There is one topic that plagues the study schedules of anyone that wants to learn anything about networking. The Open Systems Interconnection (OSI) model has haunted all of our studies. The OSI model initially seems to be this ethereal thing that someone just arbitrarily created, but if we look at it critically, we can see the logic that facilitated its creation; once we have that in mind, the benefits of an organized and structured approach for implementing networking protocols across a multilayer hierarchy immediately begins to make sense.
It may not seem like it initially, but the OSI model does provided us a better understanding of protocols and technologies. This better understanding means, we can deploy technologies more effectively, and the added benefits of knowing the mechanics behind a technology are immediately evident when we need to troubleshoot those technologies.
In this article, we will look at where the OSI model came from, how it is organized, what protocols work at each level and how the model can be applied to troubleshooting.
In The Beginning
In the early 70’s, scientists working at the Defense Advanced Research Projects Agency (DARPA), an organization within the United States Department of Defense, were working on an idea that would eventually evolve into what we call the public internet. Developed by using concepts that had been employed in a, very early, wide area networking technology they were using called the ARPANET, this idea was called the TCP/IP Model, or less commonly the DoD Model.
The TCP/IP Model employed a hierarchal arrangement of “layers” that governed the design and implementation of specific networking protocols that would enable computers to communicate over a network. This model defined end-to-end connectivity and governances that specified how information would be formatted, addressed, forwarded, routed and received at the distant end. There were a number of protocols that existed during this time that were used by different devices, and communication services between hosts; it was important to implement so kind of standard rules for communication. All this was accomplished by the TCP/IP or DoD Model by defining four distinct abstraction layers (RFC 1122):
- Application Layer is where applications create user data and communicate this data to other processes or applications on peer or with itself. Protocols found at this level would be SMTP, FTP, SSH, HTTP, etc.
- Transport Layer provides a uniform networking interface that deals with opening and maintaining connections between hosts. Flow-control, error-correction, and connection protocols exist at this level, to include Transmission Control Protocol TCP.
- Internet Layer is the layer that establishes internetworking. It would not be an exaggeration to say that it defines and establishes the Internet. The main protocol at this level is Internet Protocol (IP). In the TCP/IP Model this is where routing takes place.
- Network Access Layer is where the protocols used to describe the local network topology and the interface types used to communication with link local hosts are defined.
This model, as we can see, follows a modular design not only to aid in the education process, but to also allow manufacturers to easily adapt to specific hardware and operating system needs.
The Modern OSI Model
The Open System Interconnection Model, or OSI Reference Model, was created and has evolved to allow us to break the TCP/IP suite into more refined modules. Technically, it is exactly the same as the TCP/IP model, except that there are more layers. This model is currently adopted industry wide because it makes learning and understanding the TCP/IP stack much simpler.
Rather than defining four layers, the OSI model is divided into seven. To accomplish this, the TCP/IP model’s Application Layer and Network Layer have been further divided into smaller layers, and the Internet Layer has been renamed to the “Network Layer.” Specifically, the TCP/IP Application Layer has been subdivided into three layers: Application, Presentation and Session Layers. The Network Layer has be divided into two layers: Data Link and Physical Layers. This means the OSI Model has expanded the TCP/IP model to include:
- Application Layer provides a network interface for applications and supports network applications. This is where many protocols including FTP, SMTP, and POP3 operate. ICMP Ping requests can be sent from this Layer; if these pings are successful, it means that each layer of the OSI model should be functioning properly.
- Presentation Layer translates data into a standard format, while also being able to provide encryption and data compression. Encryption or data compression does not have to be done at the Presentation Layer, but it can be performed in this layer.
- Session Layer establishes sessions between applications on a network. This may be useful for network monitoring, using a login system, and reporting. It should be noted that the Session Layer is not used a great deal over networks, but is used heavily use in streaming video and audio, or web conferencing.
- Transport Layer: due to the fact that network layer does not provide error and flow control in it is introduced in this Layer. The Transport Layer is responsible for keeping a reliable end-to-end connection for the network.
- Network Layer simply supports logical addressing and routing. The IP protocol operates on the Network Layer. This is where routing takes place.
- Data Link Layer is what manages how the host interfaces with the network adapter, and can perform basic error checking. In addition to this, it also maintains logical links for any subnets.
- Physical Layer converts data into streams of electric or analog pulses- commonly referred to as “1’s and 0’s.” Data is broke down into simple electric pulses, and rebuilt at the receiving end.
How It All Works
In order to envision how this process works, we need to imagine two hosts connected via FastEthernet. Imagine that one of the hosts needs to send data to the other. Using a program running at the Application Layer of the OSI model, a user creates data. This data is then passed to the Presentation Layer and then to the Session Layer. These three layers add some additional information to the data that was generated (this process is called encapsulation), and then sends it to the Transport Layer where it is divided into smaller segments. This is why data at the Transport Layer is referred to as segments.
Each of these segments is assigned a sequence number so that the data stream can be reassembled on the receiving host exactly the way it was transmitted. Each segment is then passed on to the Network Layer, where it is assigned a logical address so that it can be routed through the network. Data at the Network Layer is referred to as Packets. Note that at this point these Packets include an IP header, the transport header, and any upper layer information and then sent to the Data Link Layer.
At the Data Link Layer, we refer to this information as a frame. This Layer is responsible for taking packets from the Network Layer and placing them on the physical wire in the form of Bits. The Data Link Layer encapsulates each packet in a frame which contains the Media Access Control (MAC) Address of the source and destination host and any Logical Link Control (LLC) information. It is important to note that the Data Link Layer will employ a Frame Check Sequence (FCS) as part of an error checking process at the receiving host.
This process describes the transmittal of information from one device to another. When information is received by a host, the encapsulation process is described above is reversed. The reversal of this procedure is called de-encapsulation.
Troubleshooting using the OSI Model
Troubleshooting any networking issue is best done using a logical approach, and the OSI Model defines a natural framework for approaching problems. The brilliant part of the OSI model’s design is that individual layers can be independently tested and verified using very basic tools and observations:
The Physical Layer
- Is your network cable connected properly and secure?
- Are you using the correct cable type?
- Is your cable damaged or obstructed in any way?
The Data Link Layer
- Is the link light lit on your network interface card (NIC)?
- Is your NIC inserted/installed correctly?
- Is the NIC disabled in Device Manager?
- Are your wireless settings correct?
- Is your wireless AP or wireless NIC functioning properly?
- Are the LEDs on your equipment on/blinking properly?
The Network Layer
- Can you ping your default gateway?
- Are your IP address settings correct?
- Can you tracert a well know IP/DNS address/URL?
- Has your network adaptor been assigned an APIPA address?
- Are your DNS / DHCP settings correct?
- What output do you get from ipconfig, ping, tracert?
The Transport Layer
- Do you have a firewall configured on your computer?
- Is your firewall blocking ports such as port 80, 21, 53 etc?
- Does turning you firewall off resolve the problem?
Application, Presentation, Session Layers
- Can you view a web page in your browser?
- Can you send/receive email?
- Are your username and/or password correct?
- Are your Internet Explorer connection settings correct?
As we can see the OSI model we can be used to identify or troubleshoot problems like network connection issues as an example.
Almost all networks in the world are based in some way on the OSI model. As we discussed earlier, this model initially came from the US Department of Defense but has evolved and expanded into its current structure in a brief period of time. The seven individual layers of this model govern the different stages that data must transition through in order to move from one device or host to another, over a network. Developers also use the OSI model to ensure that a certain level of compatibility is guaranteed between different vendor devices, by adhering to the general standards outlined by the model. The fact that all vendors use this methodology also makes the layered approach of the OSI Model a very powerful troubleshooting tool that can be used to isolate faults. This makes learning this topic more than worthwhile.