Skip to main content

What Happens When You Type in a Web Browser and Press Enter? (Tcp/Ip Stack)

Linux, Networking & Security are the domains of my interest.



Before diving into the topic, let me ask you a few questions;

  • Have you ever wondered what happens when you open a browser, type any URL, and press Enter?
  • What exactly happens behind the browser and in the server where the website is hosted?
  • How the internet finds out the correct server even if it is placed far far away from you?

If you want answers to all these questions and many more then this is the blog for you.

Note: For simplicity, consider HTTP protocol instead of HTTPS protocol (which adds transport layer security) i.e. instead of

Let’s Begin

Go to your browser and type

First take a look at the protocol it uses, the HTTP protocol, which happens to be an application layer protocol, and the user directly interacts with this protocol.

DNS Request

The user or the computer does not know where is being served so it issues a DNS request using UDP protocol for which returns the IP address of as its response if the domain is found in the DNS server. Assume it to be so the (Dest. IP address i.e. the IP address of the web server where is hosted is

GET Message

Now, a “GET Message” is created and asks for the homepage of using HTTP in the browser and all of this happens in the application layer.


Addition of Port Number

This message is pushed onto the Transport Layer where the TCP protocol adds a few things and the most important one is port no. (let’s source port no. be 12345 and destination port no. is 80. [HTTP uses port 80 by default])

Scroll to Continue

Attaching IP Address

The Segment from the Transport Layer is pushed down to Network Layer where Internet Protocol (IP) adds the source IP address (given to your device by your ISP) and destination IP address (we received as a DNS response in the first step) to the encapsulated TCP segment.


Mac Addresses

The above IP packet is pushed down to the last layer i.e. the physical layer where an ethernet frame is created and hardware or the MAC addresses are added (source & the destination MAC address. )


Complete Client-side data flow in the STACK


Now what?

  • The frame created at the end of the Transport Layer goes through the wire to the router in your house which receives it in its physical layer, decapsulates it, and gets the IP packet inside that.
  • The network Layer in the router changes the source IP address to its IP and sends the packet outside the home network to your ISP if the destination IP address is not found in your home network.
  • It’s again encapsulated inside a frame where the source MAC address is your router MAC address and the destination MAC address is your ISP’s MAC address and sent via the physical media/channel.
  • Now using the Routing Table it’s routed to the correct web server where is hosted.

What happens when the packet finally arrives at the correct destination?

  • Decapsulation takes place at every Layer.
  • First, at the network layer, the IP address is checked and the decapsulated packet is sent to the Transport layer.
  • In the Transport layer, it checks for port no. (80 in our case) and sends the packet through the correct port.
  • The application Layer receives the message where HTTP recognizes it as a GET request for the homepage of google so it gets packets and responses from the hard drive.
  • Now, the same encapsulation process starts to reach the Client, and this time source MAC address is changed to 12345 in the response header and decapsulated at the client end to get the webpage.

This article is accurate and true to the best of the author’s knowledge. Content is for informational or entertainment purposes only and does not substitute for personal counsel or professional advice in business, financial, legal, or technical matters.

© 2022 Ashutosh Singh Patel

Related Articles