The 7-layer OSI Model and TCP/IP
Learning about computer networking and the TCP/IP protocol can get very confusing. One of the easiest way to make it stick is to establish a very good foundation from where you can build your computer networking knowledge. By associating how the various parts of the TCP/IP protocol suite fits within the OSI (Open Systems Interconnection) 7-layer network protocol model, you can easily comprehend the purpose and function of the various protocols within the TCP/IP protocol suite, and subsequently have a stronger knowledge and understanding its workings. Such knowledge can be reinforced by using free protocol analyzer tools.
7-Layer OSI Network Model
First lets quickly understand the purpose of each layer of the 7-layer OSI network model. We'll keep the explanation for each one as simple and as down to earth as possible.
Layer 1 - Physical Layer: This is the most physical part of the network. It is the wire, the fiber, or whatever medium is used for the connection. It is also covers the electrical specifications for the signaling and the actual physical connectors used to connect it to the physical network. This level is mainly concerned with transmitting bits.
Layer 2 - Data Link Layer: The part that handles the means by which a network device gets a hold of the network. It handles the low level signal formatting, framing, and addressing so that an entire signal frame can reach another device on the same physical network. Devices that can handle up to the data link layer are called bridges. Basically, this layer handles the transmission of frames (a series of bits formatted in a certain way) and the physical addressing of network devices--called MAC (media access control) addresses (a unique sequence of 6 bytes).
Layer 3 - Network Layer: This layer allows the data (called packets or datagram) within frames to go from one physical network to another. Devices that can handle up to layer three are known as routers. This layer also has its own addressing scheme (network logical address) so that devices can communicate with other devices across multiple other networks. Consequently, this layer is also responsible for path determination.
Layer 4 - Transport Layer: This is the first layer where device applications can communicate. As its name implies, it handles the transparent transport of data segments between network devices. It is responsible for flow control, error control, data segmentation, and communication reliability.
Layer 5 - Session Layer: The fifth layer controls the connections between applications. It sets up, manages, and closes sessions between applications. If it deals with application to application connections, then the session layer handles it.
Layer 6 - Presentation Layer: As the name implies, this layer is responsible for doing the translation of data to some format between the application. One example of such translation would be the encryption and decryption of data.
Layer 7 - Application Layer: This is the layer closest to the End-User and the application program being used by the user. Examples of such application layer protocols are HTTP and FTP.
The TCP/IP Protocol Stack
Everyone (at least those geeks that deal with communication protocols) knows about TCP (transmission control protocol) and IP (internet protocol), but not many really know the TCP/IP protocol suite. In order to understand it, please use the 7-layer OSI model as a point of comparison.
The TCP/IP Protocol Model uses 4 layers. They are as follows:
Link Layer: This is the layer that provides network access to the TCP/IP protocol suite. This is designed so that TCP/IP can run over any type of physical and medial access control schemes like Ethernet, Token Ring, and even FDDI. This layer can get data from one host to another on the same network or link.
Internet Layer: To reach other networks, this layer is needed. This is routing happens. The Internet Protocol (IP) lives here. In order for a host to reach another host on another network, they need to use an IP address. Upper layer protocols run above IP, such as ICMP (Internet Control Message Protocol), IGMP (Internet Group Management Protocol), and TCP (Transmission Control Protocol). Most technical computer people experience ICMP when they use the ping command. The ping command sends an ICMP echo request, which then is responded to by the receiving host with an ICMP echo response. Each of these protocol is represented with a protocol number within the IP header: ICMP is protocol 1, IGMP is protocol 2, TCP is protocol 6, and UDP is protocol 17.
Transport Layer: The transport layer handles the end-to-end message transfer between hosts. There are two main transport porotocols: TCP and UDP (User Datagram Protocol). TCP is a reliable connection-oriented protocol--meaning that a host can't send anything to its target unless a connection is first negotiated and established. UDP on the other hand is a best effort transport protocol, and as such not reliable. It is a connectionless protocol--meaning that the sender can simply send a packet of data to its destination without having to establish a connection first. Each protocol has a purpose. TCP is great for data transfer where any packet loss is not acceptable, such as in a file transfer. UDP is good for streaming audio where a packet loss may not be even noticeable to the person hearing the sound.
Note that there is also a newer transport protocol called SCTP (Stream Control Transmission Protocol). Unlike TCP, it is stream
Application Layer: This layer is where most of the action happens with respect to useful use of the network. Here, you'll find protocols like:
- FTP (File Transfer Protocol)
- TFTP (Trivial FTP)
- TELNET (remote login)
- SMTP (protocol for sending email)
- IMAP (protocol for sending and receiving email)
- POP (protocol for getting email)
- DNS (host name-Internet address mapping)
- HTTP (the language of the web)
- HTTPS (secure language of the web)
These are the most commons applications at this layer. There are many more, and you can peruse them at http://en.wikipedia.org/wiki/Application_layer.
Although these have been around for such a long time, they are the building blocks for what we know the Internet to be today.
Mapping TCP/IP to the 7-layer OSI Model
Mapping the TCP/IP to the 7-layer OSI model can really get complicated; but if your main goal is to learn about computer networking and become better at troubleshooting network problems, then you should focus on the network and transport layers of both. To that end, the mapping of the network layer of the TCP/IP model to the OSI 7-layer model is direct. The same goes for the transport layer. It doesn't get any simpler than this.
Protocol Analysis for Free
All this reading about models and such won't make much sense without the use of protocol analysis tools. Protocol analysis tools used to cost thousands of dollars. Today you can download and install it for free.
One such tool is call Wireshark.(http://www.wireshark.org/). This tool is free and has very comprehensive capabilities and features. Below is an image of packets I capture and viewed using this tool.
You can download the binaries for Windows here: http://www.wireshark.org/download.html.
Books on Wireshark
Learning about computer networking can get very overwhelming. However, if you understand the basics of the 7-layer OSI networking model, the TCP/IP protocol, and how the TCP/IP protocols map to the 7-layer model, then the concepts can easily be understood.
On top of that, doing some actual network traffic, using tools like Wireshark, can make these concepts more tangible by showing you how packets come together from their different components.