Clients and Servers: Roles in a Network Conversation
📑 On this page
- A role, not a shape
- Listening and connecting
- Requests and responses
- A concrete weather example
- Thin and thick clients
- Stateful and stateless servers
- Concurrent clients
- APIs
- Scaling servers
- Proxies
- Failures and timeouts
- Peer-to-peer
- Common misunderstandings
- "A server is always one physical computer"
- "The client is always the user's device"
- "Stateless means no data is stored"
- "Retrying every failure is safe"
- Knowledge check
- The one idea to remember
The words client and server are sometimes treated as hardware categories: a laptop is a client and a rack-mounted computer is a server.
The more useful definition concerns roles.
A client initiates a request for a service. A server listens for requests and provides responses or actions.
One machine can perform both roles in different conversations.
A role, not a shape
A phone weather app is a client when it requests a forecast.
The weather service is a server for that request.
The weather server may then act as a client when it requests data from:
- Database
- Mapping service
- Payment API
- Another internal service
Roles are relative to one interaction.
A small laptop can run a development web server. A powerful cloud machine can act as a client to another service.
Listening and connecting
A server creates a socket, binds to an address and port, and listens.
A client learns the endpoint and connects or sends a datagram.
For TCP:
- Client initiates a handshake.
- Server accepts the connection.
- Both exchange a byte stream.
- An application protocol defines message meaning.
The server can accept many clients because each connection has a distinct endpoint tuple.
Requests and responses
Application protocols define conversation structure.
A request may include:
- Operation
- Resource identifier
- Headers or metadata
- Authentication
- Body
A response may include:
- Success or error status
- Metadata
- Returned data
HTTP uses this pattern, but client-server designs also appear in databases, email, file sharing, games, and remote administration.
A concrete weather example
When a weather app refreshes:
- The app obtains the user's selected location.
- It resolves the service's domain.
- It establishes a secure connection.
- It sends a request for forecast data.
- The server authenticates or rate-limits the client.
- It reads databases and upstream forecasts.
- It returns structured data.
- The app renders icons and temperatures.
The client owns the user interaction. The server centralizes data and shared business logic.
Thin and thick clients
A thin client delegates more work to the server.
Benefits:
- Centralized logic and updates
- Less local processing
- Consistent shared data
Costs:
- Greater network dependence
- Server load
- Offline limitations
A thick client performs more locally.
Benefits:
- Rich offline operation
- Lower latency for local tasks
- Reduced server computation
Costs:
- More client complexity
- Distributed updates
- Device compatibility
Most modern applications combine both.
Stateful and stateless servers
A stateless request contains enough information to process it independently.
A stateful server remembers context between requests, such as:
- Login session
- Shopping cart
- Game state
- Database transaction
Stateless service instances are easier to distribute because any instance can handle the next request.
State still exists somewhere, perhaps in a database, cache, or signed client token.
The architectural question is where state lives and how consistency is maintained.
Concurrent clients
Servers need to handle many clients.
They can use:
- Thread per connection
- Process workers
- Event loops
- Asynchronous I/O
- Thread pools
The right model depends on workload.
Network servers often spend much time waiting on databases or other services. Asynchronous designs can manage many waiting connections without one blocked thread per client.
CPU-heavy work may use worker pools or separate services.
APIs
An application programming interface defines how software requests capabilities.
A network API can specify:
- Endpoints
- Methods
- Request fields
- Response structures
- Errors
- Authentication
- Versioning
REST, GraphQL, gRPC, and WebSocket-based protocols are examples of API styles and technologies.
An API is a contract, not necessarily a server. Local libraries also expose APIs.
Scaling servers
When one server instance cannot handle demand, systems can scale:
- Vertically: more resources on one machine
- Horizontally: more instances
A load balancer distributes requests.
Horizontal scaling introduces:
- Shared state
- Cache consistency
- Deployment coordination
- Failure handling
- Observability
Stateless frontends and external durable stores are common patterns, but not universal solutions.
Proxies
A forward proxy acts on behalf of clients.
A reverse proxy acts in front of servers.
Reverse proxies can:
- Terminate TLS
- Route requests
- Cache responses
- Balance load
- Apply authentication
- Hide internal topology
The client may believe it contacted one server while the proxy coordinates many backends.
Failures and timeouts
Network calls can fail through:
- DNS failure
- Connection refusal
- Timeout
- Server crash
- Overload
- Invalid response
- Partial network partition
Clients should set timeouts rather than wait forever.
Retries must be designed carefully. Repeating a read is often safe; repeating a payment request can charge twice unless the API supports idempotency.
Servers should return useful errors without exposing secrets.
Peer-to-peer
Client-server is not the only model.
In peer-to-peer systems, participants can request and provide resources to one another.
Examples include distributed file sharing and some communication applications.
Peer-to-peer still uses protocols, addressing, discovery, security, and sometimes central coordination.
Network address translation and firewalls make direct inbound peer connections more difficult, leading to relay servers or traversal techniques.
Common misunderstandings
"A server is always one physical computer"
A service may run across containers, virtual machines, load balancers, and regions.
"The client is always the user's device"
A backend service can be a client of another server.
"Stateless means no data is stored"
It means an instance does not depend on private conversational state between requests. Durable state can exist elsewhere.
"Retrying every failure is safe"
Retries can duplicate non-idempotent operations and amplify overload.
Knowledge check
1. What defines the client in a conversation?
It initiates a request for a service.
2. Can one machine be client and server?
Yes. Roles depend on each interaction, and a machine can perform both simultaneously.
3. Why are stateless service instances easier to scale?
Any instance can handle a request without needing private session context from a particular previous instance.
4. Why are retries dangerous for payments?
Repeating a non-idempotent request can perform the action twice unless the API detects duplicates.
The one idea to remember
Client and server describe who initiates and who provides a service, not fixed categories of hardware.
Real applications combine requests, state, APIs, concurrency, proxies, scaling, and failure handling behind those two simple roles.
Next, we will inspect the HTTP request and response messages most web clients and servers exchange.