N10-007 Analyze a scenario and determine the corresponding OSI layer

The OSI model consolidates network communications into seven simplified layers. So what are the seven layers? Below, I list them in the order they occur as data gets processed from the sending side of a network communication.

The seven layers are:

• Application
• Presentation
• Session
• Transport
• Network
• Data link
• Physical

Application (Layer 7)

When a program needs to send a network communication, it first interacts with the application layer. In the OSI context, “application” doesn’t mean Excel, Word, or their ilk. Instead, Layer 7 is the protocol a program like Outlook or Internet Explorer uses to send network communications (think SMTP and HTTP). For example, if you use a file transfer program to send a file to a coworker, the program interacts with the application layer and decides what protocol (such as FTP, TFTP or SMB) it will use to send your file.

Presentation (Layer 6)

The presentation layer transforms the data you send into a universally recognizable format. Different devices format data in different ways. If your computer tries to communicate with a different kind of computer, Layer 6 ensures that the other computer can understand the data you send. Layer 6 protocols include ASCII and MIDI. This layer also handles data encryption, when necessary.

Session (Layer 5)

If everyone talks at once, no one hears a thing. The session layer negotiates and maintains your connections to other devices. It makes sure that sending and receiving devices can communicate with each other without “talking” over one another. Layer 5 also handles dismantling the connection when your communication ends. Layer 5 protocols include NetBIOS and session establishment for TCP.

Transport (Layer 4)

The transport layer prepares your data for transmission across the network. Your computer communicates with the receiving computer to decide how to break up your data into separate pieces, how to make sure none of the fragments get lost, and how to verify all the fragments arrived. Layer 4 prepares data in this way using protocols such as TCP or UDP.

Network (Layer 3)

The network layer makes sure your data knows how to get from your network to the network you want to communicate with. In other words, Layer 3 handles Internet

Protocol (IP) and routing. Any time an IP address shows up, think “Layer 3.” Layer 3 protocols include ICMP, IPSec, ARP, and BGP.

Data Link (Layer 2)

This layer makes sure that your computer’s abstract address (for example, its IP address) gets associated with your physical computer. It does so using protocols like MAC. Layer 2 protocols work within a network, but can’t travel out to other networks. (Doing so would require routing, which happens at Layer 3.) Layer 2 specifications include Ethernet, Token Ring, and PPP.

Physical (Layer 1)

This is the layer that handles the actual electrical and physical transmission of your data over some sort of network medium. The physical transmission might travel over different types of wires (e.g., shielded, unshielded, twisted pair), through the air (wireless), or even via light (fiber optic). What voltage? How many pins in the cable? Following Layer 1 specifications ensures the data physically gets from one end to the other. Layer 1 specs you might’ve heard of include RS-232, DSL, and 10Base-T.

When your computer needs to send a network communication, it hands its message to the application layer. The application layer selects a protocol, then passes the data to the presentation layer, and so on. Your data works down through the rest of the OSI layers until it ends up on Layer 1, whereupon it travels over some medium as electronic bits of data. Eventually, the receiving network gets your message and processes it in the reverse order, starting from the physical layer and working the data back up to the application layer.

How to speak “layer”

Braced by your whirlwind tour of the OSI stack, you can now understand my opening scenes. Revisiting the scenarios, you can probably guess that a Layer 2 (Data Link) switch only handles devices on the same local network, while a Layer 3 (Networking) switch can perform some basic routing to reach other networks. A Layer 3 (Networking) and 4 (Transport) firewall only monitors traffic at the IP address and IP protocol level, while more sophisticated firewalls, like WatchGuard’s Firebox II, III and X models, can monitor traffic on Layer 7 (Application) using proxies and application gateways.

Layer 8 doesn’t exist in the OSI model, but is a common IT joke. The only thing above Layer 7, the application layer, is the user. So if you have a Layer 8 problem, your “network problem” is the user’s fault.

The OSI model provides a convenient way for you to communicate complicated network concepts quickly. Basic knowledge of the OSI model will prevent those pesky, network show-offs from stumping you with their “layer” talk ever again. And it just might help you grasp what the heck is happening on the network you inherited.