🪶 OSI Model Walkthrough


This model provides a framework to understand networks, and the activity that occurs within them. It is great for understanding what we know as the internet; an open system of interconnection. The model has seven layers, and we follow it top to bottom and bottom to top. Different protocols are at different layers for different types of data transfer. I enjoy charts, maps, and visualizations of the like, so when I found a chart that was summarized by "this is how the internet works" I became enthralled.

Generalist Perspective

Each computerized device is considered a node if it is connected to a network. Nodes are connected through links (wired or wireless). When they talk to one another, they use protocols. These are pretty much a set of rules that give order and allow nodes to talk. If you're interested in why, or how the protocols are chosen check out the Internet Engineering Task Force (IETF) and read about the protocol wars for some entertainment and background.

The types of protocols vary, but resemble the rules of a road. What is the speed limit? Does the road have a double yellow or a white dashed line? What side do I drive on?

However, human error does not frequent protocols as much as it does the road. With that in mind let us begin.

1. Physical Layer

If you are learning programming and keep asking the question of where you will ultimately find yourself here. The most complex layer of them all! Check out this map of the submarine cables that connect the world. The part of the physical layer I find most interesting is that you are playing with the speed of light. It is also the most crucial to security, as this book explains.

If something is wrong at layer 1, nothing on layers 2-7 will work. Same goes for activity, if you have access to the activity on layer 1, you have access to the activity on layer 2-7. There are so many things to account for here, but this is a general walkthrough. So when you think of the physical layer, understand that it defines the means by which bits are transmitted over a network. The unit of data at this layer is called the bit.

A bit is either a 0 or a 1. It’s the smallest unit of data that is transmittable digitally.

The requests for bits come from the next layer, the data link layer.

The data link layer is responsible for the correct transfer of data between nodes. By correct, we mean it follows a protocol. The unit of data at this level is frames. Frames can have a fixed-size or a variable-size. In each, the limits of the frame need to be defined. These are know as frame delimiters.

In fixed-sized framing it is already defined with the frame itself being fixed. In variable sized-framing, there are two ways to define the delimiters.

The length field is one way to define the delimiter. It is used to define the size of the frame.

The end delimiter is another way. A pattern is used to determine the size of the frame.

Frames have 4 parts.

  1. Frame header - Contains the source and destination addresses of the frame.

  2. Payload field - Contains the message to be delivered. Sometimes encrypted, sometimes not.

  3. Trailer - Contains the error detection and error correction bits.

  4. Flag - Marks the beginning and the end of the frame.

What does that mean?

IP (Internet Protocol) addresses identify a network interface, as well as location. The MAC (media access control) is an address that every computer has. If it does not have a MAC address it cannot be transferred information on a network. Think of it as the license plate of a car.

3. Network Layer

The network layer is responsible for routing data packets between different networks. It is also responsible for addressing and forwarding packets to their intended destinations. The unit data at this layer is called a packet.

It is like a GPS for your data. It determines the most efficient path for data to travel from one network to another.

Using IP addresses to identify different networks and routers to forward packets along the way, it also uses OSPF and BGP to determine the best path for a packet to take based on factors such as network congestion and the speed of different connections.

What does that mean?

OSPF (Open Shortest Path First): This is how the most efficient path between source and destination is found. If you'd like to find out how, you can find it here.

BGP (Border Gateway Protocol): Sometimes referred to as the postal service for the internet. When someone drops a letter into a mailbox, the Postal Service processes that piece of mail and chooses a fast, efficient route to deliver that letter to its recipient. Similarly, when someone submits data via the Internet, BGP is responsible for looking at all of the available paths that data could travel and picking the best route, which usually means hopping between autonomous systems.1

4. Transport Layer

The transport layer is responsible for the data transfer between end systems (ie. computer and a web server). It ensures that data is delivered in the correct order, without errors, and without duplicates. The unit of data at this layer is called a segment.

Like a delivery truck, it makes sure your package is delivered to the correct address, on time, and in good condition. It uses port numbers to identify different applications running on a computer, and it provides end-to-end flow control and error recovery mechanisms to ensure reliable data transfer. These are some of the reasons why it is known as the heart of the OSI model.

Two of the most common transport layer protocols are TCP and UDP. TCP provides reliable data transfer, while UDP is faster but does not guarantee as reliable of a delivery.

What does that mean?

TCP (Transmission Control Protocol): A core part of the Internet Protocol (IP) that is used to transmit data over the internet. Used for web browsing, file transfers, and other applications that require reliable, ordered data transmission. It uses a 3 way handshake to establish connection, flow control, and error recovery.

UDP (User Datagram Protocol): The protocol used for video streaming, online gaming, and the like. UDP makes no guarantee that packets are delivered in the same order they were sent, unlike TCP. It has less overhead, and makes it ideal for fast, low-latency transmission.

5. Session Layer

It is worth noting that in the IP/TCP model layers 5-7 are rolled into one, the application layer. These 3 layers are implemented in the network itself.

The session layer is responsible for establishing, maintaining, and terminating sessions between applications running on different computers. It allows multiple applications to communicate with each other simultaneously and ensures that data is delivered securely. The unit of data at this layer is called a message.

Serving as a virtual meeting room where different applications can meet and communicate with each other. It provides services such as authentication, encryption, and access control to ensure that only authorized applications can participate in a session.

6. Presentation Layer

The presentation layer is responsible for ensuring that data is presented in a format that is understandable by the application layer. It is responsible for data encryption, compression, and conversation between different data formats. The unit at this layer is called a data stream.

Think of the presentation layer as a translator. It takes the data that the network can understand, and turns it into data that the application can understand. If you like miracles, compression is one of them. JPEG & IMG as image compression, MP3 for audio, and even DNA compression2 have allowed various domains of information to be stored and transferred across global networks.

7. Application Layer

The application layer is the layer that interacts directly with the end-user. It provides services such as email, file transfer, and web browsing.

It is the store front, the place where the user interacts with the network.


This model started it all for me. It gave me a visual understanding of how the internet works from the ground up. I hope this gave some understanding and maybe you learned a thing or two. I mostly wrote this as an exercise for communicating concepts in an understandable manner, hence the analogies.



#writing #infosec