Comparing OSI Model Network Functions

Lesson 1: Comparing OSI Model Network Functions

Introduction

Computer networks are complex systems involving various functions, standards, and technologies. The Open Systems Interconnection (OSI) model simplifies this complexity by dividing network technologies into seven functional layers. This separation aids in understanding individual concepts and their relationships across different layers.

This lesson provides an overview of technologies you will study throughout the course, using the OSI model. You will compare OSI model layer functions and apply these concepts to configuring a small office/home office (SOHO) network.

Lesson Objectives

  • Compare and contrast OSI model layers.
  • Configure SOHO networks.

Topic 1A: Compare and Contrast OSI Model Layers

Exam Objectives Covered
  • 1.1 Compare and contrast the Open Systems Interconnection (OSI) model layers and encapsulation concepts.

Networks are built on common standards and models that describe how devices and protocols interconnect. This topic identifies how the implementation and support of these systems refer to a common reference model: the Open Systems Interconnection (OSI) model. The OSI model breaks the data communication process into discrete layers. Identifying the OSI layers and comparing the functions of devices and protocols at each layer will assist in implementing and troubleshooting networks.

Open Systems Interconnection Model

A network consists of two or more computer systems linked by a transmission medium, sharing protocols for data exchange. Networks can be viewed in terms of nodes (devices that send, receive, and forward data) and links (communication pathways between them).

The International Organization for Standardization (ISO) developed the OSI reference model (iso.org/standard/20269.html) to promote understanding of network system components. It separates hardware and software functions into seven distinct layers. Each layer performs a unique set of tasks for network communication.

Although network systems may not strictly adhere to this structure, they implement each task in some manner. The OSI model isn't a standard but a functional guideline for designing network protocols, software, and appliances, and for troubleshooting.

To memorize the seven layers, use the mnemonic: "All People Seem To Need Data Processing."

Data Encapsulation and Decapsulation

A network protocol is a set of rules for exchanging data in a structured format.

It has two primary functions:

  • Addressing: Specifying where data messages should go. Each layer has different mechanisms for identifying nodes and rules for sending/receiving messages.
  • Encapsulation: Describing how data messages should be packaged for transmission. Each layer adds fields in a header to the data (payload) it receives.

A network uses various protocols operating at different OSI model layers. For two nodes to communicate at each layer, they must use the same protocol. Communication between nodes at the same layer is a "same layer interaction." Each layer on a node provides services to the layer above and uses services from the layer below, known as "adjacent layer interaction."

When a message is sent, it moves down the layers on the sending node, across the transmission media, and up the layers on the receiving node. At each level (except the physical layer), the sending node adds a header to the data payload, forming a "chunk" of data called a protocol data unit (PDU). This process is encapsulation.

For example:

  1. Data is generated by an application (e.g., HTTP) with its application header.
  2. At the transport layer, a TCP header is added.
  3. At the network layer, the TCP segment is wrapped in an IP header.
  4. The IP packet is encapsulated in an Ethernet frame at the data link layer.
  5. The frame is transmitted as a modulated electrical signal over the physical layer.

The receiving node performs decapsulation (the reverse process):

  1. Receives the bit stream at the physical layer and decodes the Ethernet frame.
  2. Extracts the IP packet from the frame and resolves the IP header.
  3. Repeats for TCP and application headers, eventually extracting the HTTP application data.

Note: Real-world protocols may not conform exactly to the OSI model.

Layer 1—Physical

The physical layer (PHY), layer 1, manages the transmission and receipt of data bits between nodes.

Transmission media can be:

  • Cabled (Bounded): Physical conductor between nodes (e.g., copper or fiber optic cable).
  • Wireless (Unbounded): Uses free space (e.g., microwave radio).

The Physical layer specifies:

  • Physical Topology: Layout of nodes and links established by the transmission media. A segment is an area of a larger network, often divided to cope with physical restrictions, improve performance, or enhance security. At the Physical layer, a segment is where all nodes share access to the same media.
  • Physical Interface: Mechanical specifications for the network medium, including cable specifications, connector details, and radio transceiver specifications.
  • Signal Transmission and Reception: Including modulation schemes and timing/synchronization.

Devices at the Physical layer include:

  • Transceiver: Sends and receives signals over the network media.
  • Repeater: Amplifies electronic signals to extend the maximum distance for a media type.
  • Hub: Multiport repeater, serving as a central connection point for nodes.
  • Media Converter: Converts one media signaling type to another.
  • Modem: Performs signal modulation and demodulation (e.g., sending digital data over an analog line).

The data link layer (layer 2) manages data transfer between nodes on the same logical segment. At the Data Link layer, a segment is where all nodes can send traffic to one another using hardware addresses, regardless of whether they share access to the same media. A layer 2 segment might include multiple physical segments. This is referred to as a logical topology.

Networks typically connect hosts to a central node (switch or wireless access point) rather than directly connecting them. The central node forwards communications from one node to another.

Interfaces within the same layer 2 segment use local or hardware addresses. Nodes that send and receive information are end systems or host nodes (computers, laptops, servers, VoIP phones, smartphones, printers). Nodes providing only a forwarding function are intermediate systems or infrastructure nodes.

The data link layer organizes bit streams from the physical layer into frames. Each frame contains a network layer packet as its payload. The data link layer adds control information via header fields, including source and destination hardware addresses, and error checks.

Devices at the data link layer include:

  • Network Interface Card (NIC): Connects an end system to network media and enables network communication by assembling and disassembling frames.
  • Bridge: Joins physical network segments while minimizing performance reduction.
  • Switch: Advanced bridge with many ports, creating links between large numbers of nodes more efficiently.
  • Wireless Access Point (AP): Allows wireless nodes to communicate, bridging wireless and wired networks.
Layer 3—Network

The network layer (layer 3) handles data movement around a network of networks (internetwork or the Internet). While the data link layer forwards data within a single segment using hardware addresses, the network layer moves information across an internetwork using logical network and host IDs. The networks are often heterogeneous, using a variety of physical layer media and data link protocols.

The main appliance at layer 3 is the router.

The network layer forwards information between networks by examining the destination network-layer address or logical network address. The packet is forwarded hop by hop through the internetwork to the target network. Once it has reached the destination network, the hardware address can then be used to deliver the packet to the target node.

PDUs packaged at the network layer are packets or datagrams, while those at the data link layer are frames. However, "packet" is often used to describe PDUs at any layer.

Traffic filtering between networks is crucial. A basic firewall at layer 3 enforces an access control list (ACL), which lists permitted or blocked addresses and traffic types.

Layer 4—Transport

The first three layers focus on moving frames and datagrams between nodes and networks. At the transport layer (end-to-end or host-to-host layer), the content of the packets becomes significant.

Each host communicates with many other hosts using various networking data types. The transport layer identifies each network application by assigning it a port number (e.g., HTTP web application data is port 80, email server data is port 25).

At the transport layer, the sending host packages data from the upper layers into segments (layer 4 PDUs). Each segment is tagged with the application’s port number and passed to the network layer for delivery. Multiple HTTP and email packets from different hosts are multiplexed onto the same link using port numbers and source/destination network addresses.

The network and data link layers ignore the port number, treating it as part of the data payload. At the receiving host, each segment is decapsulated, identified by its port number, and passed to the relevant handler at the application layer (de-multiplexed).

The transport layer can also implement reliable data delivery mechanisms, resending lost or damaged packets if the application requires it.

Devices at the transport layer include multilayer switches (often as load balancers) and security appliances like advanced firewalls and intrusion detection systems (IDSs).

Upper Layers

The upper layers of the OSI model (Session, Presentation, and Application) provide interfaces between software applications and the transport layer.

Layer 5—Session

Most application protocols involve an exchange of multiple messages between client and server, called a session or dialog. The session layer manages establishing a dialog, data transfer, and session termination.

Layer 6—Presentation

The presentation layer transforms data between the network and application formats. It handles character set conversion (e.g., ASCII to Unicode), data compression, and encryption. However, compression and encryption are often implemented by devices and protocols at lower layers or within the application layer.

Layer 7—Application

The application layer is at the top of the OSI stack. Application-layer protocols do not encapsulate other protocols or provide services to any protocol. They provide an interface for software programs on network hosts to exchange data via lower-level protocols.

Upper-layer protocols provide services that make a network useful, such as web browsing, email, directory lookup, remote printing, and database services.

OSI Model Summary

The OSI model divides network communication into seven layers, each with specific functions and protocols. The model aids in understanding network operations and troubleshooting issues.

Review Activity: OSI Model Layers

  1. At which OSI layer is the concept of a port number introduced? Transport Layer
  2. At which layer of the OSI model is no header encapsulation applied? Physical Layer
  3. What component performs signal amplification to extend the maximum allowable distance for a media type? Repeater
  4. Which OSI layer packages bits of data from the Physical layer into frames? Data Link Layer
  5. True or False? The Session layer is responsible for passing data to the Network layer at the lower bound and the Presentation layer at the upper bound. False

Topic 1B: Configure SOHO Networks

The OSI model is an abstraction. This topic examines how a basic network is implemented using a small office/home office (SOHO) router.

SOHO Routers

Networks are classified by size. A network in a single location is a local area network (LAN). This includes residential networks with few computers and enterprise networks with many servers and workstations.

Small office/home office (SOHO) networks are LANs with a small number of computing hosts that rely on a single integrated appliance for local and Internet connectivity.

Networks located in different geographic regions with shared links are wide area networks (WANs). The intermediate system powering SOHO networks is a SOHO router, forwarding traffic between the LAN and WAN. However, routing is just one of its functions.

We can use the OSI model to analyze each of these in turn.

Physical Layer Functions

At layer 1, the SOHO router provides:

  • RJ-45 ports (typically four) for a local cabled network (LAN ports).
  • Radio antennas for wireless signals.
  • A modem (cable or digital subscriber line) to connect to the Internet Service Provider’s (ISP’s) network (WAN port). The interface may be another RJ-45 port for fiber to the premises, or an RJ-11 port for a digital subscriber line (DSL) service.
Data Link Layer Functions

At layer 2, the SOHO router implements:

  • Ethernet switch: The RJ-45 jacks are connected internally by an Ethernet switch.
  • Wireless access point: The radio antennas implement a version of the Wi-Fi standard. The access point functions as a wireless hub, creating a wireless network. It is also wired to the Ethernet switch via an internal port, creating a bridge between the cabled and wireless segments.

Each host interface is identified by a media access control (MAC) address.

Network Layer Functions

At layer 3, the routing part of the SOHO router makes forwarding decisions between the local private network and the public Internet. These zones are distinguished by internet protocol (IP) addresses. The local network uses a private IP address range, such as 192.168.1.0/24192.168.1.0/24. The SOHO router itself is identified by an address in this range, such as 192.168.1.1192.168.1.1 or 192.168.1.254192.168.1.254.

The router runs a dynamic host configuration protocol (DHCP) server to allocate a unique address to each host that connects to it over either an Ethernet port or via the wireless access point. The addresses assigned to clients use the same first three octets as the router’s address: 192.168.1192.168.1. The last octet can be any value from 1 to 254, excluding whichever value is used by the router.

The SOHO router's WAN interface is allocated a public IP address, say 203.0.113.1203.0.113.1, by the internet service provider. When a host on the local network tries to access any valid IP address outside the 192.168.1.0/24192.168.1.0/24 range, the router forwards that packet over its WAN interface and directs any replies back to the host on the LAN.

Many ISP services use DHCP to allocate a dynamic WAN address, but some offer static addressing.

Transport and Application Layer and Security Functions

Security is not confined to a separate OSI model layer but is relevant at every layer. Network security involves allowing or preventing devices, users, and services from using the network.

The WAN interface is the network perimeter. The SOHO router applies filtering rules to traffic between the public and private zones, implementing a firewall. The firewall blocks traffic based on source or destination IP addresses and application type.

At layer 4, each application is identified by a port number, such as 80 for hypertext transfer protocol (HTTP) web traffic or 25 for Simple Mail Transfer Protocol (SMTP) email traffic. The firewall is configured with rules specifying behavior for each port.

For example, if computers on the network use the server message block (SMB) protocol to share files, the SMB port would be blocked by default on the WAN interface but allowed on the LAN and WLAN interfaces. Any host can connect to the RJ-45 ports on the router and join the network.

The wireless network is usually protected by an encryption system that requires each station to be configured with a passphrase-based key to join the network. Access to the router’s management interface and its configuration settings is protected by an administrative account passphrase. Because the router is connected to the Internet, it is critical to configure a strong passphrase.

The Internet

The WAN interface of the router connects the SOHO network to the Internet.

The Public Switched Telephone Network

Most SOHO subscriber Internet access is facilitated via the public switched telephone network (PSTN). The SOHO router is described as customer premises equipment (CPE). More widely, this is any termination and routing equipment placed at the customer site. Some of this equipment may be owned or leased from the telecommunications company (or telco); some may be owned by the customer.

The CPE is connected via its modem and WAN port to the local loop. This is cabling from the customer premises to the local exchange. The point at which the telco’s cabling enters the customer premises is referred to as the demarcation point (often shortened to demarc).

Internet Service Providers

The major infrastructure of the Internet consists of high bandwidth trunks connecting Internet eXchange Points (IXPs). Within an IXP datacenter, ISPs establish links between their networks, using transit and peering arrangements to carry traffic to and from parts of the internet they do not physically own.

There is a tiered hierarchy of ISPs that reflects to what extent they depend on transit arrangements with other ISPs.

Internet Standards

Several organizations are responsible for developing the internet and agreeing common standards and protocols.

  • Internet Assigned Numbers Authority (IANA) (iana.org): Manages allocation of IP addresses and maintenance of the top-level domain space. IANA is currently run by Internet Corporation for Assigned Names and Numbers (ICANN). IANA allocates addresses to regional registries who then allocate them to local registries or ISPs. The regional registries are Asia/Pacific (APNIC), North America and Southern Africa (ARIN), Latin America (LACNIC), and Europe, Northern Africa, Central Asia, and the Middle East (RIPE NCC).
  • Internet Engineering Task Force (IETF) (ietf.org): Focuses on solutions to Internet problems and the adoption of new standards, published as Requests for Comments (RFCs). Some RFCs describe network services or protocols and their implementation, while others summarize policies. An older RFC is never updated. If changes are required, a new RFC is published with a new number. Not all RFCs describe standards. Some are designated informational, while others are experimental. The official repository for RFCs is at rfc-editor.org.

The OSI model has a stricter definition of the Session, Presentation, and Application layers than is typical of actual protocols used on networks. The Internet model (tools.ietf.org/html/rfc1122) uses a simpler four layer hierarchy, with a link layer representing OSI layers 1 and 2, layer 3 referred to as the Internet layer, a Transport layer mapping approximately to layers 4 and 5, and an Application layer corresponding to layers 6 and 7.

Hexadecimal Notation

To interpret network addresses, you must understand the concept of base numbering systems. Decimal numbering is base 10. Each digit can have one of ten possible values (0 through 9). A digit positioned to the left of another has 10 times the value of the digit to the right. For example, the number 255 can be written out as follows: (2×10×10)+(5×10)+5(2 \times 10 \times 10) + (5 \times 10) + 5

Binary is base 2, so a digit in any given position can only have one of two values (0 or 1), and each place position is the next power of 2. The binary value 11111111 can be converted to the decimal value 255 by the following sum: (1×2×2×2×2×2×2×2)+(1×2×2×2×2×2×2)+(1×2×2×2×2×2)+(1×2×2×2×2)+(1×2×2×2)+(1×2×2)+(1×2)+1(1 \times 2 \times 2 \times 2 \times 2 \times 2 \times 2 \times 2) + (1 \times 2 \times 2 \times 2 \times 2 \times 2 \times 2) + (1 \times 2 \times 2 \times 2 \times 2 \times 2) + (1 \times 2 \times 2 \times 2 \times 2) + (1 \times 2 \times 2 \times 2) + (1 \times 2 \times 2) + (1 \times 2) + 1

It takes 8 binary digits to represent a decimal value up to 255. This number of bits is called a byte or an octet. The four decimal numbers in the SOHO router’s WAN IP address 203.0.113.1 are octets.

While computers process everything in binary, the values make for very long strings if they have to be written out or entered into configuration dialogs. Hexadecimal notation (or hex) is a convenient way of referring to the long sequences of bytes used in some other types of network addresses. Hex is base 16 with the possible values of each digit represented by the numerals 0 through 9 and the characters A, B, C, D, E, and F.

Every hex digit lines up neatly with four binary digits (a nibble). Each byte or octet can be expressed as two hex digits. For example, the decimal value 255 is FF in hex. This would sometimes be written as 0xFF for clarity.

Review Activity: SOHO Networks
  1. True or false? The WAN port on a SOHO router is connected to the LAN ports by an internal switch. True
  2. What type of address is used by the switch to forward transmissions to the appropriate host? MAC Address
  3. True or false? The DHCP server in the SOHO router assigns an IP address to the WAN interface automatically. False
  4. What function or service prevents an Internet host from accessing servers on the LAN without authorization? Firewall
  5. How is the decimal value 12 expressed in hex? C
  6. How is the decimal value 171 expressed in hex? AB

Lesson 1 Summary

Compare and contrast OSI model layers and encapsulation concepts and apply them to analyzing the function of networks and networking components.

Guidelines for Comparing OSI Model Network Functions
  • Use characteristics of physical layer media and devices to plan wiring topologies and identify potential performance issues.
  • Use the data link layer to plan logical segments to isolate groups of hosts for performance or security reasons.
  • At the network layer, map data link segments to logical network IDs and work out rules for how hosts in one network should be permitted or denied access to other networks.
  • Evaluate service requirements at the transport layer to determine which ports a host should expose.
  • Use the session, presentation, and application layers to determine performance and security requirements for theservices that the network is providing.