| technology | networking - David Zomaya
How to Read an OSI Model Chart
Understanding the Open Systems Interconnection (OSI) Model is an important aspect of IT. It comes up on several certification exams and can help you conceptualize how real-world applications work end-to-end.
Unfortunately, the OSI Model can also be a pain to learn. This is particularly true when you have limited hands-on experience to contextualize the model. The result is a topic that has proven challenging for more than a few aspiring IT pros.
You may be able to Google it to visualize the OSI Model chart. But it won't mean too much if you don't understand it.
CBT Nuggets trainer Keith Barker has a great 9-minute YouTube video on how the OSI Model works and how to use it.
Even those of us that did master the model at one point may need a refresher every now and then. To help, we've created this guide to help you understand each layer of the OSI Model.
Pick your OSI Model Mnemonic
Let's get this out of the way first: mnemonics won't lead to you mastering the topic, but they can be a useful memory device in a pinch. As long as you couple it with earnest effort, a mnemonic device can be a good way to complement your studies.
If you're a fan of mnemonics, you can join the long list of IT pros that have memorized one of these:
- All People Seem To Need Data Processing (OSI layers 7 to 1: Application, Presentation, Transport, Network, Data Link, Physical)
- Please Do Not Throw Sausage Pizza Away (OSI layers 1 to 7: Physical, Data Link, Network, Transport, Presentation, Application)
Or for some more colorful options, check out what the IT pros at /r/networking/ have used.
How to Read an OSI Model Chart from Layer 1 to 7
OSI model charts come in different shapes and sizes, but they all boil down to the seven layers of the OSI model in order. To gain an understanding of what the charts actually mean, it's helpful to focus on four things:
- What data unit is associated with each layer?
- What protocols are associated with each layer?
- What happens at each layer?
- What network devices are associated with each layer?
So, let's do just that for each layer of the OSI Model Chart below.
Three important points to keep in mind as we go:
Don't worry about memorizing every detail, focus on understanding the high-level concepts. Volumes can be written about specific layers of the OSI Model. At this point, though, don't get too bogged down in the specifics, understand the fundamentals first.
Many devices operate at multiple (or even all) layers of the OSI model. For example, your laptop may have apps running at Layer 7 and a network interface card (NIC) transmitting the ones and zeros at layer 1. Just like the first point, don't let this nuance confuse you, focus on the high-level concept.
Data encapsulation and de-encapsulation occur before data units move to the next layer. Each layer of the OSI model expects data to be in a certain standardized format. For everything to work together seamlessly, that means upper-level layers need to encapsulate data before sending it on down.
Encapsulation effectively means headers (or checksums) are slapped onto the payload data (a.k.a. user data) so networking devices know what to do with it. Conversely, lower-level layers need to de-encapsulate data on its way back up. De-encapsulation helps to ensure the data is readable by the time it reaches the user.
OSI Model Layer 1: Physical
The physical layer is where the "ones and zeros" are sent across copper or fiber cabling or radio waves like Wi-Fi signals. Devices here convert frames to bits and vice versa.
What data unit is associated with the physical layer? Bits. Ones and zeros transported over a physical medium.
What protocols are associated with the physical layer? Ethernet, Bluetooth, 802.11 (WiFi), SONET, T-carrier links (e.g. T1 and T3), and OTN.
What happens at the physical layer? Frames from the data link layer are converted to bits to be transported across a physical medium (e.g. a cable) to another network. Once they reach their destination, the bits are converted back to frames to work their way back up the rest of the layers.
What network devices are associated with the physical layer? Cabling, hubs, repeaters, wireless access points, and patch panels.
OSI Model Layer 2: Data Link
The data link layer consists of two sublayers: the logical link control (LLC) and media access control (MAC) layers. The LLC layer handles flow control and error checking while the MAC layer determines what devices can send and receive data.
Frames are the data unit of Layer 2. That means bits from Layer 1 and packets from Layer 3 are converted to and from frames here.
MAC addresses, Layer 2 switching for LANs & WANs, and VLANs are some of the common Layer 2 concepts that come up regularly in day-to-day IT work.
What data unit is associated with the data link layer? Frames. The frames at Layer 2 include information such as:
- Preamble: This is a special series of zeros and ones that identifies the start of a frame. The idea here is that since this will never be seen in the middle of a frame, devices can reliably identify where they start.
- Ethernet header: Includes the source and destination MAC addresses as well as a type. The type value lets us know what higher-level protocol we're dealing with. In most common cases, the type is IP.
- Data: 46-1500 bytes of payload data. This is the data we're trying to deliver to the end user. If the payload is under 46 bytes, dummy data is added to the frame. The process of adding this dummy data is known as "padding."
- FCS: The frame check sequence (FCS) is an algorithm, specifically a cyclic redundancy check (CRC), used for error detection.
What protocols are associated with the data link layer? PPP, Ethernet (e.g. collision detection like CSMA/CD), Frame Relay, STP, ATM, ARP, and HDLC.
What happens at the data link layer? Bits from the physical layer are converted to/from frames between Layer 1 and Layer 2. Packets are converted to/from frames between Layer 2 and Layer 3. MAC addresses are used to identify nodes.
What network devices are associated with the data link layer? "Layer 2" switches, network interface cards (NICs), and modems.
Pro tip: MAC addresses are a Layer 2 concept, and IP addresses are a Layer 3 concept. Understanding the difference between a Layer 2 switch and a router, basically comes down to that. Layer 2 switches deal with MAC addresses. Routers operate at Layer 3 and deal with IP addresses. With all the attention paid to Layer 2 and Layer 3 on modern networks, understanding this concept is important.
OSI Model Layer 3: Network
Things begin to get even more interesting at Layer 3. This is where routers (or Layer 3 switches), IP addresses, and subnetting come into play. At Layer 3, devices know the address of other networks, which makes the Internet possible. If a destination isn't on the current network, Layer 3 routing helps get the data sent to the right "next hop."
The big takeaway of the network layer is simple: it determines what network traffic should be sent to, and the best path to get there.
What data unit is associated with the network layer? Frames. The IP header is the important addition here. The IP header, in addition to source and destination addresses, includes a protocol version, time to live (TTL), options, flags, and identification bits used to help reassemble packets.
What protocols are associated with the network layer? IPv4, IPv6, ICMP (what ping uses), and IPsec.
What happens at the network layer? Routing devices determine the best path for network traffic. Between the data link layer and the network layer, frames are transformed to, or from, packets. Similarly, between the transport layer and the network layer, packets are transformed to or from segments or datagrams.
What network devices are associated with the network layer? Routers (Layer 3 switches)
Struggling with the difference between VLANs and subnets? Check out our "Subnet vs VLAN: What's the Difference?" article.
OSI Model Layer 4: Transport
In simple terms: Layer 4 is responsible for establishing end-to-end connections between network nodes. It's also where port numbers are specified.
While they are not the only transport layer protocols, the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) are two of the most common. To avoid getting mired in details, just remember: TCP uses acknowledgments and is therefore more reliable than UDP, while UDP doesn't use acknowledgements and is therefore faster than TCP. Another common way to describe TCP is connection-oriented while UDP is connectionless.
What data unit is associated with the transport layer? Segments for TCP. Datagrams for UDP. The encapsulation associated with the transport layer is the TCP or UDP headers used to describe the TCP or UDP connection.
What protocols are associated with the transport layer? TCP and UDP.
What happens at the transport layer? At Layer 4, end-to-end connections are established. Flow control, error-checking, and multiplexing can also occur at Layer 4. Between Layer 3 and Layer 4, packets are transformed to or from segments or datagrams. Between Layer 4 and Layer 5, segments or datagrams are transformed to or from protocol data units (PDUs).
What network devices are associated with the transport layer? Load balancers and firewalls.
OSI Model Layer 5: Session
Now that we have reached Layer 5, we won't be adding any more specific encapsulation or headers to data. From here to Layer 7, we're dealing with "upper layer data" or simply "data." The lines between layers 5 through 7 can get kind of fuzzy. In fact, another popular model, the TCP/IP model, even groups them together as a single "Application Layer."
That means what protocols apply to what layers, particularly for layers 5 and 6, can be a grey area. For example, some claim SSL and TLS encryption occur at Layer 5 while others say it's Layer 6.
As the name implies, the session layer is all about establishing and tearing down sessions. This gets murky because with TCP there is already a concept of "sessions" and those are what often get used in the real world. That being said, remote procedure calls (RPCs) are one example where you may run into the session layer in the wild.
What data unit is associated with the session layer? Data. We're done with adding specific network headers from here on out.
What protocols are associated with the session layer? SSL & TLS (arguably), SDP, SOCKS, PPTP, RPC, NetBIOS, and PAP.
What happens at the session layer? Sessions are established and torn down. Data may be transformed to or from segments or datagrams as it makes its way to the transport layer.
What network devices are associated with the session layer? Servers and computers
OSI Model Layer 6: Presentation
Layer 6 deals with the way data is formatted or presented, it is also known as the syntax layer. This means concepts like ASCII encoding for text, encoding images as JPEG files, formatting data structures using XML, encryption/decryption, and compression/decompression happen here.
What data unit is associated with the session layer? Data.
What protocols are associated with the presentation layer? SSL & TLS (arguably)
What happens at the presentation layer? Data is encrypted/decrypted, compressed, structured, and/or encoded/decoded before being passed up to Layer 7 or down to Layer 5.
What network devices are associated with the presentation layer? Servers and computers
OSI Model Layer 7: Application
The application layer in the OSI model is about the protocols that users interface with. That ends up being broad in scope. Protocols related to everything from email (SMTP, IMAP, and POP), to web browsing (HTTP and HTTPS), to IP address assignment (DHCP), to file transfer (FTP and TFTP), to text-based server administration (SSH), to authentication (LDAP) all reside at Layer 7.
What data unit is associated with the session layer? Data.
What protocols are associated with the presentation layer? SMTP, Telnet, HTTP(S), DHCP, FTP, SNMP, SSH, NTP, and LDAP
What happens at the presentation layer? Users and devices interface with data sent between source and destination systems.
What network devices are associated with the presentation layer? Servers, computers, load balancers, and Layer 7 firewalls
Final Thoughts: Don't Overthink It
There is a lot going on in the OSI model and it isn't hard to get confused. Try not to overthink it. In practice it isn't a perfect fit for what happens in the real-world anyway. It is just a useful conceptual model.
If nothing else has helped, start with this simple way of thinking about it:
- Layer 1: Cables & electronic signals
- Layer 2: Switches & MAC addresses
- Layer 3: Routers & IP addresses
- Layer 4: Ports & Firewalls
- Layers 5-7: Computers & applications
And then layer in (forgive the pun) more detail as you go.