If you spend much time in the com-pany of network technicians youwill eventually hear them say

something like “That’s Layer 2 only”or “That’s our new Layer 4 switch”.The technicians are referring to the OSI(Open System Interconnection) Refer-ence Model.

This model defines seven Layersthat describe how applications run-ning upon network-aware devicesmay communicate with each other.The model is generic and applies to allnetwork types, not just TCP/IP, andall media types, not just Ethernet. It isfor this reason that any network tech-nician will glibly throw around theterm “Layer 4” and expect to be under-stood.

It should be noted, however, thatmost protocols in day-to-day use work

on a slightly modified layer system.TCP/IP, for example, uses a 6- ratherthan a 7-layer model. Nevertheless, inorder to ease the exchange of ideas,even those who only ever use TCP/IPwill refer to the 7-layer model whendiscussing networking principles withpeers from a different networkingbackground.

Confusingly, the OSI was a work-ing group within the ISO (Interna-tional Standards Organisation) and,therefore, many people refer to themodel as the ISO 7-layer model. Theyare referring to the same thing.

Traditionally, layer diagrams aredrawn with Layer 1 at the bottom andLayer 7 at the top. The remainder ofthis article describes each layer, start-ing from the bottom, and explainssome of the devices and protocols youmight expect to find in your data cen-tre operating at this layer.

Layer 1Layer 1 is the Physical Layer and,

under the OSI Model, defines thephysical and electrical characteristicsof the network. The NIC cards in yourPC and the interfaces on your routersall run at this level since, eventually,they have to pass strings of ones andzeros down the wire.

Layer 2Layer 2 is known as the Data Link

Layer. It defines the access strategy forsharing the physical medium, includ-ing data link and media access issues.Protocols such as PPP, SLIP and HDLClive here.

On an Ethernet, of course, access is

governed by a device’s MAC address,the six-byte number that is unique toeach NIC. Devices which depend onthis level include bridges andswitches, which learn which segment’sdevices are on by learning the MACaddresses of devices attached to vari-ous ports.

This is how bridges are eventuallyable to segment off a large network,only forwarding packets betweenports if two devices on separate seg-ments need to communicate. Switchesquickly learn a topology map of thenetwork, and can thus switch packetsbetween communicating devices veryquickly. It is for this reason that mi-grating a device between differentswitch ports can cause the device tolose network connectivity for a while,until the switch, or bridge, re-ARPs(see box on ARP).

Layer 3Layer 3 is the Network Layer, pro-

viding a means for communicatingopen systems to establish, maintainand terminate network connections.The IP protocol lives at this layer, andso do some routing protocols. All therouters in your network are operatingat this layer.

Layer 4Layer 4 is the Transport Layer, and

is where TCP lives. The standard saysthat “The Transport Layer relieves theSession Layer [see Layer 5] of the bur-den of ensuring data reliability andintegrity”. It is for this reason that peo-ple are becoming very excited aboutthe new Layer 4 switching technology.

Issue 120 (July 2000) Page 13 File: T04124.1

The OSI model is a way of describing how different applications and protocols interacton network-aware devices. We explain the role of each layer and of the stack.

By Neil Briscoe

Understanding TheOSI 7-Layer Model

Figure 1 - The 7 layers ofthe OSI model.

PC Network Advisorwww.itp-journals.com

Tutorial:Overview

Before these devices became available,only software operated at this layer.

Hopefully, you will now also un-derstand why TCP/IP is uttered in onebreath. TCP over IP, since Layer 4 isabove (over) Layer 3. It is at this layerthat, should a packet fail to arrive (per-haps due to misrouting, or because itwas dropped by a busy router), it willbe re-transmitted, when the sendingparty fails to receive an acknow-ledgement from the device with whichit is communicating.

The more powerful routing proto-cols also operate here. OSPF and BGP,for example, are implemented as pro-tocols directly over IP.

Layer 5Layer 5 is the Session Layer. It pro-

vides for two communicating presen-tation entities to exchange data witheach other. The Session Layer is veryimportant in the E-commerce fieldsince, once a user starts buying itemsand filling their “shopping basket” ona Web server, it is very important thatthey are not load-balanced across dif-ferent servers in a server pool.

This is why, clever as Layer 4switching is, these devices still operate

software to look further up the layermodel. They are required to under-stand when a session is taking place,and not to interfere with it.

Layer 6Layer 6 is the Presentation Layer.

This is where application data is eitherpacked or unpacked, ready for use bythe running application. Protocol con-versions, encryption/decryption andgraphics expansion all takes placehere.

Layer 7Finally, Layer 7 is the Application

Layer. This is where you find yourend-user and end-application proto-cols, such as telnet, ftp, and mail (pop3and smtp).

The StackOur imaginary listener, eavesdrop-

ping on the conversations of networkengineers, would hear them refer to IPstacks quite frequently. They are calledstacks because, in order to get a packetfrom an application running on deviceA to an application running on device

B, the packets have to descend andthen re-ascend the layers (the stack).

Consider the following example.An application forms a packet of datato be sent; this takes place at Layer 7.As the packet descends the stack, it iswrapped in headers and trailers, asrequired by the various protocols, un-til, having reached Layer 1, it is trans-mitted as a frame across the mediumin use. Upon reaching device B, it re-ascends the stack, as the device stripsoff the appropriate headers and trail-ers, delivering just the application datato the application.

The OSI tried to keep to as few lay-ers as possible for the sake of simplic-ity. The fact that the 7-Layer model isuniversally used to describe where adevice or protocol sits in the scheme ofthings shows that the designers did anexcellent job of achieving their aims.

File: T04124.2 Issue 120 (July 2000) Page 14

The AuthorNeil Briscoe is a networking con-sultant and Cisco guru and can becontacted as neil.briscoe@itp-journals.com.

PCNA

Copyright ITP, 2000Address Resolution Protocol (ARP)Bridges, switches, and most network devices keep a table mapping IP

addresses to Media Access addresses. Moving a device between portsinvalidates these tables, and hence the device’s view of the world.Fortunately, the devices age their table entries, typically clearing them outfive minutes after the last time a packet was seen from a particular entity.This is sometimes called re-ARPing. Most bridges and switches providemanagement functions to allow you to clear the ARP entry manually, shouldyou have needed to move a device due to a failed port.

Further Readingwww.whatis.comThis impressive site hosts infor-mation on a wide range of sub-jects, a lot of it network-related,including a more in-depth discus-sion of the OSI. Visit the site, clickon the letter O at the top, and thenscroll down the list of topics untilyou find OSI.

“They are called stacks because, inorder to get a packet from an applicationrunning on device A to an application

running on device B, the packetshave to descend and then re-ascend

the layers (the stack).”

PC Network Advisorwww.itp-journals.com

Tutorial:Overview

PC Network Advisorwww.pcnetworkadvisor.com

Additional Resources

• TCP/IP Tutorial

• Understanding IPv6

• Understanding NAT

• Understanding Frame Relay

• Understanding DHCP

• Virtual Private Networking Explained

All these articles are available free online now at www.pcnetworkadvisor.com

PCNA

Copyright ITP, 2002

New Reviews from Tech Support Alert Anti-Trojan Software Reviews A detailed review of six of the best anti trojan software programs. Two products were impressive with a clear gap between these and other contenders in their ability to detect and remove dangerous modern trojans. Inkjet Printer Cartridge Suppliers Everyone gets inundated by hundreds of ads for inkjet printer cartridges, all claiming to be the cheapest or best. But which vendor do you believe? Our editors decided to put them to the test by anonymously buying printer cartridges and testing them in our office inkjet printers. Many suppliers disappointed but we came up with several web sites that offer good quality cheap inkjet cartridges with impressive customer service. Windows Backup Software In this review we looked at 18 different backup software products for home or SOHO use. In the end we could only recommend six though only two were good enough to get our “Editor’s Choice” award The 46 Best Freeware Programs There are many free utilities that perform as well or better than expensive commercial products. Our Editor Ian Richards picks out his selection of the very best freeware programs and he comes up with some real gems.

Tech Support Alert http://www.techsupportalert.com