TCP/IP from Scratch
I wanted to understand what actually happens when my browser makes an HTTP request. Not the high-level "it sends a request and gets a response" - I wanted to see the raw bytes at each protocol layer. What does a TCP header actually look like? Where is my password in the packet? What does encryption do to the data?
I built this with Claude Code, asking it questions as I went. The FAQ sections in the output came from real questions I had - things like "who adds these headers?" and "does every request need a new handshake?". Using Python and Scapy, we created examples that show hex dumps and byte-by-byte breakdowns of real packets.
Foundations: The 4 Layers
The first example covers all 4 layers of the TCP/IP model, presented from familiar to unfamiliar - starting with the Application Layer (HTTP, JSON, emails) that web developers work with daily, then diving into Transport (TCP/UDP), Internet (IP), and Link (Ethernet) layers.
It includes 9 application data examples (HTTP requests, JSON, DNS queries, binary files), detailed TCP/UDP comparisons with byte breakdowns, and a complete 4-layer packet showing exactly how an HTTP request becomes bytes on the wire.
TLS and HTTPS
The second example focuses on encryption. It shows the same HTTP request with and without TLS - in plain HTTP you can literally read the password in the hex dump, while HTTPS turns it into unreadable gibberish. It also explains the TLS handshake (ClientHello, ServerHello) and why it's different from the TCP handshake.
Source
Full repository with Python source code: github.com/shipurjan/tcp-ip-from-scratch