paulgorman.org

Network/OSI

OSI (Open Systems Interconnection) is an ISO standard that includes a conceptual model that partitions aspects of networking into seven abstract layers.

Each layer has some overhead that can be thought of like a wrapper, which encloses data. That enclosed data includes the overhead of the next higher layer and that layer's data. And so on, like a Russian doll. Of course, this framing may not necessarily be what you might think of (packet headers and footers, for example) for all levels; the framing of a layer 1 protocol, for example, might simply be a specification defining voltages and signal timing.

The process of sending data from point A to point B largely involves point A (and the intervening devices) encapsulating data for transmission, and point B (and the intervening devices) de-encapsulating data on arrival.

Remember: this is a conceptual model. Not all real world protocols or applications will corresponds neatly to or operate neatly in one OSI layer.

Layer 1: the Physical layer

A media layer. The lowest level.

Layer 1 involves physical media (copper, fiber, radio, etc.), pinouts, voltages, repeaters, hubs, terminators, NIC's, media converters, connector specifications, etc.

Layer 1 is the raw bits in transit. Depending on the protocol, it may involve some lowest-level flow control and/or error correction.

The Physical layer includes DSL, ISDN, T1, USB, Bluetooth, parallel SCSI, 802.11, etc.

Layer 2: the Data Link layer

A media layer. Units of data on layer 2 are chunked into frames, and each frame has a frame head and a frame footer containing the data payload. The frame is the PDU (protocol delivery unit) of link layer. An ethernet frame header contains MAC addresses.

Layer 2 is largely concerned with correcting errors from layer 1, delivery of frames between nodes (any nodes on a LAN, or adjacent nodes on a WAN), and defining where one frame ends and another begins. In some protocols, the Data Link layer determines how to detect and respond to frame collisions too. MAC (media access control) is a sublayer of the Data Link layer.

The lowest layer of TCP/IP (the link layer, which handles obtaining hardware addresses and transmitting data frames) corresponds to OSI layer 2. Note that TCP/IP doesn't fit entirely neatly within the OSI conceptual model.

The Data Link layer includes ethernet, SLIP, frame relay, PPP, ATM, etc.

Layer 3: the Network layer

A media layer. Units of data on layer 3 are chunked into packets/datagrams, where (in the case of IP) each packet includes an IP header and a payload (both of which are wrapped in the data payload of the layer 2 frame*). The packet is the PDU (protocol delivery unit) of the network layer. An IP packet header contains IP addresses.

Layer 3 protocols handle message routing, bundling messages into packets, and reporting delivery errors.

OSI layer 3 corresponds roughly to the TCP/IP internet layer.

The Network layer includes IPv4, IPv6, ICMP, IPsec, etc.

Layer 4: the Transport layer

A host layer. Units of data on layer 4 are chunked into segments, where each segement has a (TCP or UDP) header and a payload (both of which are wrapped in the data payload of the layer 3 packet*). The segment is the PDU (protocol delivery unit) of the transport layer.

The Transport Layer provides reliability with flow control, error control, retransmission on timeout, and segmentation-desegmentation (chunking large data into smaller chunks and reassembling it). Unlike the network layer, the transport layer guarantees same order delivery of packets (i.e.—a layer 4 protocol might number layer 3 packets, and only pass them to higher level applications in the correct order).

The level of reliability provided depends on the protocol. TCP is more reliable (error recovery, automatic repeat requests) than UDP, for example.

OSI layer 4 corresponds very roughly with TCP/IP's transport layer (i.e.—TCP itself).

The Transport layer includes TCP, UDP, etc.

Layer 5: the Session layer

A host layer.

Layer 5 protocols are responsible for opening, closing, and managing sessions between end-user processes. Session checkpointing and recovery (syncing audio and video, for example) happens at this layer.

The Session layer includes named pipes, NetBIOS, SPDY, RPC, etc.

Layer 6: the Presentation layer

A host layer.

Layer 6 translates or encapsulates data. For example, a layer 6 protocol would accept null-terminated strings and fixed-length strings, and render them suitable to be passed down to the next layer. The presentation layer might also be responsible for translating between EBCDIC (binary) and ASCII text characters.

Encryption and/or compression often happen at the Presentation layer.

Many protocols, including HTTP, make little distinction between the Presentation layer and the Application layer.

The Presentation layer includes SSL, MIME, and VT (virtual terminal, like VT100, VT220).

Layer 7: the Application layer

A host layer. The highest level layer.

This is layer includes applications visible (more or less) to end users.

The Application layer includes DNS, FTP, HTTP, NTP, telnet (arguably layer 6 instead), SMTP, etc.

Cross-layer Functions

Some functions span OSI layers. For example, ARP translates IPv4 addresses (OSI layer 3) into ethernet MAC addresses (OSI layer 2).

Compared to TCP/IP

The TCP/IP model is not as rigidly defined in layers as the OSI model, so any mappings between the two are approximate. TCP/IP's application layer spans OSI's Application, Presentation, and Session layers. TCP/IP's transport layer roughly aligns with OSI's Transport layer. TCP/IP's internet layer is a subset of OSI's Network layer. TCP/IP's link layer encompasses all of OSI's Data Link and Physical layers and part of its Network layer.

* It's desirable by not always possible for the PDU of one layer to fit inside the PDU of the underlying layer.

See Also