Blog
Thoughts on engineering, design, and building great products.
DNS: Resolving Domain Names
A deep dive into DNS — the system that translates domain names into IPs. Understand the root/TLD/authoritative hierarchy, recursive resolvers, the step-by-step resolution flow, record types (A, CNAME, MX, NS, TXT), and the role of TTL/cache. Observed live with dig.
HTTP and HTTPS
The language of the web: the request/response structure, methods (GET/POST...), status code groups (2xx/3xx/4xx/5xx), headers, and the evolution from HTTP/1.1 → 2 → 3. HTTPS is HTTP plus encryption. Observed live with curl -v.
TLS/SSL: Encryption and Certificates
A deep dive into the 'S' in HTTPS: how TLS handshakes and encrypts, what a certificate contains, and how the chain of trust from a server certificate up to a root CA lets the browser trust a website. Observed live with openssl.
Firewalls and Network Security
Controlling who can connect to which port: a firewall filters traffic by IP, port, and direction. Understand the default-deny principle, stateful firewalls, iptables/nftables on Linux, ufw, and cloud security groups.
Load Balancers and Reverse Proxies
One server can't carry all the traffic. A load balancer spreads load across many servers; a reverse proxy sits in front to shield and route. Understand L4 vs L7, load-balancing algorithms, health checks, and TLS termination.
Network Diagnostic Tools
A practical network-troubleshooting toolkit and workflow: ping, traceroute, dig, ss/netstat, nc, curl, openssl, tcpdump — each inspects one layer. And how to use them in sequence to pinpoint a 'can't connect' problem.
Tracing a Request End to End
The final article: putting everything together to trace a complete https:// request — from DNS resolution, routing, the TCP handshake, TLS encryption, to HTTP and the response — with real per-phase timing. Plus a series wrap-up.