The OSI model is one of the most common methods of describing application data flows. In this video, you’ll learn about the seven layers of the OSI model and how they are associated with real-world hardware and software components.
<< Previous Video: Common Ports Next: Introduction to Ethernet >>
The OSI Model is the Open Systems Interconnection Reference Model, but we often simply refer to it as the OSI Model. The OSI Model is a guide we use to help understand the flow of data as it goes across the network.
This model is not intended as a strict representation, but instead is an overall guide to understand exactly how the data is flowing. Some places may put a particular component in OSI layer 1 or OSI layer 3. And indeed, it might overlap just a bit between both of those layers. Don’t get too wrapped up in the details. You should, instead, be looking at a very broad view of the data as it’s flowing from an application onto the network and back again.
In your studies, you might also see a reference to a set of protocols called the OSI Protocol Suite. The OSI Protocol Suite isn’t something you’d really find on today’s networks. This OSI Model was built based on the design of these OSI Protocols. But although the OSI Protocols don’t exist anymore, we continue to use the OSI Mode.
As we step through the OSI Model, you’ll start to see certain protocols that exist or live at certain layers of the OSI Model. If you’re working in information technology, you’ll almost certainly make references to this model. And in some cases, you’ll make references multiple times a day to certain aspects of the OSI Model. It allows different parts of the organization to reference very broadly how a particular application flow is occurring. And if there’s any problems, you can also specify whether the problem might be at layer 3, layer 4, and layer 7. And everyone in the organization will know exactly what you mean when you reference those particular OSI layers.
The different layers of the OSI Model are the application layer, presentation, session, transport, network, data link, and physical. And if you wanted to roll that into a single sentence, you would remember– All People Seem To Need Data Processing, which refers to application, presentation, session, transport, network, data link, and physical in that order.
Let’s start at the bottom of the OSI Model with the physical layer. The physical layer is where everything begins and ends on the network. It is the signal that transports our traffic across the network. You’re not really dealing with a lot of protocols at the physical layer. We often refer to the physical layer as referring to cables or fiber because that’s where the signal is for our network. If someone says that you’re having a physical layer problem, they mean that there is a cable that’s bad or punch-down that needs to be repaired. You would commonly run loopback tests, replace cables, and swap adapter cards to help troubleshoot a problem at OSI layer 1, or the physical layer.
Layer 2 of the OSI Model is the data link layer. This is the most fundamental communication that occurs across our network. We commonly think of the data link layer as having data link control protocols. On an ethernet network, the data link layer is referencing the MAC addresses that are communicating on the network. So if you’re dealing with something that is switching, or bridging, or having two devices communicate to each other using these MAC addresses, then we usually refer to this as being in an OSI layer 2.
Layer 3 of the OSI Model is the network layer. And we often refer to this as the routing layer. This is an Internet Protocol layer, so if you’re dealing with any type of IP address, you’re really referring to something occurring at the OSI layer 3. This layer is also responsible for fragmenting some of the data within these frames that are going between these IP devices so that they’re able to traverse different networks. With IP fragmentation, you may have some data that needs to go through a network. And this data is 44 bytes long in this particular example. But this traffic may need to go through a network that can’t support that size of a packet. In that particular case, the packet is fragmented into smaller pieces and those smaller pieces are sent through the network. OSI layer 3 is responsible for fragmenting this information. So if you need to create smaller packets to get the data through the network, this is all occurring at the network layer.
The information that appears in our browser window doesn’t appear at one time with one packet across the network. It usually takes many packets all put together to be able to build one screen in our browser. Good example of how this occurs is at OSI layer 4, or the transport layer. If we need to get this Google screen across the network, it’s split into smaller pieces sent across the network, and then is built in our browser as that information arrives. The most common protocols that accomplish this transferring of information across the network is the TCP, or Transmission Control Protocol, or UDP, the User Datagram Protocol. If you ever hear anyone referring to layer 4 or layer 4 protocol, they’re almost always referring to TCP or UDP.
Once you get into OSI layers 5, 6, and 7, you’re dealing with the way that applications communicate across the network. Many applications handle their own process of starting a communication and ending a communication. And all of this occurs at Layer 5, or the session layer. This is also the layer where you’ll see certain control protocols communicate between application endpoints. Or if there’s any tunneling, it will occur at this layer 5, or the session layer.
The layer just before you’re able to see the application is layer 6, or the presentation layer. If there’s any character encoding, it will occur at this layer. And if any of the data needs to be encrypted or decrypted, it usually occurs in the application at this layer 6. Many of the applications that work at layer 6 may also be working at layer 7, so it’s not uncommon to see many application protocols shearing both layer 6 and layer 7 simultaneously.
And layer 7 is the application layer. It’s the layer that we can see, which might be a browser window. We might be transferring a file, or we might be downloading some mail.
So here’s a summary of this OSI Model. At OSI layer 1, the physical layer, we have cables. We’ve got our fiber optics, and we have the signal that goes across that network medium. OSI layer 2 is the data link layer, where we might find MAC addresses and the frames of communication. And all of our switching decisions take place at this OSI layer 2.
Add OSI layer 3, we’re dealing with IP addresses, so any routing decisions that are being made are referring to the OSI layer 3 address to be able to make those decisions. Within this IP communication is OSI layer 4, the transport layer, where you’ll find the TCP and the UDP protocols. Control protocols and tunneling information will occur in the application OSI layer 5, the session layer. And os layer 6, the presentation layer, handles a lot of the communication that will be encrypted or decrypted for our application. And finally, OSI layer 7 is the layer that we see as we’re using these applications.
One place where you can really start to see this OSI Model laid out is inside of Wireshark. This is an application that will grab packets from the network and display those to you on the screen in a human-readable form. If we were to look at this particular packet capture where we’ve gathered a number of packets, we’re examining a single packet in a detailed view. And this is the hex breakdown of that same packet. But if we look at this single packet, we know we start at the top here with frame number 88, which happens to have 2005 bytes on the wire. This is the physical layer where we gathered the information from the network.
The next layer is layer 2, the data link layer which shows the MAC addresses associated with the source and the destination of this traffic flow. OSI layer 3, the network layer, shows IP addresses. And in this particular case, it shows the name and the IP address of both the source and the destination.
OSI layer 4 is the next layer, the transport layer. And I mentioned that we’ll be using either TCP or UDP to communicate. And in this particular case, it’s the Transmission Control Protocol. And we can see the source port numbers and the destination port numbers for this communication.
And lastly, for this particular packet capture, we’ve got layers 5, 6, and 7 that are rolled up within the secure socket layer. So our encryption and decryption occurring at layer six, or the presentation layer. And ultimately the information we see at layer 7, the application layer, will be everything above that particular data stream.
To summarize that individual packet, we were able to see what was gathered from the electrical signals. We were able to gather the MAC addresses associated with this ethernet communication. We saw of the IP addresses that were used to send information back and forth to this Google mail server. We know that there was TCP communication, and we saw exactly what port numbers were used. There was session information that was linking the presentation layer to the transport layer. And it was the presentation layer that was performing the SSL encryption. And if we were looking at our browser as this traffic went by, we would have been in the Google Mail screen sending information back and forth using this application at OSI layer seven.