"This is my router, there are many like it but this one is mine..."

The OSI Model

Typical Windows NT Admin.


All right people, sit down and shut up!  The OSI model is the foundation of modern networking and you will learn it and learn it well.  There are 7 layers and you will learn what each one does.  Each layer has unique responsibilities among them passing information to the layers above and below it.  The seven layers are: Physical, Datalink, Network, Transport, Session, Presentation and Application.

The Physical Layer

This is the bottom or what they call Layer 1.  The physical layer is where hubs live.  Our mission as CCNA's is to replace every hub on the planet with Cisco Catalyst switches but you will learn about switches later.  Switches work at the Datalink layer.  The Physical layer is concerned with pulses of electricity called bits.  Cables and patch panels and RJ 45 connectors are Physical or Layer 1 hardware.  When I come into your barracks and flash the lights, that is a physical layer activity.  There is a wire leading from the light switch to the light in the barracks and when I flash the lights to wake you darlings up, there is sometimes voltage on that wire and sometimes there is no voltage on that wire.  Your network cabling is the same way.  Bits are simply voltage transitions. The physical layer physically connects 2 machines together.  

The Datalink Layer

The Datalink layer is layer 2 of the OSI model.  This is where interesting things start to happen.  The physical layer involved bits and had no addressing scheme.  The Datalink layer involves frames and uses the burned in MAC addresses that NIC cards and router interfaces have.  The Datalink layer involves protocols like Ethernet and Token Ring.  Datalink MAC address are 6 bytes long.  The first 3 bytes identify the vendor such a 3Com or Intel, the last 3 bytes are unique for each card produced by the vendor.  Switches work at the Datalink layer.  Ethernet only knows about MAC addresses, when and IP packet is destined for a host on an Ethernet network, it must have the IP address translated to a MAC address so Ethernet can deliver it.  

The Data link layer provides error free delivery of data between 2 machines.  This is good but not as wonderful as it sounds, each Ethernet frame has a Frame Check Sequence that contains a number that the receiving station uses to see if the frame arrived in one piece or if it became corrupted in transit.  If the packet does not pass the FCS check, it is dropped or deleted from memory.  The Datalink layer just drops bad frames, it does not ask for the frame to be resent, that is the responsibility of higher layers.  When I flash the lights in the barracks to wake you men up, that's a physical layer type function, if I flash them using Morse code to actually communicate using words, that's a Datalink function.  The Datalink layer is in contact with the Datalink  layer of the remote machine it is communicating with.

The Network Layer

Layer 3 is the network layer.  This is where IP works.  IP addressing is a man made, hierarchical addressing scheme that must be converted to a MAC address when a packet is sent on the final hop to where ever it is going.  The units of data that the network layer use are called packets.  Now that we're up here in layer 3 we should talk about encapsulation.  

Encapsulation is the process of data from a higher layer and adding a new header or control data to it and passing it to a lower layer.  For example, layer 4 is the transport layer, it's data are called segments, these segments are handed down to the network layer where it gets an IP header (assuming we're using TCPIP) added to the front of the segment, mow it is called a packet and it is handed down to the Data link layer where it is wrapped in an Ethernet Frame (assuming we're using Ethernet) and applied to the network cabling where it is seen as bits.  So the OSI model, when data is passed down it becomes the payload of each lower layer as each layer adds it's own information.  This process is reversed when data is received.  The network layer is in contact with the network layer of the remote machine it is communicating with.

Because IP (or any layer 3 addressing scheme) is a logical man made system for assigning individual addresses to computers, it has a terrible flaw.  Computers have NIC cards that use a 48 bit MAC address.  All data must be sent using this layer 2 MAC address.  All routing is done at layer 3.  The routers hopefully know the route to the subnet that a packet is addressed to but when the packet reaches the final router and is in the output buffer for the interface that is connected to the subnet it is destined for, it is stuck, it can travel no farther using its IP or layer 3 address.  Since all data is actually sent using hardware addresses the router must somehow figure out what MAC address is using the IP address in the packet.  This is done using ARP or Address Resolution Protocol.  The router sends out a broadcast on the subnet saying "which one of you guys is using IP address such and such?".  Since it is a broadcast, all hosts on the subnet hear the router ask this question, every host checks its IP configuration to see if it is the host the router's asking about.  The host that has to IP address in question, responds to the router with it's MAC address.  The router now knows which MAC address goes with this IP address.  This is called a "Mapping".  The router places this mapping in an area in it's RAM known as the ARP cache.  If another packet comes addressed to the same host, the router will check the ARP cache to see if there is an entry with a MAC address for the host, if not the router will send an ARP broadcast.  When the router knows the MAC address of the destination machine, it can then assemble a frame and put it in the cable and sent it directly to the machine in question.

ARP is why there are limits as to how many workstations you can put on a subnet.  When a PC hears a broadcast, it stops whatever it is doing (downloading warez or playing Doom) and checks the contents of the broadcast to see if it contains information for itself.  Usually it doesn't but all computers must pause and analyze every broadcast.  ARP is a broadcast but there are other too.  Too many broadcasts on a subnet or "broadcast domain" will slow down every computer in the broadcast domain.

Before we continue with our fascinating lecture on the OSI model, Sgt. Hartman wants you guys to get down and knock out 50 push ups.  He is not looking, so you can just sit in your chairs and call them out like you were really doing them...

The Transport Layer

The transport layer takes data from session layer above it and sends it down to the network layer below it.  The transport layer is layer 4 and this where TCP and UDP ports reside.  The transport layer makes sure packets are delivered in sequence, error free and with out any losses or duplications.  The transport layer uses acknowledgements to handle flow control when required.  The transport  layer is in contact with the transport  layer of the remote machine it is communicating with.

The Session Layer

Communication between computers is established, maintained and terminated by the session layer.  The session layer is layer 5 of the OSI model.  SQL is an example of a session layer protocol.  The session layer is in contact with the session layer of the remote machine it is communicating with.

The Presentation Layer

The presentation layer is layer 6 and it defines how data is presented to the application layer.  When data is encrypted or decrypted it occurs here.  Other presentation layer implementations are MIDI, JPEG, and MPEG.  The presentation  layer is in contact with the presentation layer of the remote machine it is communicating with.

The Application Layer

The application layer is layer 7 at it is the top layer of the OSI model.  It is the layer that actually interfaces with applications on your computer that desire to communicate.  The application  layer is in contact with the application layer of the remote machine it is communicating with.  

Back To The CCNA Boot Camp Page

Copyright 2000 - 2005 RouterGod Online Magazine