DNS was designed in 1983 without security in mind and remains a significant attack vector. DNS spoofing (cache poisoning) involves inserting false records into a resolver's cache, redirecting users to malicious servers. DNSSEC (DNS Security Extensions) uses cryptographic signatures to verify the authenticity of DNS records, but adoption has been slow.

DDoS attacks targeting DNS infrastructure can make major websites appear unreachable. In October 2016, a massive DDoS attack against Dyn, a DNS service provider, made dozens of major websites including Twitter, Reddit, and Netflix unavailable to users in the US and Europe for several hours.

What Happens When You Type a URL

The Complete Journey

Typing 'https://www.example.com/article' and pressing Enter triggers a precise sequence of steps:

1. DNS lookup. Your browser resolves 'www.example.com' to an IP address through the DNS process described above.

2. TCP connection. Your browser initiates a TCP connection to the server's IP address on port 443 (the default port for HTTPS). This involves the three-way SYN/SYN-ACK/ACK handshake.

3. TLS handshake. For HTTPS, the browser and server perform a TLS handshake: they agree on encryption algorithms, the server presents its digital certificate (proving its identity), and they establish a shared encryption key. This typically adds 1-2 round trips of latency.

4. HTTP request. The browser sends an HTTP GET request over the encrypted connection: 'GET /article HTTP/1.1 Host: www.example.com'. This includes headers indicating the browser type, accepted content formats, cookies, and other metadata.

5. Server processing. The server receives the request, processes it (fetching from a database if dynamic content), and prepares a response.

6. HTTP response. The server sends the response: a status code (200 OK for success), headers (content type, caching instructions, server info), and the response body (HTML, JSON, or other content). The response is broken into TCP segments and IP packets.

7. Packet routing. Packets travel from the server through its local network, to its ISP, across backbone networks, to your ISP, and finally to your router and device. Each router makes independent forwarding decisions based on destination IP address.

8. Browser rendering. Your browser receives and reassembles the packets, parsing the HTML and making additional requests for referenced resources (CSS files, JavaScript, images). These may trigger additional DNS lookups, TCP connections, and HTTP requests — a single modern web page may make 50-100 individual requests.

The total time from pressing Enter to a rendered page on a performant website over a fast connection: typically 200-500 milliseconds.

ISPs and Backbone Networks

The Network Hierarchy

The internet's physical network is organized in tiers. Tier 1 networks are the backbone providers — major telecommunications companies like AT&T, Lumen (CenturyLink), NTT, and Telia that operate the highest-capacity long-haul fiber networks. Tier 1 networks peer with each other without payment (settlement-free peering) because the exchange of traffic is roughly equal and mutually beneficial.

Tier 2 ISPs purchase transit capacity from Tier 1 providers while also peering with some networks. Tier 3 ISPs — the consumer ISPs most people use — typically purchase transit from Tier 2 providers and provide the last-mile connection to homes and businesses.

Peering and Internet Exchange Points

Rather than routing all traffic through paid transit, many networks choose to interconnect directly at Internet Exchange Points (IXPs) — neutral facilities where multiple networks physically connect their equipment and exchange traffic at low cost. Amsterdam's AMS-IX and London's LINX are among the world's largest IXPs, each handling hundreds of terabits per second at peak.

When Netflix peers directly with a major ISP, Netflix content travels directly from Netflix's servers to the ISP's network without traversing intermediate networks. This reduces Netflix's transit costs and improves streaming quality for the ISP's customers.

Content Delivery Networks (CDNs)

Why CDNs Transform Web Performance

Speed of light imposes hard limits on internet latency. Data traveling from a server in California to a user in Berlin must cover approximately 9,000 km. At the speed of light through fiber (about 200,000 km/s due to refractive index), this one-way trip takes a minimum of 45 milliseconds. A round trip is at minimum 90 ms, before any processing time.

CDNs solve this by pre-positioning content geographically close to users. A user in Berlin requesting a video from a CDN node in Frankfurt experiences latency of perhaps 5-10 ms rather than 90 ms. The CDN node serves cached content without the request reaching the origin server at all for static assets.

Cloudflare operates servers in over 300 cities worldwide. Akamai has over 300,000 servers in 130 countries. When a CDN is configured for a website, most of its static content — images, CSS, JavaScript, video files — is served from whichever CDN node is geographically closest to the requesting user.

CDN Caching and Cache Invalidation

CDNs cache content based on headers set by the origin server. A Cache-Control: max-age=31536000 header tells the CDN to cache the content for one year. When origin content changes, the CDN must be explicitly told to invalidate (purge) the cached version — otherwise users would continue receiving stale content.

Cache invalidation strategy is one of the more complex aspects of web performance engineering. It is famously described in a quote attributed to Phil Karlton: "There are only two hard things in Computer Science: cache invalidation and naming things."

Practical Takeaways

Understanding DNS makes troubleshooting easier. Many apparent internet outages are DNS failures — the server is reachable but cannot be located by name. Switching to a reliable public DNS resolver like Cloudflare (1.1.1.1) or Google (8.8.8.8) resolves many such issues.

HTTPS is not optional for any legitimate website. Plain HTTP exposes data in transit to anyone monitoring the network, including on public Wi-Fi. Check for the padlock icon and 'https://' before entering any sensitive information.

CDNs account for a large portion of global internet traffic. Understanding how they work helps explain why a website hosted on a server in one country loads quickly worldwide, and why cache clearing is sometimes needed after a site update.

Your ISP is a significant chokepoint. The quality, reliability, and bandwidth of your ISP's last-mile connection is typically the limiting factor in home internet performance, regardless of how fast the backbone networks are.

IPv6 adoption is necessary and inevitable. IPv4 addresses are exhausted; IPv6 is the long-term foundation of internet addressing. Understanding IPv6 is increasingly important for network engineers.

---

References

1. Cerf, V., & Kahn, R. (1974). A Protocol for Packet Network Intercommunication. IEEE Transactions on Communications, 22(5), 637-648.
2. Berners-Lee, T. (1989). Information Management: A Proposal. CERN.
3. Mockapetris, P. (1983). Domain Names — Implementation and Specification. RFC 882/883. IETF.
4. Postel, J. (1981). Transmission Control Protocol. RFC 793. IETF.
5. Postel, J. (1980). User Datagram Protocol. RFC 768. IETF.
6. Iyengar, J., & Thomson, M. (2021). QUIC: A UDP-Based Multiplexed and Secure Transport. RFC 9000. IETF.
7. TeleGeography. (2024). Submarine Cable Map. PriMetrica Inc.
8. Cloudflare. (2023). How the Internet Works — Learning Center. Cloudflare Inc.
9. IETF. (2018). The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446.
10. Fielding, R., et al. (1999). Hypertext Transfer Protocol — HTTP/1.1. RFC 2616. IETF.
11. Akamai Technologies. (2023). State of the Internet Connectivity Report. Akamai.
12. ICANN. (2023). Root Server Technical Operations. Internet Corporation for Assigned Names and Numbers.

Frequently Asked Questions

How does the internet actually work?

The internet works by breaking data into small packets, routing each packet independently through a global network of interconnected computers, and reassembling them at the destination. It uses a standardized set of rules called TCP/IP (Transmission Control Protocol/Internet Protocol) to ensure packets are addressed, routed, and delivered reliably. Every device on the internet has an IP address that identifies it. When you request a web page, your request and the server's response are both broken into packets that travel through multiple routers and networks before being reassembled into the content you see. No central authority controls the internet's routing — it is a decentralized, self-healing network.

What is DNS and why is it important?

DNS (Domain Name System) is the internet's address book. It translates human-readable domain names (like www.example.com) into the numerical IP addresses that computers use to locate each other (like 93.184.216.34). When you type a URL, your computer asks a DNS resolver (usually provided by your ISP or a public DNS service like Google's 8.8.8.8) to look up the IP address for that domain. Without DNS, you would need to memorize numerical IP addresses for every website you visit. DNS is also a critical infrastructure component — DNS outages or attacks can make large portions of the internet appear unreachable even when the underlying servers are functioning.

What is the difference between HTTP and HTTPS?

HTTP (HyperText Transfer Protocol) is the protocol for transferring web page data between servers and browsers. HTTPS (HTTP Secure) is HTTP transmitted over an encrypted connection using TLS (Transport Layer Security). With plain HTTP, data between your browser and the server is transmitted in clear text and can be intercepted and read by anyone on the same network. With HTTPS, the data is encrypted and can only be read by your browser and the destination server. HTTPS also verifies the server's identity through digital certificates issued by trusted Certificate Authorities, protecting against impersonation attacks. Modern browsers flag HTTP sites as not secure and most web traffic now uses HTTPS.

What is an ISP and how does it connect you to the internet?

An ISP (Internet Service Provider) is a company that provides internet access to homes and businesses. Your ISP connects your home router to their network through physical infrastructure — copper telephone lines (DSL), coaxial cable (cable internet), fiber optic cables, or wireless radio links. Your ISP's network connects to other networks through peering agreements or transit arrangements, ultimately linking to backbone networks — high-capacity fiber optic cables that carry enormous volumes of traffic across countries and under oceans. When you send data to a website, it travels through your router, your ISP's network, potentially one or more backbone networks, and finally the network where the destination server is located.

What is a CDN and why do websites use them?

A CDN (Content Delivery Network) is a geographically distributed network of servers that store cached copies of web content close to users around the world. When you visit a website that uses a CDN, you receive content from a server near you rather than from the website's origin server, which might be on the other side of the world. This dramatically reduces latency (page load time) because data travels shorter distances. CDNs also protect against DDoS attacks by distributing traffic across many servers, and reduce origin server load by serving cached content. Major CDN providers include Cloudflare, Akamai, Amazon CloudFront, and Fastly.