Professional Documents
Culture Documents
The OSI reference model has seven layers. From bottom to top, they are physical
layer, data link layer, network layer, transport layer, session layer, presentation layer
and application layer.
The bottom three layers are usually called lower layer or the media layer, which is
responsible for transmitting data in the network. Networking devices often work at
lower layers and network interconnection is achieved by the cooperation of software
and hardware. Layer 5 to layer 7 form the upper layer or the host layer. The upper
layer guarantees data is transmitted correctly, which is achieved by software.
The functions of each layer of the OSI Reference Model are listed as follows:
Physical layer: providing a standardized interface to physical transmission media
including voltage, wire speed and pin-out of cables.
Data link layer: combines bits into bytes and bytes into frames. Provides access to
media using MAC address and error detection.
Network layer: providing logical addresses for routers to decide path.(path selection)
Transport layer: providing reliable or unreliable data transfer services and error
correction before retransmission.
Session layer: establishing, managing and terminating the connections between the
local and remote application. Service requests and responds of application programs
in different devices form the communication of this layer
Since the OSI reference model and protocols are comparatively complicated, they do
not spread widely. However, TCP/IP has been widely accepted for its openness and
simplicity. The TCP/IP stack has already been the main stream protocols for the
Internet.
The TCP/IP model also takes a layered structure. Each layer of the model is
independent from each other but they work together very closely.
The difference between the TCP/IP model and the OSI reference model is that the
former groups the presentation layer and the session layer have been merged into the
application layer. So the TCP/IP model has only five layers. From bottom to top, they
are: physical layer, data link layer, network layer, transport layer and application layer.
Each layer of the TCP/IP model corresponds to different protocols. The TCP/IP
protocol stack is a set of communication protocols. Its name, the TCP/IP protocol
suite, is named after two of its most important protocols: the Transmission Control
Protocol (TCP) and the Internet Protocol (IP). The TCP/IP protocol stack ensures the
communication between network devices. It is a set of rules that define how
information is delivered in the network.
Each layer of the TCP/IP model uses Protocol Data Unit (PDU) to exchange
information and enable communication between network services. During
encapsulation, each succeeding layer encapsulates the PDU that it receives from the
layer above. At each stage of the process, a PDU has a different name to reflect its
new appearance.
For example, the transport layer adds TCP header to the PDU from the upper layer to
generate the layer 4 PDU, which is called a segment. Segments are then delivered to
the network layer. They become packets after the network layer adds the IP header
into those PDUs. The packets are transmitted to the data link layer, where they are
added data link layer headers to become frames. Finally, those frames are encoded
into bit stream to be transmitted through network medium. This process in which data
are delivered following the protocol suite from the top to the bottom and are added
with headers and tails is called encapsulation.
When Host B receives the bit stream, it sends it to its data link layer. The data link
layer removes the frame header and trailer, then passes the packet to the upper layer
- network layer. Then the network layer removes the IP header from the packet and
passes segment to the transport layer. In the similar way, the transport layer extracts
the original data and delivers it to the top layer, the application layer.
The process of encapsulation or de-capsulation is done layer by layer. Each layer of
the TCP/IP has to deal with data both from its upper and lower layers by adding or
deleting packet headers.
Physical layer mediums include coaxial cable, twisted pair, fiber and wireless radio.
Coaxial cable is an electrical cable consisting of a round conducting wire. The coaxial
cable can be grouped into thick coaxial cable and thin coaxial cable according to their
diameters. The thick coaxial cable is more suitable for large LANs since its
transmission distance is longer and it is more reliable. The thick coaxial cable does
not need to be cut but you must install transceiver for networks using thick coaxial
cable. The thin coaxial cable is easy to install and is much cheaper, but you need to
cut the thin coaxial cable and put basic network connectors (BNC) on its two sides
and then inserts the two sides into T-shape connectors when installing the cable. So
when there are many connectors, the safety is influenced.
Twisted pair is the most widely used cable, which is twisted by a pair of insulated
copper wires whose diameters are about 1mm. Twisted pair has two types: Shielded
Twisted Pair (STP)
Data link layer is the first logical layer of the physical layer. It encodes physical
address for terminals and help network devices decide whether to pass data to upper
layers along the protocol stack. It also points out which protocol the data should be
delivered to with some of its fields and at the same time, it provides functions like
sequencing and traffic control.
The data link layer has two sub-layers: Logical Link Control sub-layer (LLC) and
Media Access Control sub-layer (MAC) .
LLC lies between the network layer and the MAC sub-layer. This sub-layer is
responsible for identifying protocols and encapsulating data for transmission. The
LLC sub-layer performs most functions of the data link layer and some functions of
the network layer such as sending and receiving frames. When it sends a frame,
it adds the address and CRC to the original data. When it receives a frame, it takes
apart the frame and performs address identification and CRC. It also provides flow
control,
Data link layer protocols specify the frame encapsulation at the data link layer. A
common data link layer protocol for LANs is IEEE 802.2LLC.
Common data link layer protocols for WANs include High-level Data Link Control
(HDLC) , Point-to-Point Protocol (PPP) and Frame Relay (FR).
HDLC is a bit-oriented synchronous data link layer protocol developed by the ISO.
HDLC specifies data encapsulation for synchronous serial links with frame characters
and CRC.
PPP is defined by Request For Comment (RFC) 1661. PPP consists of the Link
Control Protocol (LCP) , the Network Control Protocol (NCP) and other PPP extended
protocol stacks. PPP is commonly used to act as a data link layer protocol for
connection over synchronous and asynchronous circuits and it supports multiple
network layer protocols. PPP is the default data link layer protocol for data
encapsulation of the serial ports of VRP routers. FR is a protocol conforming
As every person is given a name for identification, each network device is labeled
with a physical address, namely, the MAC address. The MAC address of a network
device is unique globally. A MAC address consists of 48 binary digits and is often
printed in hexadecimal digits for human use. The first six hexadecimal bits are
assigned to producers by IEEE and the last six bits are decided by producers
themselves. For example, the first six hexadecimal bits of the MAC address of
Huawei’s products is 0x00e0fc.
Network Interface Card (NIC) has a fixed MAC address. Most NIC producers burn the
MAC address of their products into the ROM. When an NIC is initialized, the MAC
address in the ROM is read into the RAM. When you insert a new NIC into a
computer, the physical address of the computer is replaced by the physical address
of the NIC.
However if you insert two NICs into your computer, then your computer may have two
MAC addresses, so a network device may have multiple MAC addresses.
The data link layer ensures that datagram are forwarded between devices on the
same network, while the network layer is responsible for forwarding packets from
source to destination across networks. The functions of the network layer can be
generalized as follows:
•Provide logical addresses for transmission across networks.
•Routing: to forward packets from one network to another.
The router is a common network device that works at the network layer. Routers
functions mainly for forwarding packets among networks. In the above figure,Host A
and Host B reside on different networks or links. When the router that resides on the
same network as Host A receives frames from Host A, the router passes those frames
to the network layer after it ensures that the frames should be sent to itself by
analyzing the frame header. Then the network layer checks where those frames
should go according to the destination address in the network layer header and later it
forwards those frames to the
Common network layer protocols include the Internet Protocol (IP) , the Internet
Control Message Protocol (ICMP) , the Address Resolution Protocol (ARP) and the
Reverse Address Resolution Protocol (RARP) .
IP is the most important one among the network layer protocols and its functions
represent the main functions of the network layer. The functions of IP include
providing logical address, routing and encapsulating or de-encapsulating packets.
ICMP, ARP and RARP facilitate IP to achieve the network layer functions.
ICMP is a management protocol and it provides information for IP. ICMP information
is carried by IP packets.
ARP maps an IP address to a hardware address, which is the standard method for
finding a host's hardware address when only its network layer address is known.
RARP maps a hardware address to an IP address, which means to get a host’s IP
address through its hardware address.
The network layer address we mentioned here refers to the IP address. The IP
address is a logical address instead of a hardware address. The hardware address
such as the MAC address, is burned on the NIC and it is for the communication
between devices that are on the same link. However, the IP address is used for
communication between devices on different networks.
An IP address is 4-byte long and is made up of the network address and the host
address. It is often presented in dotted decimal notation, for example, 10.8.2.48.
More information about the IP address will be introduced in later chapters.
The transport layer provides transparent transfer of data between hosts. It shields the
complexity of communications for the upper applications and is usually responsible
for end-to-end connection. The main functions of the transport layer involve:
• Encapsulate data received from the application layer and decapsulate data received
from the network layer.
• Create end-to-end connections to transmit data streams.
• Send data segments from one host to another, perform error recovery, flow control,
and ensure complete data transfer.
• Some of the transport layer protocols ensure data are transmitted correctly which
means data are not lost or changed during transmission and the order of data packets
remains the same when they are received at the end.
Transport layer protocols mainly include the Transmission Control Protocol (TCP) and
the User Datagram Protocol (UDP) .
Although TCP and UDP are both protocols of the transport layer, their contributions to
the application layer differ greatly.
TCP provides connection-oriented and reliable transmission. Connection-oriented
transmission means that applications which use TCP as their transport layer protocol
need to create a TCP connection before they exchange data.
TCP provides reliable transmission services for the upper layer through its
mechanisms of error detection, verification and reassembly. However, creating the
TCP connection and performing these mechanisms may bring a lot of extra efforts
and increase the cost.
UDP does not guarantee reliability or ordering in the way that TCP does. It provides a
simpler service that does not guarantee the reliability which means datagrams may
arrive out of order, appear duplicated, or go missing without notice. UDP focuses on
applications that require more on transmission efficiency such as SNMP and Radius.
The application layer has many protocols and the following protocols may help you
use and manage a TCP/IP network.
•File Transfer Protocol (FTP) is used to transfer data from one computer to another
over the Internet, or through a network. It is often used for interactive user sessions.
•Hypertext Transfer Protocol (HTTP) is a communication protocol used to transfer or
convey information on the World Wide Web.
•TELNET is used to transmit data that carries the Telnet control information. It
provides standards for interacting with terminal devices or terminal processing. Telnet
supports end-to-end connections and process-to-process distributed communications.
•Simple Message Transfer Protocol (SMTP) and Post Office Protocol 3 (POP3) are
for sending and receiving emails.
•DNS (Domain Name Server) translates a domain name to an IP
The above is a TCP data segment encapsulated in an IP packet. The TCP segment
consists of the TCP header and the TCP data. The maximum length of a TCP header
is 60 bytes. If there is not the Option field, normally, the header is 20-bytes long.
The structure of a TCP header is shown as in the above figure. We are going to
explain just some of it. For more details, please refer to the transport layer protocols.
•Source Port: Indicates the source port number. TCP allocates source port numbers
for every application.
•Destination Port: Indicates the destination port number.
•Sequence Number: Indicates the sequence number which labels TCP data streams.
•Port number is used to distinguish applications,80 means HTTP application,23 for
telnet,20 and 21 for ftp,53 for DNS.
•Ack Num: Indicates the acknowledgement sequence number.
The network layer adds the IP header to TCP datagram which it receives from the
transport layer. Usually, the IP header has a fixed length of 20 bytes which does not
include the IP options. The IP3838 header consists of the following fields:
•Version: indicates the version of the IP protocol. At present, the version is 4. The
version is 6 for the next generation IP protocol.
•IP header length is the number of 32-bit words forming the header including options.
Since it is a 4-bit field, its maximum length is 60 bytes.
•TOS: 8 bits. It consists of a 3-bit COS (Class of Service) field, a 4-bit TOS field and a
1-bit final bit. The 4 bits of the TOS field indicates the minimum delay, the
maximum throughput, the highest reliability and the minimum cost respectively.
•Total length: indicates the length of the whole IP packet
The physical layer has limitations on the length of frame it sends every time.
Whenever the network layer receives an IP datagram, it needs to decide which
interface the datagram should choose and check the MTU of that interface. IP uses a
technique called fragmentation to solve the problem of heterogeneous MTUs. When a
datagram is longer than the MTU of the network over which it must be sent, it is
divided into smaller fragments which are sent separately.
Fragmentation can be done on the source host or the intermediary router.
Fragments of an IP datagram are not reassembled until they arrive at the final
destination. The reassembly is performed by the IP layer at the destination.
Datagram can be fragmented for more than one time. The IP header provides enough
information for fragmentation and reassembly.
•Flags: 3 bits
The above is an example of an HTTP packet that is captured, which may facilitate
your understanding towards packet encapsulation. The bottom displays the actual
data and the top is information analyzed by the software.
This page illustrates data encapsulation at the data link layer. The encapsulation
format used here is Ethernet, which is mentioned earlier.
The figure above shows DMAC at the top and then comes SMAC and the type field is
listed at the bottom.
DMAC is 00d0: f838: 43cf
SMAC is 0011: 5b66: 6666
Type field value is 0x0800, which indicates that it is an IP packet.
This page illustrates data encapsulation at the network layer. An IP packet is made up
of two parts, the IP header and the IP data. As described previously, the IP header
consists of many fields. In the above example, the value of the version field is 4,
which indicates the packet is an IPv4 packet. The packet header is 20-byte long. The
protocol field is 0x06, which tells us that the packet to be encapsulated is a TCP
packet. The IP address of the source is 192.168.0.123 and the IP address of the
destination is 202.109.72.70.
This page illustrates data encapsulation at the transport layer. The transport layer
here uses TCP protocols. The source port number is a random number 3514 and the
destination port number is 80, which is the number assigned for the HTTP protocol.
So the datagram is from the source to visit the HTTP service of the destination host.