The OSI and TCP/IP Models -- Explained.
Network modeling is an important way to visualize and conceptualize how networks function with the many various interconnected pieces of hardware, software, infrastructure, protocols and applications. Modeling is a fantastic way to imagine how complex interconnected systems function as a whole, and its imperative for troubleshooting network problems when they arise. These models are tools for communication between professionals as well.
First, let's explore the Open Systems Interconnection reference model, or quite simply, the OSI model.
The OSI Model at a glance:
LAYER 7: APPLICATION LAYER
The Application layer refers to the code built into operating systems that enable network-aware applications. Developers use an Application Programming Interface (API) to implement networking functions into their applications. All applications built for the TCP/IP model are by definition, network aware. A prime example is an online computer game. The developers have implemented the ability for a game to communicate over a network like the Internet, allowing one computer to communicate to a game server, which in turn then communicates to another computer over the Internet, so that players can play online games with their friends!
LAYER 6: PRESENTATION LAYER
The Presentation layer is an older layer that doesn't make as much sense in today's computer networking world as it used to. The Presentation layer translates data from the lower layers into a format usable by the Application layer. This layer performs bi-directional translation, so it works in either way; when an application sends and receives data. Many applications now have this functionality built directly into them in today's world.
LAYER 5: SESSION LAYER
The Session handles all active sessions for a system, initiates sessions, accepts the incoming sessions and opens and closes existing sessions. This layer connects devices together using port numbers so that one system can send a document to another device which could then print that document for the user, as an example.
LAYER 4: TRANSPORT LAYER
The Transport layer is the 'Assembly/Disassembly' layer. The transport protocol breaks apart large chunks of data into Internet Protocol (IP) packets and then are put into frames or, TCP segments and UDP datagrams, depending on the connection type. The computer then sends these frames to its Network Interface Card (NIC) for sending. The Transmission Control Protocol (TCP) is a connection-oriented protocol which sends the data in an ordered and organized fashion, requires a two-way connection between two systems over a port to port connection, and transmission is guaranteed! If a packet is lost along the way, the receiving end will know, and that packet will be resent. This is a slower system than UDP, but is used for connections that require 100% data transfer without fail; such as a a client browsing the web and downloading files. The User Datagram Protocol (UDP) is a bit of the opposite. UDP is connection-less and therefore its far faster than TCP. UDP allows an application or service to send data very quickly without first establishing a connection. UDP has many uses, but a major use we all know and love is media streaming. Streaming services for music or video use UDP because they can afford to lose a few packets here and there. This results in a much faster service for the client. This is the same reason why sometimes video streams have artifacts or look strange when bandwidth is low. Devices operating within the Transport layer include Gateways and Firewalls.
LAYER 3: NETWORK LAYER
The Network layer handles routing and Internet Protocol (IP). Larger networks use IP Addresses to get data where it's going. This is where a router comes into play. Routers operate on Layer three, along with Multi-Layer Switches. The router can connect multiple (Local Area Networks) LAN networks together into a Wide-Area Network (WAN). Each LAN is referred to as a subnet. The router uses logical addressing, such as IP. IP addresses use four 8-bit numbers ranging from 0 - 255, for example: 192.168.4.232 or 192.168.1.1. These examples are private addresses. Private addresses differ from public IP addresses. Public-facing IP addresses are used to communicate over the internet, while private addresses are reserved blocks of IP addresses used to communicate within a LAN. Typically, private addresses start with 10.X.X.X or 192.168.X.X, where the X's can be any numbers ranging from 0-255. The network layer takes Ethernet frames from the Data-link layer below, strips off the Ethernet frame and encapsulates that data into a new frame, called an IP Packet. The router takes the IP Packet and uses its Source and Destination IP addresses to route the packet where it needs to go. IP addresses are used to move data through the network infrastructure and in between networks.
LAYER 2: DATA LINK LAYER
The Data-link layer begins with a NIC, or Network Interface Card. This is the card within your computer, phone or tablet that allows either wired or wireless connectivity to a network. Every NIC communicating on a network is given it's own 48-bit uniquely identifiable number called a Media Access Control address or MAC Address or otherwise known as a Physical Address. A MAC address is always in a 12 character hexadecimal format, such as These addresses are burned into the NIC by its manufacturer. A MAC address consists of two parts. The first six hexadecimal digits refer to the Block ID, and the last 6 hexadecimal digits refer to the Device ID. For example: 00-14-22-01-23-45. This MAC address has a Block ID of 00-14-22 which refers to a block of addresses owned by Dell Inc, and a device id of 01-23-45 which would normally refer to the device model and manufacturer date, but is made up in this example. The data link layer contains Logical Link Control or LLC which talks to the operating system through device drivers, handles multiple protocols and provides flow control. The Data Link Layer deals with complete Ethernet frames and their source and destination MAC addresses for moving data between clients or hosts. Switches, modems, and bridges are all examples of Layer 2 devices because they all deal with the Physical or MAC address.
LAYER 1: PHYSICAL LAYER
The Physical layer lives in the real world and refers to the actual wiring and cabling that data travels through, such as UTP/STP Ethernet cables (Unshielded/Shielded Twisted Pair), fiber optic cables, coaxial cables, telephone lines and wireless radio transmissions (Wi-Fi). Hubs and data repeaters are also considered Layer 1 devices because they don't have any built in smarts and they don't know what the traffic they deal with contains. They simply broadcast all that traffic to every device connected to it regardless if the traffic is destined for a particular host or not. Many common problems in Networking can be fixed by troubleshooting at Layer 1 first.
Now what about the TCP/IP model?
The TCP/IP model describes more modern networking than the older OSI model. Here it is at a glance:
The TCP/IP model combines all the OSI model layers into a 4 layer approach to networking. The following diagram shows nicely which layers on the TCP/IP model match up to the OSI model.
Using the knowledge given from the OSI model and this new diagram, we can now explore a newer, more modern model that better describes the majority of networking use cases used in today's world. Let’s take a look!
Layer 4: APPLICATION LAYER
The Application layer combines the Application, Presentation and Session Layers from the OSI Model. Every application needs to be able to initiate, control and disconnect from a remote system. The TCP protocol uses a port number system with ports ranging from 1 – 65,535. 0 is a reserved port and is not used. Well known ports range from 1-1023. Applications do not require specific presentation as in the OSI Model because TCP/IP has strict and standard formats for protocols. Data from the application layer can also go into UDP datagrams.
LAYER 3: TRANSPORT LAYER
The Transport layer is the frame ‘assembly/disassembly’ layer as in the OSI model. This layer is responsible for getting TCP segments and UDP datagrams where they nee