7-layer OSI MODEL
The OSI (Open System Interconnection) model is developed by
ISO in 1984 to provide a reference model for the complex aspects
related to network communication. It divides the different functions
and services provided by network hardware and software in 7
layers. This facilitates modular engineering, simplifies teaching
and learning network technologies, helps to isolate problems
and allows vendors to focus on just the layer(s) in which their
hardware or software is implemented and be able to create products
that are compatible, standardized and interoperable.
The diagram below shows the 7 layers of the OSI Model, to remember
them in the correct order a common mnemonic is often used: All
People Seem To
Need Data Processing.
The Application, Presentation and Session layer are known as
the Upper Layer and are implemented in software. The
Transport and Network layer are mainly concerned with protocols
for delivery and routing of packets to a destination and are
implemented in software as well. The Data Link is implemented
in hard- and software and the Physical layer is implemented
in hardware only, hence its name. These last two layers define
LAN and WAN specifications.
A more detailed description of each layer follows below, but
here's what basically happens when data passes from Host A to
1. the Application, Presentation and Session layer take user
input and converts it into data,
2. the Transport layer adds a segment header converting the
data into segments,
3. the Network layer adds a network header and converts the
segments into packets ,
4. the Data Link layer adds a frame header converting the packets
5. the MAC sublayer layer converts the frames into a bits which
the Physical layer can put on the wire.
The steps are known as the 5 steps of data encapsulation.
When the bits stream arrives at the destination, the Physical
layer takes it of the wire and converts it into frames, each
layer will remove their corresponding header while the data
flows up the OSI model until it is converted back to data and
presented to the user, this is known as decapsulation.
The Application layer provides network services directly to
the user's application such as a web browser, email software
and Windows Explorer. This layer is said to be "closest
to the user".
Protocols that operate on this layer include: TELNET, HTTP,
FTP, TFTP, SMTP, NTP, SNMP, EDI.
This layer 'represents' the data in a particular format to the
Application layer. It defines encryption, compression, conversion
and other coding functions.
Specifications defined at this layer include: GIF, TIFF, JPEG,
MPEG, MIME, and ASCII.
Establishes, maintains and terminates end-to-end connections
(sessions) between two applications on two network nodes. It
controls the dialogue between the source and destination node,
which node can send when and how long. Also provides error reporting
for the Application, Presentation and Session layer.
Protocols/API's that operate on this layer include: RPC, SQL,
This layer converts the data received from the upper layers
into segments. The Transport layer is responsible for end-to-end
(also called source-to-destination) delivery of entire messages.
Provides end-to-end connectivity, it allows data to be transferred
reliably and sequencing to guarantee that it will be delivered
in the same order that it was sent. Provides services such as
error checking and flow control (software).
Protocols that operate on this layer: TCP, UDP, NETBEUI, SPX.
These protocols are either connectionless or connection-oriented:
Connection-oriented means that a connection
(a virtual link) must be established before data can be exchanged.
This can guarantee that data will arrive, and in the same order
it was sent. It guarantees delivery by sending acknowledgements
back to the source when messages are received. TCP is an example
of an connection-oriented transport protocol.
A common example of connection-oriented communication is a telephone
call: you call, the 'destination' picks up the phone and acknowledges
and you start talking (sending data). When a message or a piece
of it doesn't arrive, you say: "What!?" and the sender
will retransmit the data.
is the opposite of connection-oriented; the sender does not
establish a connection before it sends data, it just sends without
guaranteeing delivery. UDP is an example of an connectionless
This layer converts the segments from the Transport layer into
packets (or datagrams) and is responsible for path determination,
routing, and the delivery of these individual packets
across multiple networks without guaranteed delivery. The network
layer treats these packets independently, without recognizing
any relationship between those packets, it relies on upper layers
for reliable delivery and sequencing.
Also this layer is is responsible for logical addressing
(also known as network addressing or Layer 3 addressing) for
example IP addresses
Examples of protocols defined at this layer: IP, IPX, AppleTalk,
ICMP, RIP, OSPF, BGP, IGRP, EIGRP, NLSP, ARP, RARP, X.25
Devices that operate on this layer: Routers, Layer 3 Switches.
Network layer addresses
Also known as Layer 3 or Logical addresses. These type of addresses
are protocol-dependent, for example if the network protocol
is IP, IP addressing will be used which is made up of a network
part and a host part and needs a subnet mask to determine the
boundaries of these parts. An example of an IP address is: 172.16.0.1
and a subnet mask: 255.255.0.0
Another example is Novell's IPX addressing, which uses a combination
of a hexadecimal network address + the layer 2 MAC address to
form a network layer address, for example" 46.0010E342A8BC
The Data Links provides transparent network services to the
Network layer so the Network layer can be ignorant about the
physical network topology and and provides access to the physical
networking media. Responsible for reassambling bits taken of
the wire by the Physical layer to frames, makes sure they are
in the correct order and requests retransmission of frames in
case an error occurs. Provides error checking by adding a CRC
to the frame, and flow control. Examples of devices that operate on this layer are switches, bridges, WAPs, and NICs.
IEEE 802 Data Link sub layers
Around the same time the OSI model was developed, the IEEE developed
the 802-standards such as 802.5 Token Ring and 802.11 for wireless
networks. Both organizations exchanged information during the
development which resulted in two compatible standards. The
IEEE 802 standards define physical network components such as
cabling and network interfaces, and correspond to the Data Link
and/or Physical layer of the OSI model. The IEEE refined the
standards and divided the Data Link layer into two sublayers:
the LLC and the MAC sub layer.
- LLC sublayer
LLC is short for Logical Link Control. The Logical Link Control
is the upper sublayer of the Data Link layer. LLC masks the
underlying network technology by hiding their differences hence
providing a single interface to the network layer. The LLC sublayer
uses Source Service Access Points (SSAPs) and Destination Service
Access Points (DSAPs) to help the lower layers communicate to
the Network layer protocols acting as an intermediate between
the different network protocols (IPX, TCP/IP, etc.) and the
different network types (Ethernet, Token Ring, etc.) This layer
is also responsible for frames sequencing and acknowledgements.
The LLC sublayer is defined in the IEEE standard 802.2.
- MAC sublayer
The Media Access Control layer takes care of physical addressing
and allows upper layers access to the physical media, handles
frame addressing, error checking. This layer controls and communicates
directly with the physical network media through the network
interface card. It converts the frames into bits to pass them
on to the Physical layer who puts them on the wire (and vice
IEEE LAN standards such as 802.3, 802.4, 802.5 and 802.10 define
standards for the MAC sublayer as well as the Physical layer.
Other standards on this layer include: X.25 and Frame Relay
Data Link layer addresses
Also known as layer 2 addresses, BIAs (Burned-in Address), physical
address and most commonly referred to as MAC address. This is
a fixed address programmed into a NIC or a router interface
00-10-E3-42-A8-BC is an example of a MAC address. The first
6 hexadecimal digits (3 bytes) specify the vendor/manufacturer
of the NIC, the other 6 digits (3 bytes) define the host.
The layer 2 broadcast address is FF-FF-FF-FF-FF-FF.
This layer communicates directly with the physical media, it
is responsible for activating, maintaining and deactivating
the physical link. It handles a raw bits stream and places it
on the wire to be picked up by the Physical layer at the receiving
node. It defines electrical and optical signaling, voltage levels,
data transmission rates and distances as well as mechanical
specifications such as cable lengths and connectors, the amount
of pins and their function.
Devices that operate on this layer: HUBs/concentrators, repeaters,
NICs, and LAN and WAN interfaces such as RS-232, OC-3, BRI,
V.24, V.35, X.25 and Frame Relay.
stack vs. the DoD Model
TCP/IP operation is defined in its own model: the DoD model.
DoD is short for Department of Defense, who desgined TCP/IP
for ArpaNet. ALthough they are similar, in contrary to the 7-layer
OSI model the DoD model has 4 layers. Each DoD layer and its
functions corresponds to 1 or more OSI layers and their functions,
which is represented in the image below:
For the CCNA exam you don't need to know the DoD model in detail,
but if you know the OSI model and the related DoD layers you
can easily identify the layer at which a certain protocol or
standard is specified, for example:
Process/Application: Telnet, FTP, SMTP, HTTP, SNMP, etc.
Host To Host: TCP UDP
Internet: IP, ICMP, ARP, RARP, BootP, etc.
Network Access: Ethernet, Fast Ethernet, Token Ring, FDDI, etc.