惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Fortinet All Blogs
宝玉的分享
宝玉的分享
酷 壳 – CoolShell
酷 壳 – CoolShell
T
The Exploit Database - CXSecurity.com
Help Net Security
Help Net Security
腾讯CDC
Project Zero
Project Zero
C
CXSECURITY Database RSS Feed - CXSecurity.com
IT之家
IT之家
C
Cyber Attacks, Cyber Crime and Cyber Security
T
Tailwind CSS Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
D
Darknet – Hacking Tools, Hacker News & Cyber Security
L
LINUX DO - 最新话题
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Threatpost
N
News | PayPal Newsroom
C
Cybersecurity and Infrastructure Security Agency CISA
Hacker News - Newest:
Hacker News - Newest: "LLM"
S
SegmentFault 最新的问题
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
P
Proofpoint News Feed
A
Arctic Wolf
B
Blog RSS Feed
Forbes - Security
Forbes - Security
P
Privacy & Cybersecurity Law Blog
Attack and Defense Labs
Attack and Defense Labs
V2EX - 技术
V2EX - 技术
P
Proofpoint News Feed
I
Intezer
Application and Cybersecurity Blog
Application and Cybersecurity Blog
阮一峰的网络日志
阮一峰的网络日志
aimingoo的专栏
aimingoo的专栏
T
Tenable Blog
MyScale Blog
MyScale Blog
U
Unit 42
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
WordPress大学
WordPress大学
W
WeLiveSecurity
D
DataBreaches.Net
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
G
GRAHAM CLULEY
有赞技术团队
有赞技术团队
Martin Fowler
Martin Fowler
罗磊的独立博客
The Last Watchdog
The Last Watchdog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
V
Vulnerabilities – Threatpost
美团技术团队
Microsoft Security Blog
Microsoft Security Blog

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
deep dive into network protocols
Amit Dhotay · 2026-05-31 · via DEV Community

Most people never think about network protocols, and that is exactly how it should be. Protocols are the invisible agreements that let billions of devices, built by competing companies and running incompatible software, cooperate well enough to load a web page. They only become visible when they fail and when they fail at scale, the failure is spectacular.
This article walks through the four protocols that carry almost everything you do online:
IP and TCP: which move and order the bytes;
BGP: which decides which path those bytes take across the planet;
DNS: which turns human-friendly names into machine addresses;
HTTP/HTTPS: the language the web itself speaks.
Then it tells the story of October 4, 2021, when a single change to one of these protocols took Facebook, Instagram, and WhatsApp off the internet for roughly six hours a case study that shows, better than any diagram, how tightly these layers depend on one another.

A protocol is just an agreement
A protocol is a shared set of rules for how two parties exchange information what a message looks like, what order things happen in, and what to do when something goes wrong. Network protocols do the same thing, just formalized down to the bit.
The internet is built as a stack of these agreements, each handling one job and trusting the layer below it to handle its own. The mental model worth holding onto is this: lower layers move raw data between machines, and higher layers add meaning.
The beauty of this design is separation of concerns: your browser speaking HTTP does not need to know whether your packets travel over fiber, copper, or radio. But the cost of that design is dependency. Each layer assumes the one beneath it is working. When a low layer breaks, everything above it breaks too and the symptoms often appear at the top, far from the real cause. Hold that thought; it is the whole point of the case study.
IP and TCP: moving the bytes
At the foundation sits the Internet Protocol (IP). IP's only job is addressing and delivery: every device gets an IP address, and IP defines how to package data into packets and send them toward a destination address. Crucially, IP makes no promises. Packets can arrive out of order, be duplicated, or vanish entirely. IP is a postcard system drop it in the mail and hope for the best.
That unreliability is intentional, because it keeps IP simple and fast. The job of making it reliable is handed up to the Transmission Control Protocol (TCP). TCP sits on top of IP and adds the guarantees applications actually want: it numbers each chunk of data so the receiver can reassemble it in order, it asks for retransmission of anything that goes missing, and it controls the rate of sending so a fast server does not overwhelm a slow connection.
TCP also opens a connection before sending real data, through a three-step handshake (often summarized as SYN, SYN-ACK, ACK). This is the digital equivalent of "Hello? Hi, can you hear me? Yes, go ahead." Only after both sides confirm they can reach each other does the real conversation begin. Together, IP and TCP give the rest of the stack a clean abstraction: a reliable, ordered stream of bytes between any two addresses on Earth. Everything else is built on that promise.
BGP: the map of the internet
Knowing a destination's IP address tells you who you want to reach, but not how to get there. The internet is not one network; it is tens of thousands of independent networks called Autonomous Systems (AS) operated by ISPs, cloud providers, universities, and large companies like Meta. The Border Gateway Protocol (BGP) is how these networks tell each other which addresses they can deliver traffic to.
Think of BGP as the postal routing system between countries. Each network "advertises" the blocks of IP addresses (called prefixes, written like 69.171.250.0/24) that live inside it, effectively announcing, "If you have traffic for these addresses, send it my way and I'll get it there." Routers across the world collect these advertisements and assemble them into a constantly updated map of which paths lead where. When you advertise a prefix, the world learns how to reach you. When you withdraw it, the world forgets you exist your addresses simply fall off the map, and traffic for them has nowhere to go.
BGP is built on trust and operates at a scale where small mistakes propagate globally in seconds. A network that withdraws its routes, whether by accident or because of a hijack, can make itself unreachable almost instantly. Remember this property: BGP is the layer where you can erase yourself from the internet.
DNS: the phone book
Humans remember names; machines route to numbers. The Domain Name System (DNS) is the translation layer between the two. When you type instagram.com, your device asks a DNS resolver, "What IP address does this name point to?" The resolver walks a hierarchy of servers root servers, then the servers for .com, then the servers that are authoritative for instagram.com until it gets an answer, then hands the address back so your browser can actually connect.
DNS is so fundamental that it is easy to forget how much depends on it. Almost nothing on the modern internet is reached by raw IP address; nearly every connection begins with a name lookup. This makes DNS a frequent suspect when things break. But DNS is often the messenger, not the murderer. As the case study will show, DNS can fail loudly because of a problem that originated two layers below it.
One more detail matters for the story: large providers run their own authoritative DNS servers, and those servers are reachable only if the rest of the world has a working route to them. DNS depends on BGP. If the route to your DNS servers disappears, your names stop resolving not because DNS is broken, but because no one can reach the machines that answer DNS questions.
HTTP and HTTPS: the language of the web
Once a name has been resolved to an address and a TCP connection has been opened to it, the two machines finally speak the language of the web: the HyperText Transfer Protocol (HTTP). HTTP is a request-and-response protocol. Your browser sends a request "GET me the home page" and the server sends back a response containing the page, an image, or data, along with a status code (the familiar 200 OK, 404 Not Found, and so on).
HTTP by itself is plain text, which means anyone between you and the server could read or tamper with it. HTTPS fixes this by wrapping HTTP inside an encrypted TLS (Transport Layer Security) connection. Before any web data flows, the client and server perform a TLS handshake: they verify the server's identity using a digital certificate and agree on encryption keys. Only then does the actual HTTP exchange happen, now scrambled so that intermediaries see only gibberish. This is the difference between the padlock in your address bar and its absence and it is why HTTPS is now the default for essentially the entire web.
HTTP/HTTPS is the layer users actually experience. But notice how much had to happen first: a name resolved (DNS), a route found (BGP), a reliable connection opened (TCP/IP), and only at the very end does the page load. Every web request is a quiet relay race through all four protocols.
How it all fits together: one click, four protocols
Putting it together, here is what happens in the second after you tap a link to example.com:

DNS turns example.com into an IP address like 93.184.216.34. To do that, your resolver must be able to reach the authoritative DNS servers which depends on routing.
BGP is the reason your resolver knows a path to those servers, and the reason your packets later know a path to the destination address.
TCP/IP opens a reliable connection to that address through the three-way handshake and guarantees the bytes arrive in order.
HTTPS runs a TLS handshake over that connection, then sends the HTTP request and receives the page.

It works flawlessly billions of times a day, which is why no one thinks about it. But because each step assumes the previous one succeeded, a failure low in the chain can masquerade as a failure high in the chain. That is precisely what happened to one of the largest companies on Earth.
Case study: the day Facebook erased itself from the map
What happened
On October 4, 2021, beginning at roughly 15:40 UTC, Facebook and every major service it owned Instagram, WhatsApp, Messenger, and Oculus became globally unreachable for approximately six to seven hours. The disruption was not a slowdown or a partial degradation; the services simply could not be found. Even "Log in with Facebook" buttons on unrelated third-party sites stopped working. By some estimates the outage cost the company around $100 million in lost revenue, alongside a sharp hit to its stock.
The symptom everyone first noticed was DNS: names like facebook.com stopped resolving.
The root cause: a BGP withdrawal triggered from below
According to Meta's own postmortem, the trouble began during routine maintenance on the company's backbone the internal high-capacity network that connects its data centers to one another and to the outside world. A command intended to assess spare backbone capacity was issued with a flaw, and a configuration change disconnected Meta's data centers from the backbone.
Here is where the protocols interlock in a way that turned a mistake into a catastrophe. Meta's DNS servers were configured with a sensible-sounding safety feature: each DNS server continuously checks whether it can reach the data centers behind it, and if it cannot, it assumes the network around it is unhealthy and withdraws its own BGP route advertisements. The logic is "if I can't do my job correctly, stop sending traffic to me." Under normal conditions this is a good failsafe it routes around a single sick server.
But on October 4, the backbone removal meant that every DNS server simultaneously concluded it was unhealthy. So they all did exactly what they were told to do: they withdrew their BGP advertisements at the same time. In an instant, the routes to Meta's DNS servers vanished from the global routing table. The DNS servers themselves were still running and perfectly capable of answering but with their routes withdrawn, no one on the internet had any path to reach them.
That is the whole chain in one sentence: a backbone misconfiguration (internal network) made the DNS servers declare themselves unhealthy (DNS layer), which made them withdraw their routes (BGP layer), which erased Facebook's addresses from the internet's map. The DNS failures everyone saw were the top of the stack reporting a wound inflicted near the bottom.
Why it took six hours to fix
A change that propagates in seconds should be reversible in seconds. It was not, and the reasons are a lesson in how dependencies cut both ways.
First, with the routes withdrawn, engineers could not reach the affected systems remotely through their normal tools those tools relied on the very network that was down. Second, many of Meta's internal systems for diagnosis and access depended on DNS, which was now broken, so the tools needed to fix the problem were themselves casualties of the problem. Third, when engineers tried to fix the routers physically, they faced obstacles at the data centers, where access control and badge systems that would normally be trivial were entangled with the same failed infrastructure. The company that had erased itself from the internet had also, inadvertently, locked itself out of its own buildings.
Recovery required getting people physically to the hardware to restore the backbone connection. Once that happened, BGP advertisements came back, routes reappeared in the global table, DNS began resolving again, and the application layer recovered over the following hour. Service was broadly restored by around 22:50 UTC.
The cascade, in order
To make the dependency chain explicit, here is the sequence the case lays bare:

Backbone maintenance error disconnects data centers from the internal network.
DNS servers' health checks fail because they can no longer reach those data centers.
DNS servers withdraw their BGP routes as designed, believing they are protecting the network.
BGP routes disappear globally, so the internet loses all paths to Facebook's addresses.
DNS resolution fails worldwide the visible symptom because the DNS servers are now unreachable.
Recovery stalls because the tools and access methods needed to fix it depended on the broken layers.

Each step is a different protocol, and each step was working correctly by its own rules. There was no bug in BGP or DNS. The disaster lived in the coupling between them a failsafe at one layer became an amplifier at another.
What the outage teaches about protocols
The technical lessons engineers drew from the incident generalize well beyond Meta. Failsafes that act in isolation can fail in unison: a rule that safely removes one unhealthy server will remove all of them when the unhealthiness is global, so safety mechanisms need to consider correlated failure. Out-of-band access matters: the systems you use to fix an outage must not depend on the systems that are down, or you lose your hands and eyes at the worst possible moment. And tight coupling between layers is a hidden risk: DNS automatically reacting to network health, and BGP automatically reacting to DNS, created a chain reaction no single team had fully modeled.
But the deeper lesson is the one this article opened with. The internet works because each protocol trusts the layer beneath it and handles one job well. That same trust is what lets a low-level mistake ripple upward until a configuration command on an internal backbone manifests, to three billion users, as "Instagram won't load." Understanding the protocols individually is useful. Understanding how they depend on one another is what separates a tidy diagram from an accurate picture of how the internet actually behaves and breaks.
Takeaways

Protocols are layered agreements, each solving one problem and relying on the layer below. IP/TCP move bytes, BGP finds paths, DNS resolves names, HTTP/HTTPS carries meaning.
Symptoms appear at the top; causes often live at the bottom. A DNS failure is frequently a routing or network failure wearing a disguise.
BGP is where you can erase yourself. Withdrawing route advertisements removes you from the internet's map almost instantly and globally.
Coupling is the real danger. The 2021 Meta outage involved no broken protocol it was the interaction between correct behaviors at different layers that caused the cascade.
Recovery tooling must be independent of the thing it recovers. When your diagnostic and access systems share the failure, the outage extends itself.