IP to Domain Understanding the Connection

Introduction

When browsing the internet, we often use domain names to access websites. However, websites can also be accessed using their IP addresses directly. In this article, we will explore the relationship between IP addresses and domain names, and how they are connected. We will also discuss the role of reverse proxies in handling requests made solely by IP address.

Visiting a Page via URL

When we enter a URL like “https://www.somesite.com/my/cool/page” in our browser’s address bar, the browser performs a series of steps to connect to the website.

1. Domain Resolution:

2. The browser resolves the domain name “www.somesite.com” to an IP address, such as 1.2.3.4.

3. Establishing a Connection:

4. The browser knows that the default port for the HTTPS protocol is 443.

5. It initiates a TCP/TLS connection to the IP address (1.2.3.4) on port 443.

6. Sending an HTTP Request:

7. The browser sends an HTTP request to the server, which includes information like the requested page and the user agent.

8. The request looks like this:

   GET /my/cool/page HTTP/1.1
User-Agent: Firefox (or whatever you're using)
Host: www.somesite.com
Accept: */*

9. Receiving the Response:

10. The server receives the request, processes it, and sends back the HTML code of the requested page as the response.

Visiting a Page via IP

Alternatively, we can directly use the IP address to access a website, like “https://1.2.3.4/my/cool/page”. In this case, the browsing process is slightly different.

1. No DNS Resolution:

2. Since we are using the IP address directly, there is no need for DNS resolution.

3. Establishing a Connection:

4. The browser attempts to establish a TCP/TLS connection to the server using the provided IP address.

5. Certificate Errors:

6. The server’s certificate may show as untrusted because x509 certificates have a “Subject Alternative Name” extension that lists trusted names.
7. If the IP address is not listed in the certificate, the browser may display a certificate error and prevent the connection.

8. However, if the certificate does list the specific IP address or if we choose to ignore the certificate issues, the connection proceeds.

9. Sending an HTTP Request:

10. Due to the absence of a DNS name, the browser uses the IP address in the “Host” field of the HTTP request.

11. The request sent by the browser looks like this:

    GET /my/cool/page HTTP/1.1
User-Agent: Firefox (or whatever you're using)
Host: 1.2.3.4
Accept: */*

12. Receiving the Response:

13. The server receives the request and responds based on the specified path, just like in the previous case.

Reverse Proxies and Multiplexing Requests

Many websites use reverse proxies, such as nginx, traefik, or caddy, to handle incoming requests. Reverse proxies can distribute requests across multiple backend web servers based on the “Host” field in the HTTP header.

Let’s consider a scenario where we have two web applications, app1 and app2, running on the same server. To differentiate between the applications, we set up two DNS entries pointing to the same IP address: “app1.somesite.com” and “app2.somesite.com”.

The reverse proxy is configured to examine the “Host” header in the HTTP request and direct the incoming requests to the corresponding application.

1. Using a Reverse Proxy:
2. The reverse proxy receives incoming requests for both app1 and app2, which are identified by the same IP address.

3. The “Host” field helps the reverse proxy determine the intended application for each request.

4. Multiplexing Requests:

5. By analyzing the “Host” field, the reverse proxy can multiplex the requests across the actual applications running on the host.

6. This allows the applications to share resources and utilize a single server while still being accessible through different DNS names.

7. Requesting via IP:

8. When making a request solely by IP address, the reverse proxy may not be able to determine the intended application.
9. Depending on the reverse proxy’s configuration, the request may be directed to one of the applications or neither of them.

In conclusion, when accessing a website, using the domain name is the preferred method as it allows for proper DNS resolution and ensures the correct handling of requests by reverse proxies. However, in some cases, accessing a website directly through its IP address may be possible, but it can result in certificate errors and may not work as expected when reverse proxies are involved.