Friday, March 28, 2014

The OSI 7 Layer Model

I might know what you are thinking. Because its probably what I'm thinking. The OSI 7 layer model? Really? I know, I know. This is a subject on which there is absolutely NO END of publication. Its the model that wouldn't die!

Nevertheless, I feel compelled to try my best to expand on this subject, because after having presented it many times, I often have students tell me that this time they get it. So maybe there's something in this presentation on the subject that will do the same for you.

So we will begin at the beginning.

Before considering the official 7 layer burrito, consider the following: In order for two computers to be able to "talk" to one another, they will need to have some things in common.
  1. They need common "air" to communicate through (the wire),
  2. something plugged into that wire that can know when and how to "speak" and "listen" (the network card).
  3. They must speak and hear the same "language" (protocols).
  4. Finally, they need to have "something relevant" to say to one another (network applications and services).
The OSI 7 layer model is simply a slightly more detailed diagram of the basic model that we have just worked out.

So let's look at the layers of the OSI model.

Layer 7: The Application Layer. This is the top layer, the most complicated, and what begins the initial process of communication. Layer 7 represents the language that is shared by two networking applications. Examples of protocols that are at the Application layer include HTTP, HTTPS, FTP, SMTP, Kerberos, DNS, and many more. Note that the application layer doesn't quite represent an application itself. For example, you have many web browsers (Opera, Internet Explorer, Firefox) and web servers (IIS, Apache...) that all share the common application protocol of HTTP and HTTPs. So when a web browser makes a request of a a web server using the common language of HTTP requests and responses can be made for web based data. Application protocols are often associated with specific port numbers (Port 80 for HTTP, port 53 for DNS, etc). Port numbers are simply conventions for values that are associated with a particular particular process. For Example IIS or Apache could be listening on port 80, but not both. Only one process can be bound to port 80.

Layer 6: The Presentation Layer.  Sometimes (which means not always), an application needs to alter the information that it is going to send over the internet into a format that is more appropriate for network travel. Two common changes to presentation are Compression (think of all the internet compressed file types, such as .jpg, .mp3, .wmv, etc) and Encryption (like Secure Sockets Layer, SSL for HTTPS). The application makes a call for this additional processing before sending the data, and the data must be converted back to its original format before it can be processed by the application.

Layer 5: The Session Layer. Many applications expect there to be a persistent connection between the two programs that are running over the network. This means that a network application usually doesn't begin with a request for data, but instead requests a session with the other application. Once the two programs have "sniffed tails" (figured out the rules for their session) data can actually be sent. My client port for http expects that that server's http port will remain open unless send a "goodbye" signal.

Layer 4: The Transport Layer. The application performs a handoff to the operating system, and depending on the application, will specify a certain preinstalled transport protocol to be responsible for delivery of the data. The two most likely handoffs are to Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). TCP provides "guaranteed" delivery, in which the block of data is broken down into segments, and each segment is verified received by the recipient or it is sent again. (Like ordering something online, if you only got half of the content shipped to you, you'll request that the company attempt to send the rest again).  UDP, on the other hand, is a "best effort" delivery protocol. UDP will simply send the data to the destination, and any validation of receipt is up to the application layer protocol.

Layer 3: The Network Layer. The network layer is responsible for logical addressing and routing. Logical addressing is like your street address. It describes where you live, and will change if you move.  A snail mail address is not really a description of you as a person, but is needed for you to receive those important credit card offers from the banks. The Internet Protocol (IP) is the star of this layer, and your computer owns an IP address so that IP routers can deliver the data to you from remote networks. Once the data gets to the local network its time to move to the next layer...

Layer 2: The DataLink Layer. The DataLink layer is all about physical addressing and local physical delivery. Different network adapters have differing methodologies to determine when they may "speak" on the network and how to "listen". Ethernet Network Cards uses an access method called CSMA/CD unless you have a full duplexed switch. Wireless network cards use CSMA/CA to do the same thing.  How do they know that data on the wire is meant for them?  Every Ethernet network card is stamped with a MAC address which represents that NIC as a unique entity on the local network. Your MAC address is like your Social Security Number. It keeps you unique for the purposes of HR at your business, but it can't be used to tell them where you are. But if someone shouted out "would the person with SSN 234-52-2342 please stand up? I found your wallet with your SSN card inside!" You would get the message. But it only works if the person shouts out that message in the room your in. It wouldn't do that person any good to ask the post office to deliver your wallet based upon the known SSN value. In the same way, MAC addresses are used to communicate with the right node on the network, but never between networks. So... Network Cards are Layer 2 Devices.  Bridges and Switches forward local packets to the correct switchport based upon building a table of all known MAC addresses and the port that holds them, and are therefore layer 2 devices as well. ATM, Frame Relay, and MPLS are all layer 2 protocols, but these are used to between two nodes that are on a local Wide Area Connection Link, rather than a local link.

Layer 1: The Physical Layer. This is the dumb-as-dirt media that carries the signal from point A to point B. Cat 5 UTP cable, copper coax cable, fiber-optic cable, rj-45 connectors, MJ connectors, 2.4 Ghz bandwidth, clocking signal rates, modems, repeaters, and hubs are all layer 1 components. Note that Switches, Bridges, and Network cards all do have a physical aspect to them (you can bang them on a desk, right?), but the highest layer that they reach is layer 2. A router is physical as well, but the highest layer it reaches is layer 3.

Top down, bottoms up?

Communication is triggered from the top down, sent over the network and read from the bottom up.

Failure of any lower layer preempts the success of any higher layer.

The application/service is associated with layers 5-7
The OS protocol stack is associated with layers 3-4
The drivers and hardware are associated with layers 1-2

Even a stopped watch tells the right time twice a day, so if your network goes down, don't panic!

No comments: