User runs an application such as a web browser.

User enters a symbolic DNS name : www.youpayme.notinyourlife.com

The application requests a name to IP translation.

The local machine is checked for cached lookups.

If not found, The local machine then contact the listed local DNS database for lookup.

If not found,
  DNS contacts top level of DNS system. These are the 'root servers' and there are 13 in the world

As long as the local DNS server has not been hacked, by going next to the top of the DNS tree, user is fairly safe to get correct IP.

* Some networks are large enough that they may have a small DNS tree within the organization, so there may be some further lookups before contacting the top of the tree.

The server at the top of the tree returns the IP of one of server trusted DNS servers responsible for .com names. This is done to limit the load on the root servers.

The user's application then contacts .com server to get the IP of youpayme.notinyourlife or just notinyourlife, depending on the hierarchical design of the network we are attempting to reach.

Since the example has additional qualifiers, the user's application then contacts notinyourlife.com server to get the IP of youpayme.

If found, IP returned to User's browser.

User's application now packages the web page's IP and http server port in a packet. This port is a publicly known and standardized port. Or the user used a special qualifier to pick not standard port.

www.youpayme.notinyourlilfe.com:4213

If data is larger than a packet's size, multiple packets with sequencing info will be generated.

It also includes the user's IP which it got from the local DHCP server (or from a file stored on the user's machine) when the machine first went on line and a port # > 1024 which the application allocated to perform the web page fetch. For each separate transaction (different web tab or browser window), a new port will be used.

It puts this in a network frame (Ethernets) with the target mac@ of subnet's gateway/router machine or to the mac@ of another machine on the local network, if that is the target.

The gateway system strips the frame data from around the packet and puts a new frame appropriate to the technology of the connection to the next route point.

If the data being sent is larger than the frame, it will be parsed accordingly.

The new frame/packets will be passed from router node to router node. At each node a ttl (time to live) counter will be decremented to guard against a packet wandering the Internet forever.

Eventually, the packet arrives at the destination's network gateway. The gateway machine used DHCP to lookup the mac@ of the destination machine and places the packets in frames.

The destination machine receives the frames, looks at the ip:port info inside and redirects the packets to the http server which should be listening on the dedicated port.

The server responds by finding the information requested and packaging it up following the much of the same sequence as the initial request. Once a connection is established, most of the contact info is cached locally, so the lookup steps are instantaneous.