


- the protocol aka the "language" that the browser will use to talk to the webserver.To add to the other answers: here's a quick dissection of a URL:

In fact, take a website, move it to another IP address on another server - but make sure you port the certificates as well, modify your hosts file to point to the new IP address and your HTTPS site will work even when you have overridden the DNS. SNI is negotiated by the webserver and cares nothing about DNS (ignoring for the timebeing CAA records and the like, which are related but not SNI and are not ubiquitous). It is possible for the server at to act as a reverse proxy and fetch the final data from 192.168.2.1, but it will route the request through the secure connection established between the browser and 192.168.1.1.ĭNS and SNI are barely related. From the web clients POV, both and /mypage exist on the same IP address. Your contention that is on 192.168.1.1 but /mypage is on 192.168.2.1 is wrong. The web browser then connects to that IP address and asks for the resource (eg part after the slash) - no DNS involved. When it comes to handling http(s) requests, all that DNS does is convert the domain name to an IP address.

Update: Reading the comments under the selected answer on this Server Fault post answered my first question. Please consider only usage of plain text DNS on port 53, no secure DNS like DoH or DoT at all. Lastly but the most important one, if DNS requests/responses and TLS SNI fields only contain subdomains and main domain of a website, does it mean for example my ISP won't know exactly which Twitter or Instagram pages I visit and only can see that I access and, as long as connection is HTTPS? I assume that works, but what if the address after the slash has a different IP address? like for example, is located at 192.168.1.1 but /mypage is located at 192.168.2.1? Is it even mainstream to do this? So, I'm wondering, how does an app or browser know which page to access after the forward slash?ĭoes the browser or app only need to know/query the IP address of the main domain or sub-domain and then it will simply add the slash after it? like 192.168.1.1/mypage in case of Twitter for example? Watching the DNS and SNI of my network adapter in Wireshark, all I see is domain names and sub-domain names, but nothing after the slash, like no mention of /page or /mypage
