OPERATOR REFERENCE · LAYER 7

Layer 7 Field Reference
HTTP, DNS & Application Protocols

protocols → methods → status codes → DNS → APIs → auth → the full request lifecycle
BROWSER / CLIENT APP
DNS → HTTP request
WEB SERVER / API
status + payload
RENDERED RESULT
01 Common Application Protocols
ProtocolPortPurpose
HTTP80Unencrypted web traffic
HTTPS443TLS-encrypted web traffic
DNS53Name-to-IP resolution
SMTP25 / 587Sending email
IMAP / POP3143 / 110Retrieving email
FTP20 / 21File transfer
SSH22Secure remote shell
DHCP67 / 68Automatic IP assignment
SNMP161 / 162Device monitoring and management
NTP123Time synchronization
02 HTTP Methods
G

GET

Retrieve a resource — safe, no side effects, cacheable.

P

POST

Create a resource or submit data — not idempotent.

U

PUT

Replace a resource entirely — idempotent.

Δ

PATCH

Partially update a resource.

X

DELETE

Remove a resource — idempotent.

O

HEAD / OPTIONS

Headers only, no body / discover allowed methods (CORS preflight).

03 HTTP Status Codes
RangeClassCommon Examples
1xxInformational100 Continue
2xxSuccess200 OK · 201 Created · 204 No Content
3xxRedirection301 Moved Permanently · 302 Found · 304 Not Modified
4xxClient Error400 Bad Request · 401 Unauthorized · 403 Forbidden · 404 Not Found · 429 Too Many Requests
5xxServer Error500 Internal Server Error · 502 Bad Gateway · 503 Service Unavailable · 504 Gateway Timeout
04 Common HTTP Headers
Request HeaderPurpose
HostTarget domain (enables virtual hosting)
AuthorizationCredentials — Basic, Bearer token, etc.
AcceptContent types the client can handle
Accept-EncodingCompression formats supported
User-AgentClient software identification
Response HeaderPurpose
Content-TypeMedia type of the response body
Content-EncodingCompression applied to the body
Set-CookieIssues a session/tracking cookie
Cache-ControlCaching rules for clients/proxies
Access-Control-Allow-OriginCORS — which origins may read the response
05 DNS Record Types
RecordPurpose
AHostname → IPv4 address
AAAAHostname → IPv6 address
CNAMEAlias — points to another hostname
MXMail server for the domain, with priority
TXTArbitrary text — SPF/DKIM/domain verification
NSDelegates the domain to authoritative name servers
SOAZone authority info — serial, refresh, TTL defaults
PTRIP → hostname (reverse DNS)
06 API Styles
R

REST

Resources over HTTP verbs, typically JSON. Simple, cacheable, widely understood.

G

GraphQL

Single endpoint, client specifies exactly what fields it needs — avoids over/under-fetching.

gRPC

Binary (Protobuf) over HTTP/2, strongly typed contracts — fast, common for service-to-service calls.

07 Authentication Schemes
SchemeHow It Works
Basic AuthBase64-encoded username:password in the header — must run over HTTPS
Bearer Token / JWTSigned token sent in the Authorization header, verified without a server-side lookup
API KeyStatic key identifying the calling application, often in a header or query param
OAuth 2.0Delegated authorization — user grants a third-party app limited access without sharing credentials
Session CookieServer-side session referenced by an opaque cookie value
08 What Happens — Loading a Web Page End-to-End
1

DNS resolution

Browser resolves the hostname to an IP — checking local cache, then OS resolver, then recursive resolver, then authoritative name servers if needed.

Layer 7 · DNS
2

TCP connection established

3-way handshake to the resolved IP on port 443.

Layer 4
3

TLS handshake

Cipher suite negotiated, certificate validated, symmetric session key derived.

Layer 6
4

HTTP request sent

Browser sends a GET request with headers (Host, Accept, cookies/auth tokens) inside the encrypted TLS session.

Layer 7 · request
5

Server processes the request

Web server/application checks auth, routes to the right handler, queries a database if needed, and builds a response.

Application logic
6

Response sent back

Status code, headers (Content-Type, Set-Cookie, Cache-Control), and body are compressed and encrypted, then delivered over the existing TCP/TLS session.

Layer 7 · response
7

Browser renders the result

HTML parsed, additional resources (CSS, JS, images) trigger their own DNS/TCP/TLS/HTTP cycles in parallel, and the page becomes interactive.

Application layer
09 Full Stack Recap (L1 → L7)
L1
Physical
Cable, RJ45, voltage/light signaling, PoE, speed/duplex negotiation
L2
Data Link
MAC addressing, switching, VLANs, trunking, spanning tree
L3
Network
IP addressing, routing tables, ARP, ICMP, NAT
L4
Transport
TCP/UDP, ports, handshake, windowing, reliable or best-effort delivery
L5
Session
Session establishment, dialog control, checkpoints, tokens/cookies
L6
Presentation
Encoding, serialization, compression, TLS encryption
L7
Application
HTTP, DNS, APIs, auth — what the user and app actually interact with
10 Common Layer 7 Faults
SymptomLikely Cause
DNS_PROBE_FINISHED_NXDOMAINDomain doesn't exist or DNS record missing/typo
Connection times outServer down, firewall blocking, wrong DNS pointing elsewhere
401 / 403 errorsMissing/expired/invalid credentials, insufficient permissions
CORS error in browser consoleServer missing Access-Control-Allow-Origin for that origin
502 / 504 from a proxy/load balancerUpstream server down, slow, or unreachable
CheckCommand
DNS resolutiondig example.com / nslookup example.com
Full request/responsecurl -v https://example.com
Headers onlycurl -I https://example.com
Response timing breakdowncurl -w "@timing.txt" -o /dev/null -s URL
Browser-level detailDevTools → Network tab