This tutorial explains OSI Seven Layer model in details with examples. Learn how Seven Layers OSI model works in computer network including functions and protocols involved in each layer of OSI Model (Application, Presentation, Session, Transportation, Network, Data link and physical layer).
OSI Layers model has seven layers; Application, Presentation, Session, Transport, Network, data link and physical.
Application layer provides platform to send and receive data over the network. All applications and utilities that communicate with network fall in this layer. For examples
Browsers :- Mozilla Firefox, Internet Explorer, Google Chrome etc
Email clients: - Outlook Express, Mozilla Thunderbird etc.
FTP clients :- Filezilla, sFTP, vsFTP
Application layer protocols that we should know for exam are following:
SNMP (Simple Network Management Protocol) — Used to control the connected networking devices.
TFTP (Trivial File Transfer Protocol) — Used to transfer the files rapidly.
DNS (Domain Naming System) — Used to translate the name with IP address and vice versa.
DHCP (Dynamic Host Configuration Protocol) — Used to assign IP address and DNS information automatically to hosts.
Telnet— used to connect remote devices.
HTTP (Hypertext Transfer Protocol) — Used to browse web pages.
FTP (File Transfer Protocol) — Used to reliably sends/retrieves files.
SMTP (Simple Mail Transfer Protocol) — Used to sends email.
POP3 (Post Office Protocol v.3) — Used to retrieves email.
NTP (Network Time Protocol) — Used to synchronizes clocks.
This tutorial is the second part of our article "OSI Layers model". You can read first part of this article here.
OSI Model Advantages and Basic Purpose Explained
In this introductory part I explained why OSI Layers model was created. Later I explained the advantages of OSI Layers model, purpose of OSI Layers model and basic services provided by layers model.
Presentation layer prepares the data. It takes data from application layer and marks it with formatting code such as .doc, .jpg, .txt, .avi etc. These file extensions make it easy to realize that particular file is formatted with particular type of application. With formatting presentation layer also deals with compression and encapsulation. It compresses (on sending computer) and decompresses (on receiving computer) the data file. This layer can also encapsulate the data, but it’s uncommon as this can be done by lower layers more effectively.
The Session Layer
Session layer deals with connections. It establishes, manages, and terminates sessions between two communicating nodes. This layer provides its services to the presentation layer. Session layer also synchronizes dialogue between the presentation layers of the two hosts and manages their data exchange. For example, web servers may have many users communicating with server at a given time. Therefore, keeping track of which user communicates on which path is important and session layer handle this responsibility accurately.
So far CCNA exam is concern; this is the most important layer to study. I suggest you to pay extra attentions on this layer, as it is heavily tested in exam.
Transport layer provides following services: -
- It sets up and maintains the connection between two devices.
- It multiplexes connections that allow multiple applications to simultaneously send and receive data.
- According to requirement data transmission method can be connection oriented or connection less.
- For unreliable data delivery connection less method is used.
- Connection less method uses UDP protocol.
- For reliable data delivery connection oriented method is used.
- Connection oriented method uses TCP protocol.
- When Implemented a reliable connection, sequence numbers and acknowledgments (ACKs) are used.
- Reliable connection controls flow through the uses of windowing or acknowledgements.
For exam purpose remember five main functions of transport layer.
- Connection management
- Reliable and unreliable data delivery
- Flow control
- Connection multiplexing
Let’s understand these functions in more depth
Segmentation is the process of breaking large data file into smaller files that can be accommodated by network. To understand this process thinks about a 700 MB movie that you want to download from internet. You have 2MBPS internet connection. How will you download a 700MB movie on 2MBPS internet connection?
In this case segmentation process is used. On server transport layer breaks 700MB movie in smaller size of segments (less than your internet connection speed). Assume that 700Mb movie is divided in 700 segments. Each segment has file size of 1Mb that your PC can easily download at current connection speed. Now your PC will download 700 small files instead of one large file. So next time when you see download progress bar in browser, think it about segment receiver progress bar. Once your browser receives all segments from server, it will pop up a message indicating download is completed. Transport layer at your PC will merge all segments back in a single 700Mb movie file. End user will never know how a 700Mb movie makes its way through the 2Mbps connection line.
Transport layer setup, maintain and tear down connections for session layer. Actual mechanic of connection is controlled by transport layer. Transport layer use two protocols for connection management UDP and TCP.
UDP is a connection less protocol. Connection-less transmission is said to be unreliable. Now, don't get worried about the term "unreliable" this doesn't mean that the data isn't going to get its destination; its only means that it isn't guaranteed to get its destination. Think of your options when you are sending a postcard, put it in the mailbox, and chances are good that it will get where it's supposed to go but there is no guarantee. There is always a chance of missing in the way. On the other hand, it's cheap.
TCP is a connection oriented protocol. Connection-oriented transmission is said to be reliable. Think TCP as registry AD facility available in Indian post office. For this level of service, you have to buy extra ticket and put a bunch of extra labels on it to track where it is going and where it has been. You get a receipt when it is delivered. In this method you have a guaranteed delivery. All of this costs you more—but it is reliable!
Reliability means guaranteed data delivery. To insure delivery of each single segment, connection oriented method is used. In this approach before sending any segments three way handshake process is done.
Three way handshake process
- PC1 sends a SYN single to PC2 indicating that it wants to establish a reliable session.
- P2 replies with ACK/SYN signal where ACK is the acknowledgment of PC1’s SYN signal and SYN indicates that PC2 is ready to establish a reliable session.
- PC1 replies with ACK signal indicating that is has received SYN signal and session is now fully established.
Once connection is established data transmission will be initiated. To provide maximum reliability it includes following functions:-
- Detect lost packets and resend them
- Detect packets that arrived out of order and reorder them
- Recognize duplicate packets and drop extra packets
- Avoid congestion by implementing flow control
The transport layer implements two flow control methods:
- Ready/not ready signals
Ready / not ready signals method
In this method sender sends data according to its buffer size. Receiver receives data in its buffer. When receivers buffer get filled, it send a not ready signal to sender, so sender can stop transmitting more segments. Receivers send ready signal when it becomes ready to receive next segments. This method has two problems.
- First, the receiver may respond to the sender with a not ready signal only when its buffer fills up. While this message is on its way to the sender, the sender is still sending segments to the receiver, which the receiver will have to drop because its buffer space is full.
- The second problem with the uses of this method is that once the receiver is ready to receive more segments, it must first send a ready signal to the sender, which must be received before sender can send more segments.
In windowing a window size is defined between sender and receiver. Sender host will wait for an acknowledgement signal after sending the segments equal to the window size. If any packet lost in the way, receiver will respond with acknowledgement for lost packet. Sender will send lost packet again. Window size is automatically set during the three step handshake process. It can be adjust anytime throughout the lifetime of connection.
Connection Multiplexing/Application Mapping
Connection multiplexing feature allows multiple applications to connect at a time. For example a server performs a number of functions like email, FTP, DNS, Web service, file service, data service etc. Suppose server has a single IP address, how will it perform all these different functions for all the hosts that want to connect with it? To make this possible transport layer assigns a unique set of numbers for each connection. These numbers are called port or socket numbers. These port numbers allow multiple applications to send and receive data simultaneously.
Port numbers are divided into following ranges by the IANA
|0–1023||Well-Known—For common TCP/IP functions and applications|
|1024–49151||Registered—For applications built by companies|
|49152–65535||Dynamic/Private—For dynamic connections or unregistered applications|
Common TCP and UDP Port Numbers
Network layer is responsible for providing logical address known as IP address. Router works on this layer. Main functions of this layer are following:-
- Define IP address
- Find routes based on IP address to reach its destination
- Connect different data link type together like as Token Ring, Serial, FDDI, Ethernet etc.
IP address a 32 bit long software address which made from two components:
Network component: - Defines network segment of device.
Host component :- Defines the specific device on a particular network segment
Subnet mask is used to distinguish between network component and host component.
IP addresses are divided in five classes.
- Class A addresses range from 1-126.
- Class B addresses range from 128-191.
- Class C addresses range from 192-223.
- Class D addresses range from 224-239.
- Class E addresses range from 240-254.
Following addresses have special purpose: -
0 [Zero] is reserved and represents all IP addresses;
127 is a reserved address and it is used for testing, like a loop back on an interface:
255 is a reserved address and it is used for broadcasting purposes.
Network layer receive segment from transport layer and wrap it with IP header that is known as datagram.
Datagram is just another name of packet. Network layer use datagram to transfer information between nodes.
Two types of packets are used at the Network layer: data and route updates.
Data packets are used to transport the user data across the network. Protocols used by data packets are known as routed protocol. For example IP and IPv6
Route update packets
These packets are used to update the route information within internetwork. Routers use these packets. Protocols that send route update packets are called routing protocols; for example RIP, RIPv2, EIGRP, and OSPF
Data link layer
Main functions of data link layer are
- Defining the Media Access Control (MAC) or hardware addresses
- Defining the physical or hardware topology for connections
- Defining how the network layer protocol is encapsulated in the data link layer frame
- Providing both connectionless and connection-oriented services
- Defines hardware (MAC) addresses as well as the communication process that occurs within a media.
MAC address is a 48 bit long layer two address. It is also known as hardware address. This address is burnt with device by manufacturing company.
The first six hexadecimal digits of a MAC address represent its manufacture company.
MAC addresses only need to be unique in a broadcast domain.
You can have the same MAC address in different broadcast domains.
Data link layer receive packet from network layer and wrap it with layer two Header that is known as frame. There are two specifications of Ethernet frame.
Key points to remember:-
- Ethernet II does not have any sub layers, while IEEE 802.2/3 has two: LLC and MAC.
- Ethernet II has a type field instead of a length field (used in 802.3).
- 802.2 use a SAP or SNAP field to differentiate between encapsulated layer-3 payloads.
- With a SNAP frame, the SAP fields are set to 0xAA and the type field is used to indicate the layer-3 protocol.
- 802.2 SAP frame is eight bits in length and only the first six bits are used for identifying upper-layer protocols, which allows up to 64 protocols.
- 802.2 SNAP frame supports up to 65,536 protocols.
Physical layer deals with communication media. This layer receive frame from data link layer and convert them in bits. It loads these bits on actual communication media. Depending on media type these bit values are converted in single. Some use audio tones, while others utilize state transitions—changes in voltage from high to low and low to high.
Protocol data unit
Piece of data passed between layers collectively known as PDU (protocol data unit). Layers have different terms to describe it like (segment in transport layer, packet in network layer, frame at data link layer, and signal at physical layer.)
PDU include data file and a consistent body of information attached onto data at each successive layer. This information is called header and footer. It includes instructions on how to restore the file to its original state when it receives to the target system.
As a PDU passes through the layers, a header (and footer only on data link layer) is added to the packet with information to the peer layer on the destination system for reconstructing the data on its way back up through the layers of the destination network.
Data Exchange Process
In data exchange process, participating computers work in reverse mode. Layers on receiving computer perform the same task in reverse mode.
The receiving device takes delivery of, handles, and translates the data from the sending device at a particular layer. For example on sending computer presentation layer compress the data, same presentation layer on receiving computer decompress the data.
On sending computer
- Sending application access the application layer.
- Application provides data to the presentation layer.
- Presentation layer format the data as per network requirement and forward it's to session layer.
- Session layer initiate the connection and forward the data to the transport layer.
- Transport layer broke down the large data file in smaller segments and add a header with control information, which are bits designated to describe how to determine whether the data is complete, uncorrupted, in the correct sequence, and so forth.
- Segments are forwarded to the network layer. Network layer add its header, with logical address and convert it in packet. Network layer forwards packet to data link layer.
- Data link layer attach its header and footer to the packet and convert it in frame.
- Frames are forwarded to the physical layers that convert them in signals. These signals are loaded in media.
On receiving computer
- Physical layer receive signals from media and convert them in frames. Frames are forwarded to the data link layer.
- Data link layer check the frame. All tampered frame are dropped here. If frame is correct, data link layer strip down its header and footer from frame and hand over packet to network layer.
- Network layer check the packet with its own implementations. If it's found everything fine with packet, it strips down its header from packet and hand over segment to transport layer.
- Transport layer again do the same job. It verifies the segments with its own protocol rules. Only the verified segments are processed. Transport layer remove its header from verified segments and reassemble the segments in data. Data is handed over the session layer.
- Session layer keep track of open connection and forwarded the receiving data to presentation layer.
- Presentation form the data in such a way that application layer use it.
- Application layer on receiving computer find the appropriate application from the computer and open data within particular application.
At the sending device, each layer breaks the data down into smaller packets and adds its own header.
At the receiving device, each layer strips off the header and builds the data packets into larger packets.
Each protocol layer is blind to the headers of any other protocol layer and cannot process them.
Analogy between the postal network and TCP/IPBoth the post office and Internet separate responsibility into independent layers. Here is a comparison of the operation of the post office and the TCP/IP protocols.
Postal network: Someone writes a letter to a friend in New York, addresses it, and drops it in a mailbox. The friend opens the letter and reads it with a smile on his face. Neither of them think about how the letter got there -- did it go in a Ford or Chevrolet truck to the airport, what was the name of the person driving the truck, did it fly straight to New York or was it transferred to another plane in Kansas City, etc.? They are working at the application layer -- getting work done. They are communicating directly with each other, unaware of the underlying delivery mechanism.
TCP/IP: A user retrieves a Web page from a server in New York by typing a URL into a browser and clicking the enter key. The server receives the request, finds the page on its hard drive and sends it back to the user. Neither the user nor the client or server software is aware of the way the messages were delivered -- did they go over wireless connections, how many routers did they pass through, who manufactured the routers, was the server a PC or a rack-mounted machine, was it running IIS or Apache, etc.? There are many application layer protocols.
Postal network: If you accidentally write the wrong address on a letter to someone in Kansas, a postal employee in Kansas will stamp it "address unknown" and it will be returned to you. You will also be informed if a registered letter cannot be delivered. You will be unaware of the details of the error message delivery system, and it will be up to you to decide what to do next.
TCP/IP: Transport layer software establishes a connection between a client and server then monitors that connection for errors. It also slows transmission if it gets too fast to handle at the other end. Transport layer software is not concerned with how the data is actually moved from one point to the other -- that is the responsibility of lower level software. There are two transport layer protocols TCP (reliable) and UDP (unreliable, but fast). If TCP tries repeatedly and errors persist, it informs its "boss," the application program.
Postal network: Airplanes move letters between cities. The pilot does not pay attention to who the letters are addressed to or from, what they say, or whether they contain photos and drawings or only written words.
TCP/IP: Internet layer programs move data between networks. IP is the internet layer protocol. IP software ignores the data, and it does the same thing with a packet whether it comes from the Dalai Lama or your mother in law. Once the data gets to its destination local area network (LAN), it is handed over to data link layer software or firmware for delivery to the proper computer.
Data link layer
Postal network: Trucks move letters within a city.
TCP/IP: Data Link layer programs move (incoming and outgoing) data within LANs. Ethernet is the most common data link protocol. A data link program is not concerned with how outgoing data will be handled once it leaves the LAN or how incoming data got there. That is the responsibility of the internet layer software.
Postal network: People use pens and paper to write letters, and the recipient reads them using reflected light and sometimes glasses.
TCP/IP: Physical layer protocols specify the means of representing ones and zeros (bits). The method of transmitting them between two points using wire, radio, fiber, etc. is also specified. There are many ways to make ones and zeros and many ways to transmit them so there are many physical layer protocols.
Breaking the rules
These are ideal descriptions. In real life, a postman might read a letter or decide not to deliver it. On the Internet, a router may be programmed to process packets from the owner of a competing service slowly or to send copies of packets containing certain content to a government security agency. In the postal network, there are laws against tampering with mail. Some people advocate network neutrality laws against differential treatment of packets on the Internet.