As per my understanding DNS is used for resolving domain names into IP addresses. I am using Ubuntu. I did following. nslookup facebook.com
gave me the IP of the website. I blocked DNS using firewall. The I typed IP into browser. It should have loaded facebook site but it did not. If I unblock the DNS, then above method fetches the site. Why this happens - I mean why DNS is required when I have the IP of the website ?
-
Look at the page source. Face is loading content from fbstatic-a.akamaihd.net ...– DavidPostill ♦Commented Jun 14, 2015 at 14:37
-
could you please explain ? The link takes me to a blank page.– mhiCommented Jun 14, 2015 at 14:40
-
The link is not meant to go anywhere. Facebook uses these servers to load javascript and display content.– DavidPostill ♦Commented Jun 14, 2015 at 14:42
-
en.wikipedia.org/wiki/Akamai_Technologies– DavidPostill ♦Commented Jun 14, 2015 at 14:43
-
My point is that the method I described does not work for any website I tried (around 10 of them, some of them not as big as facebook). Why this happens ?– mhiCommented Jun 14, 2015 at 14:44
1 Answer
When you access a website over HTTP, the domain name isn't used just for DNS; it is also sent over HTTP itself (as a Host:
header). That way, the same server can host many websites (sometimes one or two, sometimes hundreds at once) on the same IP address – called virtual hosting.
With HTTPS connections, the same name is sent over TLS too (as a Server Name Indication extension), so the server can choose which certificate to use for which site, again when hosting many sites on the same IP address.
But if you try to access https://<ip-address>/
, there's nothing the browser could send, so the server doesn't know which site you wanted, either.
(I'm pretty sure this has been answered many times, but I can't find a good post on the site)
-
With DNS off the browser is not able to load any other domain required to correctly display the page, eg ajax.googleapis.com used by this page, correct?– DavidPostill ♦Commented Jun 14, 2015 at 14:51
-
1Your browser will not send a 'Host:' header if you specify
http://XXX.XXX.XXX.XXX
. DNS doesn't really have anything to do with the header directly (your browser uses DNS to find the IP of the host, and also sends theHost:
header.) Behavior can vary according to how the web server is configured if your browser sends no header - it may ignore you, return an error, take you to a default site, simply not care, etc. The whole reason for theHost:
header is so that one IP can be used to host sites for multiple domains - so mysite.example and mysite2.example can point to the same IP. Commented Jun 14, 2015 at 15:42