|~ By Charlie Schluting
It is time to take a trip up the
Model, and learn what this mysterious thing is all about. The
network stack is of great significance, but not so much that it's
the first thing you should learn. Many so-called networking classes will
start by teaching you to memorize the name of every layer and every
protocol contained within this model. Don't do that. Do realize that
layers 5 and 6 can be completely ignored, though.
Standards Organization (ISO) developed the OSI (Open Systems
Interconnection) model. It divides network communication into seven
layers. Layers 1-4 are considered the lower layers, and mostly
concern themselves with moving data around. Layers 5-7, the upper
layers, contain application-level data. Networks operate on one
basic principle: "pass it on." Each layer takes care of a very
specific job, and then passes the data onto the next layer.
The physical layer, layer 1, is too
often ignored in a classroom setting. It may seem simple, but there
are aspects of the first layer that oftentimes demand significant
attention. Layer one is simply wiring, fiber,
network cards, and anything else that is used to make two
devices communicate. Even a carrier pigeon would be considered
layer one gear (see RFC 1149). Network troubleshooting will often
lead to a layer one issue. We can't forget the legendary story of
across the floor, and an office chair periodically rolling over it
leading to spotty network connectivity. Sadly, this type of problem
is quite common, and takes the longest to troubleshoot.
Layer two is
protocols; we're keeping this simple, remember. The most
important take-away from layer 2 is that you should understand what
is. Switches, as they're called nowadays, are bridges. They all
operate at layer 2, paying attention only to
addresses on Ethernet networks. If you're talking about MAC
address, switches, or network cards and drivers, you're in the land
of layer 2. Hubs live in layer 1 land, since they are simply
electronic devices with zero layer 2 knowledge. LDon't worry about the details
for now, just know that layer 2 translates data frames into bits for
layer 1 processing.
You might want to go back and re-read that before moving on, because
fledgling network admins always seem to mix up layers two and three.
Key Terms To
Short for Address Resolution Protocol, a network layer protocol used
to convert an IP address into a physical address, such as an
In networking, a distinction is made between broadcasting and
multicasting. Broadcasting sends a message to everyone on the
network whereas multicasting sends a message to a select list of
Short for Media Access Control. See MAC address or MAC layer.
A portion of a network that shares a common address component. On
TCP/IP networks, subnets are defined as all devices whose IP
addresses have the same prefix.
A connectionless protocol that, like TCP, runs on top of IP
networks. Unlike TCP/IP, UDP/IP provides very few error recovery
services, offering instead a direct way to send and receive
datagrams over an IP network. It's used primarily for broadcasting
messages over a network.
If you're talking about an
you're dealing with layer 3 and "packets" instead of layer 2's "frames." IP
is part of layer 3, along with some routing protocols, and
Resolution Protocol). Everything about routing is handled in layer 3.
Addressing and routing is the main goal of this layer.
Layer 4, the transport layer, handles messaging. Layer 4 data units are
also called packets, but when you're talking about specific protocols, like
"segments" or "datagrams"
in UDP. This layer is
responsible for getting the entire message, so it must keep track of
fragmentation, out-of-order packets, and other perils. Another way to think
of layer 4 is that it provides end-to-end management of communication. Some
protocols, like TCP, do a very good job of making sure the communication is
reliable. Some don't really care if a few packets are lost--UDP is the prime
And arriving at layer 7, we wonder what happened to layer 5 and 6.
In short: They're useless.
A few applications and protocols live there, but for understanding
networking issues talking about these provides zero benefit. Layer 7, our
friend, is "everything." Dubbed the "Application Layer," layer 7 is
application-specific. If your program needs a specific format for data, you
invent some format that you expect the data to arrive in and you've just
created a layer 7 protocol. SMTP, DNS and FTP are all layer 7 protocols.
The most important thing to learn about the OSI model is what it really
Pretend you're an
system on a network. Your network card, operating at layers 1 and 2,
will notify you when there's data available. The driver handles the shedding
of the layer 2 frame, which reveals a bright, shiny layer 3 packet inside
(hopefully). You, as the operating system, will then call your routines for
handling layer 3 data. If the data has been passed to you from below, you
know that it's a packet destined for yourself, or it's a broadcast packet
(unless you're also a router, but never mind that for now). If you decide to
keep the packet, you will unwrap it, and reveal a layer 4 packet. If it's
TCP, the TCP subsystem will be called to unwrap and pass the layer 7 data
onto the application that's listening on the port it's destined for. That's
When it's time to respond to the other computer on the network, everything
happens in reverse. The layer 7 application will ship its data onto the TCP
people, who will stick additional headers onto the chunk of data. In this
direction, the data gets larger with each progressive step. TCP hands a
valid TCP segment onto IP, who give its packet to the Ethernet people, who
will hand it off to the driver as a valid Ethernet frame. And then off it
goes, across the network.
Routers along the
way will partially disassemble the packet to get at the layer 3 headers in
order to determine where the packet should be shipped. If the destination is
on the local Ethernet subnet, the OS will simply ARP for the computer
instead of the router, and send it directly to the host.
Grossly simplified, sure; but if you can follow this progression and
understand what's happening to every packet at each stage, you're just
conquered a huge part of understanding networking. Everything gets horribly
complex when you start talking about what each protocol actually does. If
you are just beginning, please ignore all that stuff until you understand
what the complex stuff is trying to accomplish. It makes for a much better
Did You Know...
Layer two data is called a frame, and doesn't involve IP
addresses. IP addresses and packets are layer 3, MAC addresses
are layer 2!
Networking Standards >
~ By Charlie Schluting
Adapted from Enterprise
Last updated: January 13, 2005
Reference: The 7 Layers of the OSI Model
Use this handy guide to compare the different layers of the OSI model and
understand how they interact with each other.
Networking 101: Understanding IP Addresses
Networks don't work
without addresses: Whenever you are sending something, you need to specify where
it should go and where it came from. To be an effective network engineer or
administrator, you need to understand IP addresses backward and forward: you
need to be able to think on your feet.
Networking 101: Understanding Subnets and CIDR
Let's get one thing straight: there is no "Class" in subnetting. In the olden
days, there were Class A, B and C networks. These could only be divided up into
equal parts, so VLSM, or Variable Length Subnet Masks , were introduced. The old
Class C was a /24, B was a /16, and A was a /8. That's all you need to know
about Classes. They don't exist anymore.
Networking 101: Subnets Realized (Including IPv6)
An oft-asked question in networking classes is "why can't we just put everyone
on the same subnet and stop worrying about routing?" The reason is very simple.
Every time someone needs to talk, be it to a router or another host, they have
to send an ARP request. Also, there are broadcast packets that aren't
necessarily limited to ARP, which everyone hears.