The OSI reference model illustrates the networking process as divided into seven layers. This theoretical construct makes it easier to learn and understand the concepts involved. At the top of the model is the application that requires access to a resource on the network, and at the bottom is the network medium itself. As data moves down through the layers of the model, the various protocols operating there prepare and package it for transmission over the network. Once the data arrives at its destination, it moves up through the layers on the receiving system, where the same protocols perform the same process in reverse.
In 1983, the International Organization for Standardization (ISO) and what is now the Telecommunication Standardization Sector of the International Telecommunication Union (ITU-T) published a document called "The Basic Reference Model for Open Systems Interconnection." The model described in that document divides a computer's networking functions into seven layers, as shown in Figure 1.7. Originally, this seven-layer structure was to be the model for a new protocol stack, but this never materialized in a commercial form. Instead, the OSI model has come to be used with the existing network protocols as a teaching and reference tool.
Figure 1.7 The OSI reference model
Most of the protocols commonly used today predate the OSI model, so they don't conform exactly to the seven-layer structure. In most cases, single protocols combine the functions of two or more of the layers in the model, and the boundaries between protocols often don't exactly conform to the model's layer boundaries. However, the model remains an excellent tool for studying the networking process, and professionals frequently make reference to functions and protocols associated with specific layers.
The primary interaction between the protocols operating at the various layers of the OSI model takes the form of each protocol adding headers (and in one case, a footer) to the information it receives from the layer above it. For example, when an application generates a request for a network resource, it passes the request down through the protocol stack. When the request reaches the transport layer, the transport layer protocol adds its own header to the request. The header consists of fields containing information that is specific to the functions of that protocol, and the original request becomes the data field, or payload, for the transport layer protocol.
The transport layer protocol, after adding its header, passes the request down to the network layer. The network layer protocol then adds its own header in front of the transport layer protocol's header. The original request and the transport layer protocol header thus become the payload for the network layer protocol. This entire construct then becomes the payload for the data-link layer protocol, which typically adds both a header and a footer. The final product, a packet, is then ready for transmission over the network. After the packet reaches its destination, the entire process is repeated in reverse. The protocol at each successive layer of the stack (traveling upward this time) processes and removes the header applied by its equivalent protocol in the transmitting system. When the process is complete, the original request arrives at the application for which it was destined in the same condition as when it was generated.
Data encapsulation is the process by which the protocols add their headers and footer to the request generated by the application (see Figure 1.8). The procedure is functionally similar to the process of preparing a letter for mailing. The application request is the letter itself, and the protocol headers represent the process of putting the letter into an envelope, addressing it, stamping it, and mailing it.
Figure 1.8 As data travels down through the protocol stack, it is encapsulated by the protocols operating at the various layers
Run the DataEncapsulation video located in the Demos folder on the CD-ROM accompanying this book for a demonstration of the data encapsulation process.
The functions of the OSI model layers are covered in the following sections.
The physical layer, at the bottom of the OSI model, is, as the name implies, the layer that defines the nature of the network's hardware elements, such as what medium the network uses, how the network is installed, and the nature of the signals used to transmit binary data over the network. The physical layer also defines what kind of network interface adapter must be installed in each computer and what kind of hubs (if any) to use. Physical layer options include various types of copper or fiber optic cable, as well as many different wireless solutions. In the case of a LAN, the physical layer specifications are directly related to the data-link layer protocol used by the network. When you select a data-link layer protocol, you must use one of the physical layer specifications supported by that protocol.
For example, Ethernet is a data-link layer protocol that supports several different physical layer options. You can use one of two types of coaxial cable with Ethernet, any one of several types of twisted pair cable, or fiber optic cable. The specifications for each of these options include a great deal of detailed information about the physical layer requirements, such as the exact type of cable and connectors to use, how long the cables can be, how many hubs you can have, and many other factors. These specific conditions are required for the protocol to function properly. A cable segment that is too long, for example, can prevent an Ethernet system from detecting packet collisions. When the system can't detect errors, it can't correct them, and data is lost.
Some aspects of the physical layer are defined in the data-link layer protocol standard, but others are defined in separate specifications. One of the most commonly used physical layer specifications is the "Commercial Building Telecommunications Cabling Standard," published jointly by the American National Standards Institute (ANSI), the Electronics Industry Association (EIA), and the Telecommunications Industry Association (TIA) as EIA/TIA 568A. This document includes detailed specifications for installing cables for data networks in a commercial environment, including the required distances from sources of electromagnetic interference and other general cabling policies. In most cases, large network cabling jobs are outsourced to specialized contractors, and any such contractor you hire for a LAN cabling job should be intimately familiar with EIA/TIA 568A and other such documents, including your local building codes.
The other communications element found at the physical layer is the particular type of signaling used to transmit data over the network medium. For copper-based cables, these signals are electrical charges. For fiber optic cables, the signals are pulses of light. Other types of network media can use radio frequencies, infrared pulses, and other types of signals. In addition to the physical nature of the signals, the physical layer dictates the signaling scheme that the computers use.The signaling scheme is the pattern of electrical charges or light pulses used to encode the binary data generated by the upper layers. Ethernet systems use a signaling scheme called Manchester encoding, and Token Ring systems use a scheme called Differential Manchester.
The protocol at the data-link layer is the conduit between the computer's networking hardware and its networking software. Network layer protocols pass their outgoing data down to the data-link layer protocol, which packages it for transmission over the network. When the other systems on the network receive the transmitted data, their data-link layer protocols process it and pass it up to the network layer.
When it comes to designing and building a LAN, the data-link layer protocol you choose is the single most important factor in determining what hardware you buy and how you install it. To implement a data-link layer protocol, you need the following hardware and software:
Network interface adapters and hubs are both designed for specific data-link layer protocols and are not interchangeable with products for other protocols. Some network cables are protocol-specific, whereas others can be used withvarious protocols.
By far the most popular data-link layer LAN protocol in use today (and throughout the history of the LAN) is Ethernet. Token Ring is a distant second, followed by other protocols such as the Fiber Distributed Data Interface (FDDI). Data-link layer protocol specifications typically include the following three basic elements:
These three components are discussed in the following sections.
The data-link layer protocol encapsulates the data it receives from the network layer protocol by adding a header and footer to it, forming what is called a frame (see Figure 1.9). Using the mail analogy given earlier, the header and footer are the equivalent of the envelope that you use to mail a letter. They contain theaddress of the system sending the packet and the address of its destination system. For LAN protocols like Ethernet and Token Ring, these addresses are 6-byte hexadecimal strings assigned to network interface adapters by their manufacturers. The addresses are referred to as hardware addresses or Media Access Control (MAC) addresses, to distinguish them from addresses used at other layers of the OSI model.
Figure 1.9 A typical data-link layer protocol frame contains source and destination address fields, a network layer protocol identifier, and error detection information
Protocols operating at different layers of the OSI model have different names for the data structures they create by adding a header to the data theyreceive from the layer above. What the data-link layer protocol calls a "frame," for example, the network layer protocol calls a "datagram." "Packet" is a more generic term for the unit of data created at any layer.
It is important to understand that data-link layer protocols are limited to communications with computers on the same LAN. The hardware address in the header always refers to a computer on the same local network, even if the data's ultimate destination is a system on another network.
The other primary functions of the data-link layer frame are to identify the network layer protocol that generated the data in the packet and to provide errordetection information. A computer can use multiple protocols at the network layer, and the data-link layer protocol frame usually contains a code that specifies which network layer protocol generated the data in the packet so that the data-link layer protocol on the receiving system can pass the data to the appropriate protocol at its own network layer.
The error detection information takes the form of a cyclical redundancy check (CRC) computation performed on the payload data by the transmitting system, the results of which are included in the frame's footer. On receiving the packet, the receiving system performs the same computation and compares its results to those in the footer. If the results match, the data has been transmitted successfully. If they do not, the receiving system assumes that the packet is corrupted and discards it.
The computers on a LAN usually share a common half-duplex network medium, making it possible for two computers to transmit data at the same time. When this happens, a packet collision is said to occur, and the data in both packets is lost. One of the main functions of the data-link layer protocol in this type of network is to provide a mechanism that regulates access to the network medium. This mechanism, called a MAC mechanism, provides each computer with an equal opportunity to transmit its data while minimizing the occurrence of packet collisions.
The MAC mechanism is one of the primary defining characteristics of a data-link layer protocol. Ethernet uses a MAC mechanism called Carrier Sense Multiple Access with Collision Detection (CSMA/CD). Several other protocols, including Token Ring, use a scheme called token passing.
For more information about specific MAC mechanisms, see Chapter 5, "Data-Link Layer Protocols."
The data-link layer protocols used on LANs often support more than one network medium, and the protocol standard includes one or more physical layer specifications. The data-link layer and physical layer are closely related, because the characteristics of the network medium have a profound effect on the functionality of the protocol's MAC mechanism. For this reason, you can say that the data-link layer protocols used on a LAN also encompass the functions of the physical layer. There are other data-link layer protocols used for WAN links, however, such as the Serial Line Internet Protocol (SLIP) and the Point-to-Point Protocol (PPP), which do not include physical layer information.
At first glance, the network layer seems to duplicate some of the functions ofthe data-link layer. This is not so, however, because network layer protocols are responsible for end-to-end communications, whereas data-link layer protocols function only on the local LAN. To say that network layer protocols are responsible for end-to-end communications means that the network layer protocol is responsible for a packet's complete journey from the system that created it to its final destination. Depending on the nature of the network, the source and destination systems can be on the same LAN, on different LANs in the same building, or on LANs separated by thousands of miles. When you connect to a server on the Internet, for example, the packets your computer creates may pass through dozens of different networks before reaching their destination. The data-link layer protocol may change many times to accommodate those dozens of networks, but the network layer protocol remains intact throughout the trip.
The Internet Protocol (IP) is the cornerstone of the Transmission ControlProtocol/Internet Protocol (TCP/IP) suite, and the most commonly used network layer protocol. Novell NetWare has its own network layer protocol, called Internetwork Packet Exchange (IPX), and the NetBIOS Enhanced User Interface (NetBEUI) protocol is often used on small Microsoft Windows networks. Most of the functions attributed to the network layer are based on the capabilities of IP.
Like the data-link layer protocol, the network layer protocol applies a header to the data it receives from the layer above it, as shown in Figure 1.10. The unit of data created by the network layer protocol, which consists of the transport layer data plus the network header, is called a datagram.
Figure 1.10 The network layer protocol packages transport layer information into a datagram
The functions associated with the network layer are discussed in the following sections.
The network layer protocol header contains source address and destinationaddress fields, just as the data-link layer protocol does. However, in this case, the destination address is the packet's final destination, which may be different from the data-link layer protocol header's destination address. For example, when you type the address of a Web site in your browser, the packet your system generates contains the address of the Web server as its network layer destination, but the data-link layer destination is the address of the router on your LAN that provides you with Internet access.
IP has its own addressing system that is completely separate from the data-link layer addresses. Each computer on an IP network is assigned a 32-bit IP address by an administrator or an automated service. This address identifies both thenetwork on which the computer is located and the computer itself, so that one address can uniquely identify any computer. IPX, on the other hand, uses a separate address to identify the network on which a computer is located and uses the hardware address to identify a computer on the network. NetBEUI identifies computers using a NetBIOS name assigned to each system during its installation.
Network layer datagrams may have to pass through many different networks on the way to their destinations, and the data-link layer protocols that the datagrams encounter can have different properties and limitations. One of these limitations is the maximum packet size permitted by the protocol. For example, Token Ring frames can be as large as 4500 bytes, but Ethernet frames are limited to 1500 bytes. When a large datagram that originated on a Token Ring network is routed to an Ethernet network, the network layer protocol must split it into pieces no larger than 1500 bytes each. This process is called fragmentation.
During the fragmentation process, the network layer protocol splits the datagram into as many pieces as necessary to make them small enough for transmission using the data-link layer protocol. Each fragment becomes a packet in itself that continues the journey to the network layer destination. The fragments are notreassembled until all of the packets that make up the datagram reach the destination system. In some cases, datagrams may be fragmented, and their fragments may be fragmented again repeatedly before reaching their destination.
Routing is the process of directing a datagram from its source, through an internetwork, and to its ultimate destination using the most efficient path possible. On complex internetworks such as the Internet or a large corporate network, there are often many possible routes to a given destination. Network designers deliberately create redundant links so that, if one of the routers on the network fails, traffic can still find its way to its destination.
Routers connect the individual LANs that make up an internetwork. The function of a router is to receive incoming traffic from one network and transmit it to a particular destination on another network. There are two types of systems involved in internetwork communications, end systems and intermediate systems. End systems are the source of individual packets and also their ultimate destination. Routers are the intermediate systems. End systems utilize all seven layers of the OSI model, whereas packets arriving at intermediate systems rise only as high as the network layer. The router then processes the packet and sends it back down through the stack to be transmitted to its next destination, as shown in Figure 1.11.
To properly direct a packet to its destination, routers maintain information about the network in tables that they store in memory. The information in the tables can be either supplied manually by an administrator or gathered automatically from other routers using specialized routing protocols. A typical routing table entry specifies the address of another network and the router that packets should use to get to that network. Routing table entries also contain a metric that indicates the comparative efficiency of that particular route. If there are two or more routes to a particular destination, the router selects the more efficient one and passes the datagram down to the data-link layer for transmission to the router specified in the table entry. On large networks, routing can be an extraordinarily complicated process, but most of it is automated and invisible to the average user.
Figure 1.11 The network layer protocol in a router is responsible for accepting incoming packets and transmitting them to the next stop on their journey
Just as the data-link layer header specifies the network layer protocol that generates the data that it transports, the network layer header identifies the transport layer protocol from which it receives the data that it carries. With this information, the receiving system can pass the incoming datagrams to the correct transport layer protocol.
The transport layer protocols provide services that complement those provided by the network layer. The transport and network layer protocols used to transmit data are often thought of as a matched pair, as seen in the case of TCP/IP. These protocols include TCP, which runs at the transport layer, plus IP, which runs at the network layer. Most protocol suites provide two or more transport layer protocols that provide different levels of service. The alternative to TCP is the User Datagram Protocol (UDP). The IPX protocol suite also provides a choice between transport layer protocols, including the NetWare Core Protocol (NCP) and Sequenced Packet Exchange (SPX).
The difference between the protocols provided at the transport layer within aparticular protocol suite is that some are connection-oriented and some are connectionless. A connection-oriented protocol is one in which the twocommunicating systems exchange messages to establish a connection before they transmit any application data. This ensures that the systems are both active and ready to exchange messages. TCP, for example, is a connection-oriented protocol. When you use a Web browser to connect to an Internet server, the browser and the server first perform what is known as a three-way handshake to establish the connection. Only then does the browser transmit the address of the desired Web page to the server. When the data transmission is completed, the systems perform a similar handshake to break down the connection.
Connection-oriented protocols also provide additional services such as packet acknowledgment, data segmentation, flow control, and end-to-end error detection and correction. Systems generally use this type of protocol to transmit relatively large amounts of information that can't tolerate even a single bit error, such as data or program files, and these services ensure the correct transmission of the data. Because of these services, connection-oriented protocols are often said to be reliable, used here as a technical term that refers to the fact that each packet transmitted using the protocol has been acknowledged by the recipient and verified as having been transmitted without error. The drawback of this type of protocol is that it greatly increases the amount of control data exchanged by the two systems. In addition to the extra messages needed to establish and terminate the connection, the header applied by a connection-oriented protocol is substantially larger than that of a connectionless one. In the case of the TCP/IP transport layer protocols, TCP uses a 20-byte header and UDP uses only an 8-byte one.
A connectionless protocol is one in which there is no preliminary communication between the two systems before the transmission of application data. The sender simply transmits its data to the destination without knowing if the system is ready to receive data, or even if the system exists. Systems generally use connectionless protocols, such as UDP, for brief transactions that consist only of single requests and responses. The response from the recipient functions as a tacit acknowledgment of the transmission.
Connection-oriented and connectionless protocols are not limited to the transport layer. Network layer protocols are usually connectionless, for example, because they leave the reliability functions to the transport layer.
Transport layer protocols typically provide a path through the layers above, just as network and data-link layer protocols do. The headers for both TCP and UDP, for example, include port numbers that identify the applications from which the packet originated and for which it is destined.
The session layer is the point at which the actual protocols used on networksbegin to differ substantially from the OSI model. There are no separate session layer protocols as there are at the lower layers. Session layer functions areinstead integrated into other protocols that also include presentation and application layer functions. The transport, network, data-link, and physical layers are concerned with the proper transmission of data across the network, but the protocols at the session layer and above are not involved in that part of the communications process. The session layer provides 22 services, many of which are concerned with the ways in which networked systems exchange information. The most important of these services are dialog control and dialog separation.
The exchange of information between two systems on the network is called a dialog, and dialog control is the selection of a mode that the systems will use to exchange messages. When the dialog is begun, the systems can choose one of two modes, two-way alternate (TWA) mode or two-way simultaneous (TWS) mode. In TWA mode, the two systems exchange a data token, and only the computer in possession of the token is permitted to transmit data. This eliminates problems caused by messages that cross in transit. TWS mode is more complex, because there is no token and both systems can transmit at any time, evensimultaneously.
Dialog separation is the process of creating checkpoints in a data stream thatenable communicating systems to synchronize their functions. The difficulty of checkpointing depends on whether the dialog is using TWA or TWS mode. Systems involved in a TWA dialog perform minor synchronizations that require only a single exchange of checkpointing messages, but systems using a TWS dialog perform a major synchronization using a major/activity token.
There is only one function found at the presentation layer: the translation of syntax between different systems. In some cases, computers communicating over a network use different syntaxes, and the presentation layer enables them to negotiate a common syntax for the network communications. When the communicating systems establish a connection at the presentation layer, they exchange messages containing information about the syntaxes they have in common, and together they choose the syntax they will use during the session.
Both of the systems involved in the connection have an abstract syntax, which is their native form of communication. Computers running on different platforms can have different abstract syntaxes. During the negotiation process, the systems choose a transfer syntax, which is an alternative syntax that the two have in common. The transmitting system converts its abstract syntax to the transfer syntax, and after the transmission, the receiving system converts the transfer syntax to its own abstract syntax. When called for, the systems can select a transfer syntax that provides additional services, such as data compression or encryption.
The application layer is the entrance point that programs use to access the OSI model and utilize network resources. Most application layer protocols provide services that programs use to access the network, such as the Simple Mail Transfer Protocol (SMTP), which most e-mail programs use to send e-mail messages. In some cases, as with File Transfer Protocol (FTP), the application layer protocol is a program in itself.
Application layer protocols often include the session and presentation layer functions. As a result, a typical protocol stack consists of four separate protocols that run at the application, transport, network, and data-link layers.
For each of the protocols, functions, or concepts listed below, specify the OSI model layer with which it is associated.