OSI (Open System Interconnection) Reference model
The Open Systems Interconnection (OSI) reference model was created by the International Organization for Standardization (ISO). It addresses all the processes required for effective communication and divides these processes into logical groupings called layers. The OSI has seven different layers, divided into two groups. The top three layers define how the applications within the end stations will communicate with each other and with users. The bottom four layers define how data is transmitted end-to-end.
The OSI reference model - layers:
Application layer (layer 7)
The Application layer of the OSI model marks the spot where users actually communicate to the computer. This layer only comes into play when it’s apparent that access to the network is going to be needed soon. Take the case of Firefox (FF). You could uninstall every trace of networking components from a system, such as TCP/IP, NIC card, etc., and you could still use FF to view a local HTML document. Application layer is acting as an interface between the actual application program — which isn’t at all a part of the layered structure—and the next layer down, by providing ways for the application to send information down through the protocol stack.
Presentation layer (layer 6)
The Presentation layer gets its name from its purpose: It presents data to the Application layer and is responsible for data translation and code formatting. This layer is essentially a translator and provides coding and conversion functions. A successful data-transfer technique is to adapt the data into a standard format before transmission. Computers are configured to receive this generically formatted data and then convert the data back into its native format for actual reading.
Session layer (layer 5)
The session layer resides above the transport layer, and provides “value added” services to the underlying transport layer services. The session layer (along with the presentation layer) add services to the transport layer that are likely to be of use to applications, so that each application doesn’t have to provide its own implementation.
The session layer performs the following functions:
- Communication with the Presentation layer above.
- Organize and manage one or more connections per application, between hosts.
- Communication with the Transport layer below.
It coordinates communication between systems, and serves to organize their communication by offering three different modes: simplex, half duplex, and full duplex.
Simple - one way communication
Half duplex - communication can be done by two but only one at a time
Full duplex - communication can be done by both party's simultaneously
Transport layer (layer 4)
The Transport layer segments and reassembles data into a data stream. Services located in the Transport layer both segment and reassemble data from upper-layer applications and unite it onto the same data stream. They provide end-to-end data transport services and can establish a logical connection between the sending host and destination host on an internetwork. The Transport layer ensures the reliable arrival of messages and provides error checking mechanisms and data flow controls. The transport layer relieves the upper layers from any concern with providing reliable and cost effective data transfer. It provides end-to-end control and information transfer with the quality of service needed by the application program. It is the first true end-to-end layer. Data is broken down into 4 segments.
Network layer (layer 3)
The Network layer (also called layer 3) manages device addressing, tracks the location of devices on the network, and determines the best way to move data, which means that the Network layer must transport traffic between devices that aren’t locally attached. Routers (layer 3 devices) are specified at the Network layer and provide the routing services within an internetwork. This layer adds two more info to the segmented data.
Note: FCS/CRC (Frame Check Sequence / Cyclic Redundancy Check) - used in error checking
Data Link layer (layer 2)
The Data Link layer provides the physical transmission of the data and handles error notification, network topology, and flow control. This means that the Data Link layer will ensure that messages are delivered to the proper device on a LAN using hardware addresses, and translates messages from the Network layer into bits for the Physical layer to transmit. The Data Link layer formats the message into pieces, each called a data frame, and adds a customized header containing the hardware destination and source address.
Conversion of data into bits is called encapsulation and the reverse process is called de-capsulation.
Physical layer (layer 1)
Finally arriving at the bottom, we find that the Physical layer does two things: It sends bits and receives bits. Bits come only in values of 1 or 0. The Physical layer communicates directly with the various types of actual communication media. This layer is also where you identify the interface between the data terminal equipment (DTE) and the data communication equipment (DCE).
Important notes:
Layer 3 --> Router
Layer 2 --> Switch, NIC, Bridge
Layer 1 --> Cables, Connectors, Hub
Collision Domain & Broadcast Domain
In computer networks, the collision domain is a logical area where the data packets collide with each other. Collision domain mainly occurs in the Ethernet. In the collision domain, only one device is able to transmit the data. When a collision occurs then the devices retransmits the data signals at the later time. The following disadvantages are caused by the data collisions:
- Decreased network efficiency
- Latency
- Packet Loss
- Slow Performance of the network
- More bandwidth utilization
- Network Congestion
- Signals Distortions
CSMA/CD is an efficient way to avoid the collisions in the network. It is a set of rules that tells each network devices like hub, switch and router that when to send the data and when to stop the data transmission. When a computer or network device wants to transmit the data in the network it first listen to the network and see if any other device is using the channel or not. When the transmission channel is free the data is transmitted.
A broadcast domain is known as a logical network segment in which all the network devices can transmit data to each other without any routing device. It is a logical group of the computers in which the network broadcasts can be received in the broadcast area. All devices attached to the Ethernet can transmit the frames over the shared medium. A broadcast domain can be within the same LAN or it can be routed towards the other LAN segments.
Note: A Hub is called a single collision domain. Each port in a Switch is a collision domain.
Lets us take an example; consider the Sales and Production networks are separated by a router as shown in the diagram below: Which of the following statements most accurately describes the characteristics of the above networks broadcast and collision domains?
Ans: There are two broadcast domains in the network.
There are seven collision domains in the network.
Explanation:
In this network we have a hub being used in the Sales department, and a switch being used in the Production department. Based on this, we have two broadcast domains: one for each network being separated by a router. For the collision domains, we have 5 computers and one port for E1 so we have 6 collision domains total because each port in a Switch is collision domain; plus one collision domain for the entire Sales department because a hub is being used and a Hub is a single collision domain.
In this network we have a hub being used in the Sales department, and a switch being used in the Production department. Based on this, we have two broadcast domains: one for each network being separated by a router. For the collision domains, we have 5 computers and one port for E1 so we have 6 collision domains total because each port in a Switch is collision domain; plus one collision domain for the entire Sales department because a hub is being used and a Hub is a single collision domain.
DoD (Department of Defense) model of TCP/IP
The Department of Defense (DOD) developed a model that would be used as the developing basis for their own protocol suite known as the Internet protocol suite. A protocol suite indicates a group of protocols that were designed and meant to be used together. This model has four layers compared to the seven layers of the OSI model.
The DOD’s Process/Application layer maps out to the Application, Presentation and Session layers of the OSI model. The Host-to-Host layer maps out to the Transport layer and the Internet layer maps out to the Network layer. The graphic above shows how the layers of the DOD model map out to the layers of the OSI model. Since there is a relationship between the layers of each of the models, some of the developed protocols functions much like the equivalent layers of the OSI model. An example would be a protocol like Routing Information Protocol (RIP), which functions at the Internet layer of the DOD. Since the Internet layer of the DOD maps out to the Network layer of the OSI model, RIP would have the same responsibility of route discovery, which is an OSI Network layer responsibility.
Application/Process Layer
The first layer, Application/Process layer is a user interaction layer. The protocols used in this layer are shown below;
Note: One more protocol used in layer 1 is POP3 (Post Office Protocol, and 3 stands for its version), which is used for receiving emails.
Host-to-Host Layer
This layer shields the upper layers from the process of sending data. Also provides an end-to-end connection between two devices during communication by performing sequencing, acknowledgments, checksums, and flow control. Applications using services at this layer can use two different protocols: TCP and UDP.
TCP (Transmission Control Protocol)
TCP provides a connection-oriented, reliable services to the applications that use its services. Its functions are;
- Segments application layer data stream--
- TCP accepts data from applications and segments it into a desirable size for transmission between itself and the remote devices. The segment size is determined while TCP is negotiating the connection between the two devices. Either device can dictate the segment size.
- Provides acknowledgment times--
- TCP maintains timers to identify when packets have taken too long to get to their destination. When an acknowledgment is not received for a packet and the timer expires, TCP will resend the packet to the destination.
- Enables sequence number checking--
- TCP/IP uses sequence numbers to ensure that all packets sent by an application on one device are read in the correct order by an application on another device. The packets might not be received at the transport layer in the correct order, but TCP sequences them in their original order before passing them to the application layer.
- Provides buffer management--
- Any time two devices are communicating, the possibility exists that one device can send data faster than the other can accept it. If this happens, the receiving device puts the extra packets into a buffer to be read at the first chance it gets. When this data overflow persists, however, the buffer is eventually filled and packets begin to drop. TCP performs some preventive maintenance called flow control to avoid the problem.
- Initiates connections with 3-way handshake--
- TCP uses the concept of the three-way handshake to initiate a connection between two devices. A TCP connection begins with a device sending a request to synchronize sequence numbers (a SYN packet) and initiate a connection. The other device receives the message and responds with a SYN message and the sequence number increased by one. The first device responds by sending an acknowledgment message (an ACK) to the second device, indicating that the device received the sequence number it expected.
- Performs error and duplication checking--
- TCP uses a checksum to identify packets that have changed during transport. If a device receives a packet with a bad checksum, it drops the packet and does not send an acknowledgment for the packet. So the sending device will resend the packet. Any time TCP receives a duplicate packet it will drop the duplicate.
- Performs acknowledgment windowing--
- Any time a TCP device sends data to another device, it must wait for the acknowledgment that this data was received, To increase the bandwidth utilization, TCP can change the window size. Whatever the window size is negotiated to be, acknowledgments will only be sent after that many packets have been received at the receiving device. TCP sets the window size dynamically during a connection, allowing either device involved in the communication to slow down the sending data rate based on the other devices capacity. This process is known as sliding window because of TCP's ability to change the window size dynamically.
Working of TCP:
Before data is sent, the transmitting host contacts the receiving host to set up a connection known as a virtual circuit. This makes TCP connection-oriented. During the handshake the two hosts agree upon the amount of information to be sent before an acknowledgment is needed (Windowing). TCP takes the large blocks of data from the upper layers and breaks them up into segments that it numbers and sequences. TCP will the pass the segments to the network layer, which will route them through the Internetwork. The receiving TCP can put the segments back into order. After packets are sent, TCP waits for an acknowledgment from the receiving end of the virtual circuit. If no acknowledgment is received then the sending host will retransmit the segment.
UDP (User Datagram Protocol)
UDP transports information that doesn't require reliable delivery; therefore it can have less overhead than TCP as no sequencing or acknowledgments are used. NFS and SNMP use UDP for their sessions, the applications have their own methods to ensure reliability. UDP receives blocks of information from the upper layers, which it breaks into segments. It gives each segment a number, sends it, and then forgets about it. No acknowledgments, no virtual circuits, connectionless protocol.
Differences between TCP and UDP:
Note: TCP and UDP use port numbers to communicate with the upper layers. Port numbers keep track of different sessions across the network. The source port will be above 1024 (unprivileged). 1023 and below (privileged) are known as well known ports and are assigned to common protocols. TCP and upper layer don't use hardware (MAC) and logical (IP) addresses to see the host's address; instead they use port numbers.
Internet Layer
The Internet Layer exists for routing and providing a single network interface to the upper layers. IP provides the single network interface for the upper layers. The protocols used in this layer are IP (Internet Protocol), ICMP (Internet Control Message Protocol), ARP (Address Resolution Protocol) and RARP (Reverse ARP).
IP (Internet Protocol)
The Internet Protocol (IP) is a network-layer (Layer 3) protocol that contains addressing information and some control information that enables packets to be routed. All machines on a TCP/IP network have a unique logical address, an IP address. The Internet Layer has a complete picture of the entire network and is responsible for path determination and packet switching. IP performs packet switching and path determination by maintaining tables that indicate where to send a packet based on its IP address. IP gets the destination address from the packet. IP receives segments from the Host-to-Host layer and fragments them into packets. IP will then reassemble the packets into segments on the receiving end to send to the Host-to-Host layer. Each packet has the source and destination IP address. Each router will make path determinations based on the destination IP address.
ICMP (Internet Control Message Protocol)
The Internet Control Message Protocol (ICMP) is a network-layer Internet protocol that provides message packets to report errors and other information regarding IP packet processing back to the source. ICMP utilizes IP to carry the ICMP data within it through a network.
ICMPs generate several kinds of useful messages, including Destination Unreachable, Echo Request and Reply, Redirect and Time Exceeded.
ARP (Address Resolution Protocol)
Used to find the MAC address from the known IP address. ARP sends a broadcast asking for the machine with the specified IP address to respond with its MAC address. If two devices want to communicate, the first device can send a broadcast ARP message requesting the physical address for a specified IP address. The receiving device responds with its IP address and the first device maintains the entry in its ARP cache. If a device doesn't exist on the same subnet, the sending device addresses the the default gateway's physical address and sends the packet to the default gateway.
RARP (Reverse ARP)
This protocol is used to find an IP address when the MAC address is known. A machine sends a broadcast with its MAC address and requests its IP address. An example of a device that uses RARP is a diskless workstation. Since it can't store its logical network address, it sends its MAC address to a RARP server to requests its IP address. A RARP server responds to the RARP request with the device's IP address.
Network Access Layer
The Network Access Layer monitors the data exchange between the host and the network. Oversees MAC addressing and defines protocols for the physical transmission of data.
Overview:
