L1, L2 vs L3: What's the Difference?
When studying for network certification exams such as CompTIA Network+, a deep understanding of all of the OSI layers is crucial to your success. Layers 1 through 3 specifically are pivotal but often ignored; they can be convoluted.
An important thing to understand is that each protocol implements these layers in nuanced ways. It is easiest to understand them in terms of how each specific protocol has implemented them. Let’s take a brief look at Layers 1 through 3 of the OSI model — and how they work with different elements of networks.
Layer 1: Physical Layer
Layer 1 is fairly easy to understand. It covers the physical aspects of networking, and is the lowest and most physical “rocks and blocks” layer of the model. Wiring standards play an important role in this layer such as T568A and B for Ethernet, or which radio frequencies to use for Wi-Fi. Some protocols operate in multiple layers. Ethernet is an example. In Layer 1, it utilizes physical cabling and radio frequency standards along with the conversion of data to bits. We will talk more later about its presence and operation in Layer 2.
Layer 1 Data
Data at this layer is simply bits sent across a wire, many many zeros and ones. The argument could be made that all computer data is stored in bits and, ultimately, it is. This is the network layer where that happens so that it can be transmitted somewhere else.
Layer 1 Equipment
The type of equipment involved in Layer 1 uses little to no logic when operating: copper ethernet cables, fiber optic cables, and ethernet hubs. This is not only limited to physical cables though. The physical transmission aspects of Wi-Fi, Bluetooth, Microwave, and other over the air technologies fall under this layer.
An easy-to-understand non-network example of this is electricity. For the most part you simply plug your appliance into the outlet and power is delivered. In the OSI model, swap out power with data.
Layer 2: Data Link Layer
Layer 2 is where many students get hung up when learning networking basics. Most people understand that MAC addresses exist at Layer 2, but other than that, why does this layer exist? This layer is primarily involved in transmitting data from one specific node to another. These nodes are usually directly connected, whether that’s via LAN, WAN or MAN.
Two sublayers exist here, which is where the confusion can set in. Those are Medium Access Control (MAC) and Logical Link Control (LLC). It is important to understand that each protocol implements its lower layers differently. Ethernet follows IEEE 802 and allows for variable sized data, while protocols like ATM (Asynchronous Transfer Mode) have fixed 53 bytes of data that it calls “cells.”
In ethernet, Virtual LAN (VLAN) is an important technology implemented here. VLANs help split up broadcast domains by allowing you to segment devices to their own dedicated LAN. When combining VLANs over a single port, they are differentiated with a VLAN header. 802.1Q is the standard today; Cisco’s proprietary ISL was another before 802.1Q was the standard.
Layer 2 Data
Data at this layer is referred to as a frame. Frames have basic data in them such as a source address and a destination address as well as payload. That basic data is often referred to as a header, a type of metadata. The protocol “Frame Relay” gets its name from operating at this layer.
Layer 2 Equipment
Equipment at this layer is a little more intelligent and consists of switches, bridges, and network cards. It can use the headers of the packet to determine exactly where it goes. A switch can read the destination MAC address and forward it directly to the specific port the MAC address is plugged into. On the contrary, a hub simply broadcasts traffic to all ports because it does not operate at Layer 2 and therefore does not have this intelligence.
Layer 2A – Medium Access Control
Medium Access Control entails quite a few important functions. Carrier Sense Multiple Access with Collision Detection (CSMA/CD) is a mechanism ethernet uses to help deal with collisions on half duplex networks. Today, with Gigabit Ethernet and higher, there is virtually no half duplex and therefore no need to do this.
With that said, sometimes speed and duplex negotiation can go wrong for a number of reasons and fall back to half duplex. Wi-Fi networks tend to use a different but similar protocol (CSMA/CA) which is Collision Avoidance. Media Access Control (MAC) Address materializes here as well to provide a unique address for each endpoint on the Layer 2 topology.
Layer 2B – Logical Link Control
One of LLC’s main features is that it is a helper layer to assist between Layer 2’s MAC and Layer 3. It does this by providing mechanisms for multiplexing Layer 3 Protocols. This is a fancy way of saying it helps facilitate the ability for multiple Layer 3 protocols to be used simultaneously over the same medium.
Internet Protocol (IP) currently is the predominant Layer 3 protocol, but it is not the only one. Flow control and error handling at this layer are not used by ethernet. Other protocols like X.25 do, in fact, implement it here.
Layer 3: Network Layer
The network layer may be the one most people are most exposed to. It is hard to come across any IT professional who has not heard of an IP address. The “IP” in TCP/IP is a Layer 3 protocol. IPX was a very popular Layer 3 protocol within the IPX/SPX protocol group in NetWare’s heyday.
The network layer provides a logical address of an endpoint. Layer 2 addresses are typically automatically generated by the vendor during the manufacturing process. But layer 3 addresses are usually configured. This could be a static IP configuration or a DHCP automated configuration.
Layer 3 Data
Data at this layer is referred to as a packet, which is a stateless grouping of data. Devices that forward packets do not validate that the other end receives the data. Instead, devices leave it to higher layer protocols to implement — should they choose. For example, in the case of Layer 4 protocol TCP, it does. Layer 4 protocol, UDP, however, does not.
Layer 3 Equipment
Routers are the common equipment used at this layer but there are many others. Layer 3 switches are also very common. Those are essentially Layer 2 switches with a router built into the backplane for speed. Firewalls, while able to operate at higher layers, can operate purely at this layer. Earlier versions of firewalls were not stateful and often used static filtering at Layer 3.
L1, L2 vs L3: What’s the Difference?
This can be a lot to take in and digest. To sum it up though, Layer 3 packets carry payloads from higher layer protocols that are ultimately generated from applications like web browsers and email clients. At Layer 3, the source and destinations could be very far from the location of the traffic.
The packets are like passengers on a flight. Their departure could have been at one end of the country and arrival at the other end — but their current position somewhere in between with layovers along the way. Along each hop, this packet is encapsulated and decapsulated with a frame header. Usually the source and destination of these frames have adjacency with each other which means direct connectivity.
At each node, it receives bits over a wire (or air) and converts that into a frame and climbs up the OSI layers. After processing, it is time to send to the next node and it goes back down the OSI layers. The frames are broken down into bits and transmitted over wires to the next hop. All of the OSI model works in this encapsulation and decapsulation process.
Explore networking fundamentals further with a wide range of training from CBT Nuggets, including courses that map to both CompTIA and Cisco networking certification exams.