Main content
Course: Code.org > Unit 1
Lesson 2: How the Internet worksIP addresses and DNS
The co-founder of the Internet Vint Cerf and software engineer Paola Mejia take us through the ins and outs of how networks talk to each other.
Want to join the conversation?
I thought IP address was specific for a device. Why do websites have an IP address ? I'm confused now.(35 votes)
MAC addresses are specific to devices. Typically a network interface device will have a sticker or label with its MAC address on it.
IP addresses are not specific to devices. Often, when you hook up a device to a network it requests an IP address to be assigned to it. The amount of time it is allowed to keep that IP address can vary (some networks may even choose to permanently assign a device an IP address ). It is even possible, through the use of Network Address Translation, for many devices to share the same IP address.
So why don't we just use MAC addresses for websites ?
A MAC address is just for a single network interface device. If that device broke down and had to be replaced or the website want to use several different devices to balance the load of requests, a single MAC address wouldn't work.
Hope this makes sense(63 votes)
How do you know if you are using a fake website and not the real one?(30 votes)- If you are using https: then your browser will receive a certificate signed by a certification authority confirming that the website is who it says it is.
For example on Chrome, if I click on the lock by the web address and the tab for "Connection" it will have a link to the "Certificate Information".
If you are using just plain http: then you can't be certain whether the site is fake or not.(58 votes)
- How can you figure out what your computer's address is?(13 votes)
- For Windows command prompt: use the command
ipconfig
For Unix command prompt: use the commandifconfig
It will look something like this: X.X.X.X where X are numbers
If the IP address you find looks like 192.168.X.X (it starts with 192.168), then:
- You only found out your local IP address on your internal network.
- Your router is using NAT (network address translation), so that outside world only sees one IP address, but all your devices on your local network can use it
(For more info see: https://en.wikipedia.org/wiki/Network_address_translation)
- To find the IP address that the outside world sees use https://www.whatismyip.com/
(alternatively you can run the administrator tools for you router and it should tell you)(30 votes)
if my hardware (say PC) is connected to a LAN will it have same IP address for local network and public network (internet) ?(8 votes)- It depends.
If you are not using Network address translation (NAT) then your external IP address will be the same as your local IP address.
If you are using NAT (which most home networks with a router will be using) your router will present a single external IP address to the world, and your devices on your local network will have addresses between 192.168.0.0 and 192.168.255.255. NAT works by making up port numbers for each device on your local network. When one of your devices sends a packet to the internet, NAT will replace the source IP address with the external IP, and the source port with the port number it made up for that device. When NAT receives a packet, it looks at the port number for the packet and then forwards it on to the device associated with that port number.
Why do we use NAT ? Under the dominant standard IPv4 there are a limited number of IP addresses, and buying them is expensive. NAT lets many devices share one IP address. Under IPv6 (the newer standard, which is slowly spreading) there are so many IP addresses that every device can have its own IP address, which will make NAT, for the most part, unnecessary.
For more info see: https://en.wikipedia.org/wiki/Network_address_translation(16 votes)
So an IP Address is 4 bytes?
That also means the highest CURRENT possible IP could be 1111111111111 or 255.255.255.255?
This also means the future IP will be 16 bytes and the IP will be in hexadecimal, right?(5 votes)- IPv4, the older standard, uses a 4 byte address
One of the standard ways to present an IPv4 address is dotted decimal notation.
(Decimal values for each byte are seperate by '.', e.g. 192.168.1.1 )
IPv6, the newer standard, uses a 16 byte address.
(don't ask about where IPv5 went, it's a long story...)
One of the standard ways to present an IPv6 address is 8 groups of 4 hexadecimal digits separated by colons e.g. 2001 : 0db8 : 85a3 : 0000 : 0000 : 8a2e : 0370 : 7334 (which can be further simplified to 2001 : db8 : 85a3 :: 8a2e : 370 : 7334 by eliminating leading zeroes and replacing consecutive blocks of zeros with :: )
Both of these protocols are in use, but the majority (>80%) of the traffic currently uses IPv4.
Of course, the IP addresses are just numbers, so there are many other ways to represent them.
By the way, 255.255.255.255 is reserved as a broadcast address in IPv4 (https://en.wikipedia.org/wiki/Broadcast_address)(18 votes)
- can someone comment on the concept of a logical port number, explanations I could find are way too abstract for me to comprehend. thank you.(6 votes)
- Suppose I wanted to send a package to Bob Smith at the XYZ company.
I would have to write the address of the XYZ company on the package, and I would also have to write the name of Bob Smith on the package. The delivery person would deliver the package to the mail room at the XYZ company. The mail room at XYZ would then sort out the mail and deliver Bob Smith his package.
A similar thing happens with packets on the internet. The IP address is the address, that tells the internet where the packet needs to go to on the network. The port number tells the computer where the data needs to go once it has reached the computer e.g. one packet could be part of a picture loading on your web browser, and another packet could be part of an update for some program.(12 votes)
I have several questions in regard to IP addresses:)
1) Do Internet Service Providers and websites buy IP addresses?
2) When my computer connects to different networks it uses different IP addresses?
3) If some IP addresses are temporary, how did people catch hackers based off that?
4) If a hacker knows the IP address I'm using (which is temporary) and tries to hack the address when someone else uses it, will the hacker be hacking someone else's computer?
5) How can I protect my IP address from hackers?
6) Does Cloud mean uploading local files to servers so that given the IP address of the server we can use different IP addresses to access the files?
7) How does the DNS servers know the IP addresses given the DNS of websites at the very beginning? How do the website set up the "memory"?
Thanks in advance for your generous answers! Love the video - always wanted to learn about how Internet works!!(6 votes)- 1) Yes
2) For your computer to talk on a network it will be need an IP address. Typically, it will be leased an IP address by the local DHCP server. So, if you hook your computer up to your ISP's network, the ISP's DHCP server will lease you an IP address. If you take your laptop to school and hook up to their network, then the school network's DHCP serve will assign you an IP address. When the time expires, the DHCP server will lease you a different IP address.
3) IP addresses do change often. However, an ISP would own a block of IP addresses. It is possible that they might maintain logs of who was leased what IP address for how long. So, it might be possible to associate an IP address with a person. However, most hackers will hide their IP address behind proxy server(s), which can makes finding the hackers real IP address effectively impossible.( Don't believe what you watch on detective shows )
4) Yes
5) Usually it's not necessary to. If you really want to hide your IP address then hide it behind a proxy server. Alternatively, you could periodically tell your network interface device to release the old IP address and obtain a new one from the DHCP server.
6) The cloud is basically accessing servers by the internet. You could store files on them, run programs on them, etc. (depending on what the owner of the server has agreed to).
7) Typically when the website is registered with a domain name registrar e.g. Go Daddy, will add the entries to the authoritative name server. When other DNS servers look for that website, they will eventually ask that server.(6 votes)
When I accidentally type .khanacademy.com, how does it turn into khanacademy.org?(2 votes)- Here' some ways you could do that:
1) DNS:
In the DNS table have an entry that say that the canonical name for http://www.khanacademy.com is http://www.khanacademy.org
That way when your browser is looking up the IP address for .com it sees that it should look for the canonical name .org instead.
2) meta refresh tag
Add this code to the html of http://www.khanacademy.com:<meta http-equiv="refresh" content="0; url=https://www.khanacademy.org/">
This would tell your browser to refresh after 0 seconds i.e. immediately, and redirect to http://www.khanacademy.org
3) HTTP 301 redirect code
When the browser requests http://www.khanacademy.com the web server could respond to the browser withHTTP/1.1 301 Moved Permanently
Location: https://www.khanacademy.org/
Your browser then looks up http://www.khanacademy.org
4) JavaScript
If JavaScript is enabled one could include and run the following code on the http://www.khanacademy.com webpage:window.location = "https://www.khanacademy.org/";
This will redirect the browser to load https://www.khanacademy.org/
Which way does Khan academy use ?
A curl request for http://www.khanacademy.com responds with:HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Content-Type: text/html
Location: http://www.khanacademy.org
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: (The date and time I made the request)
Content-Length: 0
Age: 1
Connection: keep-alive
so we can see that they are using a HTTP 301 redirect code
Hope this makes sense(13 votes)
How do you know if a website is fake?6:09(3 votes)
The lock and the URL(Uniform Resource Locator) are your friends if a website has a HTTP(Hypertext Transfer Protocol) instead of the normal HTTPS(Hypertext Transfer Protocol Secure) then you can easily be hacked and the URL like if I wanted to publish a replica of Khan Academy it would probably be something like this:kahnacademy.orgThis can make a huge difference because the websitekhanacademy.orgis notkahnacademy.org. Another tip is if there is a green lock on the side of the URL bar then that website is secured otherwise it is most likely a phishing website.(9 votes)
- Is IP address for various devices or for websites only or for different different for both?(4 votes)
Anything that connects to the internet has to have an IP address. That means servers (which serve websites among other things), smart devices (like an iPhone or smart watch), and even cars.
An IP address is somewhat somewhat like a real address; if your smart watch asks a server for Khan Academy then the server has to know where to send the information once it finds it.(4 votes)
6:09Video transcript
(upbeat piano and drum music) - Hi. My name is Paola, and I am a software engineer at Microsoft. Let's talk about how the internet works. My job relies on networks being able to talk with one another. But back in the 1970s, there was no standard method for this. It took the work of Vint Cerf and Bob Kahn to invent the Internetworking Protocol to make communication possible. This invention laid the groundwork for what we now call the internet. - The internet is a network of networks. It links billions of devices
together all around the globe. Maybe you're connected with a laptop or a phone through wifi. But then that wifi connection connects to an Internet
Service Provider, or ISP. And that ISP connects you
to billions and billions of devices around the world through hundreds of thousands of networks that are all interconnected. One thing that most
people do not appreciate, is that the internet is
really a design philosophy and an architecture expressed
in a set of protocols. A protocol is a well-known set
of rules and standards that, if all parties agree to use it, will allow them to
communicate without trouble. How the internet actually
physically works is less important than the fact that this
design philosophy has allowed the internet to adapt and absorb new communication technologies. This is because in order
for a new technology to use the internet in some fashion, it just needs to know which
protocols to work with. All the different devices on the internet have unique addresses. An address on the
internet is just a number, similar to a phone number,
or a sort of street address that's unique to each computer or device at the edge of the network. This is similar to how most
homes and businesses have a mailing address. You don't need to know a person to send them a letter in the mail, but you do need to know their address, and how to write the address properly, so the letter can be
carried by the mail system to its destination. The addressing system for computers on the internet is similar, and it forms part of one
of the most important protocols used in internet communication, simply called the
Internet Protocol, or IP. A computer's address, then,
is called its IP address. Visiting a website is really
just your computer asking another computer for information. Your computer sends a message
to the other computer's IP address, and it also sends
along its origin address so the other computer knows
where to send its response. - You may have seen an IP address. It's just a bunch of numbers. These numbers are
organized in a hierarchy. Just like a home address has a country, a city, a street, and a house number, an IP address has many parts. Just like all digital data, each of these numbers
is represented in bits. Traditional IP addresses are 32 bits long, with eight bits for each
part of the address. The earlier numbers usually identify the country and regional
network of the device. Then come the subnetworks. And then, finally, the address
of the specific device. This version of IP
addressing is called IPv4. It was designed in 1973, and widely adopted in the early '80s, and provides for more than
4 billion unique addresses for devices connecting to the internet. But the internet has turned
out to be much more popular than even Vint Cerf imagined, and 4 billion unique
addresses won't be enough. We're now in the middle
of a multi-year transition to a longer IP address format called IPv6, which uses 128 bits per address, and provides over 340
undecillion unique addresses. That's more than enough for
every grain of sand on Earth to have its own IP address. - Most users never see or
care about internet addresses. A system called the Domain
Name System, or DNS, associates names, like www.example.com, with the corresponding addresses. Your computer uses the DNS
to look up domain names and get the associated
IP address, which is used to connect your computer to the
destination on the internet. - [Voiceover] And it goes a
little something like this. - Hey, hi there. I want to go to www.code.org - Yeah, well I don't know the
IP address for that domain. Let me ask around. Hey, anyone know how to get to a... code.org? - Yeah, I got it right here. It's 174 dot 129 dot 14 dot 120. - Oh, okay, great. Thanks. Yeah, I'm gonna write that
down and save it for later in case I need it. Hey, here's that address you wanted. - Awesome. Thank you. (piano flourish) - So how do we design a
system for billions of devices to find any one of billions
of different websites? There is no way one DNS server can handle all of the
requests from all devices. The answer is that DNS
servers are connected in a distributed hierarchy,
and are divided into zones, splitting up responsibility
for the major domains such as .org, .com, .net, et cetera. DNS was originally created to be an open and public communication protocol for government and
educational institutions. Because of its openness, DNS is susceptible to cyber attacks. An example attack is DNS spoofing. That's when a hacker
taps into a DNS server and changes it to match a domain name with the wrong IP address. This lets the attacker send
people to one imposter website. If this happens to you, you are vulnerable for more problems because you are using that
fake website as if it is real. The internet is huge, and
getting bigger every day. But the Domain Name System
and Internet Protocol are designed to scale, no matter how much the internet grows.