IT professionals use the OSI model as a common way to describe network operations. In this video, you’ll learn about the OSI model and how each layer of the model can be applied to practical networking.
We’ll start our Network+ course with a broad discussion of something we refer to as the OSI model. This is referring to the Open Systems Interconnection Reference model, and it’s a model we use in it to describe the process that data takes as it traverses our networks. The OSI model is not designed to be a detailed description of this data but instead is intended to describe a broad overview of how data traverses our systems.
We’re also not describing the OSI protocol suite. Indeed, most of the protocols we use today are based on TCP/IP, but the OSI model is one that we can apply to many different protocols, and it works perfectly with the TCP/IP protocols that we use today. Also keep in mind that there are many different protocols that might operate at an individual layer of the OSI model. So as we step through an individual layer, keep in mind there might be tens or even hundreds of protocols that might exist and work at that particular layer.
By understanding this OSI model, we can converse with other people in information technologies in a way that we would all understand. It doesn’t matter if they’re working inside of your own company or with a different organization. When you mention OSI layer 7 or OSI layer 4, everyone understands what that means and what effect it has on the overall operation of the network.
If we start at the top of the OSI layer, or OSI layer 7, and work our way down to OSI layer 1, we have layer 7 being the application layer. Layer 6 is the presentation layer. Layer 5 is the session layer. Layer 4 is transport. Layer 3 is network. Layer 2 is the data link layer. And layer 1 is the physical layer.
There are many different mnemonics that people use to memorize this, but if you start at the top and work your way down, you can take the first letter of each one of these layers, and you might have a term such as All People Seem To Need Data Processing. That’s Application, Presentation, Session, Transport, Network, Data link, and Physical.
Let’s start our conversation of the OSI model at the bottom of the OSI model, or layer 1. We refer to this as the physical layer because it’s describing the physical signals that we send through the cable and fibers on our network. At this layer, we really don’t have many protocols to speak of, because we’re really just talking about getting a signal from one part of the network to another.
When we refer to a physical layer problem with the network, we are referring to the OSI layer 1, physical layer. This means that we might have a bad cable, a bad fiber. There might be interference on a wireless network. And it may require us to do a series of tests to determine if we are really able to get a signal across this particular wire or this particular fiber so that we can keep this network running.
A lot of the troubleshooting that you do at layer one is running loopback tests, testing cables and fibers, and checking different adapter cards and other devices to make sure they’re working properly on the network.
One step up from the physical layer is layer 2, the data link layer. This is the fundamental layer that’s used to communicate between two devices on the network. We often refer to this as the MAC address layer because that is the Data Link Control layer, or DLC layer, that is commonly associated with the network cards that are in our devices. And most of the time, these are ethernet adapters or wireless adapters, and we refer to that physical address on that device as the data link control address or the MAC address.
In this case, MAC address is not referring to an operating system. It’s referring to the Media Access Control address. So any time you hear someone talk about a MAC address, they are referring to the hardware address of that particular adapter card.
Since the network switches that we use on our network determine how to forward traffic based on the destination MAC address, this is a layer that we often refer to as the switching layer. So any time we’re referring to a MAC address, a problem with a switch being able to operate, or anything else that may be associated with this particular hardware address, we’re referring to OSI layer 2, the data link layer.
The next layer up is OSI layer 3, or the network layer. We often refer to this as the routing layer because this is the layer that routers use to determine how to forward traffic. And they are specifically looking at the destination IP address in order to determine what the next hop might be for traffic traversing the network. This is also the layer that we’re able to fragment these frames into multiple pieces, especially if we’re sending it across a network that may require smaller frames than what is on our local network.
So we can cut those frames up into smaller pieces to be able to fit them through the network and then put those pieces back together on the other side. Any time we’re referring to a problem relating to IP addressing, subnet masks, anything related to an IP address or anything about routing, then we’re probably referring to layer 3, the network layer.
Layer 4 is the transport layer. And as the name implies, we’re referring to the ability to transport information from one device to another. You might also refer to this as the post office layer because this is responsible for getting your letter or your information from one side of the network to the other. The protocols that are often used and operate at layer 4 of the OSI model is TCP– this stands for Transmission Control Protocol– and UDP, or User Datagram Protocol.
These two protocols are commonly responsible for getting all of the information within our IP packets from one device to the other. In many cases, this involves taking a large amount of data, putting it into smaller pieces to be able to get it across the network, and then putting those pieces back together on the other side.
Before we can send that information from one side of the network to the other, we may need to create a session so that a device is able to receive that data. Layer 5 is the session layer, and it provides communication management between point A and point B. Anything relating to the initiation of a session, stopping the session, or restarting the session can commonly be associated with that layer 5 session layer communication. If an application is using some type of control protocol or your tunneling information within existing data, then you’re probably using OSI layer 5.
OSI layer 6 is responsible for putting all of this data into a format that we will eventually see with our human eyes. This refers to character encoding, application encryption and decryption, and it’s often combined and discussed in conjunction with the application layer at layer 7. Layer 6, or the presentation layer, is the layer that is commonly in operation just prior to us seeing this data on our screen.
And the top layer of the OSI model is OSI layer 7, or the application layer. This is the layer that we see on our screen. So any time that we are interacting with an application, we are operating at layer 7 of the OSI model. Common applications that would operate at OSI layer 7 are HTTP and HTTPS, FTP, DNS, POP3, and thousands of other application protocols.
Well, that’s a broad overview of the OSI model, but how do we fit things in the real world into each of those layers? Let’s start down at the bottom with layer 1, or the physical layer. When we refer to cables, fiber optic connections, the signal going across those connections, or a wireless network, then we’re operating at OSI layer 1, or the physical layer.
When we refer to OSI layer 2 or the data link layer, then we’re talking about ethernet frames, MAC addresses, or addresses referred to as Extended Unique Identifiers, or EUI. There are EUI-48 addresses and EUI-64 addresses, for example. And as we described earlier, any time we’re referring to the switching process, we are referring to OSI layer 2.
At OSI layer 3, or the network layer, we’re referring to IP addresses. So anything that has an IP address or a subnet mask or referring to the way that routers forward traffic all happen at OSI layer 3.
If you’re referring to a TCP port or a UDP port, then we’re operating at OSI layer 4, which is the transport layer.
At OSI layer 5, or the session layer, we’re using control protocols to start and end different sessions. Or we may be tunneling traffic using protocols that operate at OSI layer 5.
We often associate the encryption of application data with OSI layer 6, or the presentation layer. So if you’re communicating to a website and you’re using SSL or TLS to be able to encrypt and decrypt that data, that process is occurring at OSI layer 6.
And at OSI layer 7, or the application layer, is where you are interacting with the application itself. Anything that you’re seeing on the screen, the application itself or any messages from the application, are often referred to as layer 7 information.
If you wanted to drill down a little bit further into the OSI model, you might want to capture some data on your network and view that data inside of an application such as Wireshark. I have a Wireshark protocol decode on my screen where I’ve captured data on my network, and this Wireshark has three separate windows that is displaying different views of the same data.
The top window is a frame-by-frame breakdown. For example, I have highlighted frame 88 on this top window. The middle window describes more detail of what different information is contained within that single frame. And on the bottom window, we have a hexadecimal and ASCII breakdown of the data itself. Let’s focus our view on this middle window, which is a summary of this highlighted frame 88. You can see that there are 1, 2, 3, 4, 5 different lines of data inside of this single frame where the protocol decode has separated out the individual protocols within the single ethernet frame.
Let’s start with the one at the very top, which describes frame 88, which has 2,005 bytes on the wire, and 2,005 bytes were captured by Wireshark. If you wanted to associate that line with the OSI model, that would be best associated with layer 1 or the physical model.
Next down is Ethernet II, which has a source MAC address and a destination MAC address. And since we are describing MAC addresses, everything within that line of the Wireshark decode is associated with layer 2 of the OSI model, or the data link layer.
The next line down describes the Internet Protocol, or IP. And as we described before, IP fits squarely in layer 3 of the OSI model, or the network layer. And in fact, there are individual IP addresses listed here for the source IP address and the destination IP address. And you can see there is a DNS resolution here that shows that the IP address of 72.14.247.19 is also associated with googlemail.l.google.com.
As we move down this list, we’re moving up the layers of the OSI model. And the next one is the Transmission Control Protocol, which means we’re communicating via TCP for this Google Mail communication. Since TCP is in this list, we must be at OSI layer 4, or the transport layer. And indeed, you can see TCP port numbers for the source and the destination of this traffic.
Since the destination port is port 443, Wireshark has already filled in that we’re communicating over an encrypted channel using HTTPS. And if we go one layer down into the secure socket layer, this effectively encapsulates the top three layers of the OSI model. So secure socket layer and everything underneath it are referring to layer 5, the session layer, layer 6, presentation layer, and layer 7, the application layer.
Here’s a summary of that protocol decode broken out into the different layers of the OSI model. We had electrical signals at the physical layer. Layer 2 at the data link layer had ethernet frame information. Our IP addresses were at layer 3, or the network layer. Our TCP encapsulation with our TCP port numbers is at the transport layer. Our session layer linked the presentation information to the transport. Presentation layer was obviously performing that SSL or TLS encryption and decryption. And layer 7, or the application layer, is referring to that Google Mail front end and being able to send and receive emails using mail.google.com.
Hopefully you’re now able to see how this very broad description of an OSI model can be applied to practically any communication that’s occurring over the network. And this allows us to talk with other it professionals and communicate in a way where everyone understands exactly what we’re referring to when we talk about a layer 1 physical problem or a layer 7 application problem.