OSI Network Layer

We have seen how network applications and services on one end device can communicate with applications and services running on another end device.

Next, as shown in the figure, we will consider how this data is communicated across the network - from the originating end device (or host) to the destination host - in an efficient way.

The protocols of the OSI model Network layer specify addressing and processes that enable Transport layer data to be packaged and transported. The Network layer encapsulation allows its contents to be passed to the destination within a network or on another network with minimum overhead.

The Network layer - provides services to exchange the individual pieces of data over the network between identified end devices.

To accomplish this end-to-end transport, Layer 3 uses four basic processes:
• Addressing
• Encapsulation
• Routing
• Decapsulation

Addressing – the network layer must provide a mechanism for addressing these end devices. If individual pieces of data are to be directed to an end device, that device must have a unique address.

Encapsulation - Not only must the devices be identified with an address, the individual pieces - the Network layer PDUs - must also contain these addresses. During the encapsulation process, Layer 3 receives the Layer 4 PDU and adds a Layer 3 header, or label, to create the Layer 3 PDU. When referring to the Network layer, we call this PDU a packet.

Routing - the network layer must provide services to direct these packets to their destination host. Along the way, each packet must be guided through the network to reach its final destination. Intermediary devices that connect the networks are called routers. The role of the router is to select paths for and direct packets toward their destination. This process is known as routing.
During the routing through an internetwork, the packet may traverse many intermediary devices. Each route that a packet takes to reach the next device is called a hop.

Decapsulation - the packet arrives at the destination host and is processed at Layer 3. The host examines the destination address to verify that the packet was addressed to this device. If the address is correct, the packet is decapsulated by the Network layer and the Layer 4 PDU contained in the packet is passed up to the appropriate service at Transport layer.

The Internet Protocol (IPv4 and IPv6) is the most widely-used Layer 3 data carrying protocol.

IPv4 basic characteristics:
• Connectionless - No connection is established before sending data packets.
• Best Effort (unreliable) - No overhead is used to guarantee packet delivery.
• Media Independent - Operates independently of the medium carrying the data.

Dividing Networks:
Rather than having all hosts everywhere connected to one vast global network, it is more practical and manageable to group hosts into specific networks.

Networks can be grouped based on factors that include:
• Geographic location
• Purpose
• Ownership

Grouping Host Geographically:
We can group network hosts together geographically. Grouping hosts at the same location - such as each building on a campus or each floor of a multi-level building - into separate networks can improve network management and operation.

Grouping Hosts for specific Purposes:
Users who have similar tasks typically use common software, common tools, and have common traffic patterns. We can often reduce the traffic required by the use of specific software and tools by placing the resources to support them in the network with the users.



Grouping Hosts for Ownership:
Using an organizational (company, department) basis for creating networks assists in controlling access to the devices and data as well as the administration of the networks. In one large network, it is much more difficult to define and limit the responsibility for the network personnel. Dividing hosts into separate networks provides a boundary for security enforcement and management of each network.



Common issues with large networks are:
• Performance degradation
• Security issues
• Address Management

Large numbers of hosts connected to a single network can produce volumes of data traffic that may stretch, if not overwhelm, network resources such as bandwidth and routing capability.

Dividing large networks so that hosts who need to communicate are grouped together reduces the traffic across the internetworks.



To be able to divide networks, we need hierarchical addressing.

Hierarchical Address - uniquely identifies each host. It also has levels that assist in forwarding packets across internetworks, which enables a network to be divided based on those levels.

The logical 32-bit IPv4 address is hierarchical and is made up of two parts. The first part identifies the network and the second part identifies a host on that network. Both parts are required for a complete IP address.



This is hierarchical addressing because the network portion indicates the network on which each unique host address is located. Routers only need to know how to reach each network, rather than needing to know the location of each individual host.

Fundamental of routes:
The routing table stores information about connected and remote networks. Connected networks are directly attached to one of the router interfaces. These interfaces are the gateways for the hosts on different local networks. Remote networks are networks that are not directly connected to the router. Routes to these networks can be manually configured on the router by the network administrator or learned automatically using dynamic routing protocols.

Routes in a routing table have three main features:
• Destination network
• Next-hop
• Metric

The router matches the destination address in the packet header with the destination network of a route in the routing table and forwards the packet to the next-hop router specified by that route. If there are two or more possible routes to the same destination, the metric is used to decide which route appears on the routing table.



As shown in the figure, the routing table in a Cisco router can be examined with the show ip route command.

As you know, packets cannot be forwarded by the router without a route. If a route representing the destination network is not on the routing table, the packet will be dropped (that is, not forwarded). The matching route could be either a connected route or a route to a remote network.

Routing is done packet-by-packet and hop-by-hop. Each packet is treated independently in each router along the path. At each hop, the router examines the destination IP address for each packet and then checks the routing table for forwarding information.

The router will do one of three things with the packet:
• Forward it to the next-hop router
• Forward it to the destination host
• Drop it

Static Routing – routing that depends on manually entered routes in the routing table. if the internetwork structure changes or if new networks become available, these changes have to be manually updated on every router. If updating is not done in a timely fashion, the routing information may be incomplete or inaccurate, resulting in packet delays and possible packet loss.

Dynamic Routing - Routing protocols are the set of rules by which routers dynamically share their routing information. When a router receives information about new or changed routes, it updates its own routing table and, in turn, passes the information to other routers. In this way, all routers have accurate routing tables that are updated dynamically and can learn about routes to remote networks that are many hops way.

Dynamic routing protocols are:
• Routing Information Protocol (RIP)
• Enhanced Interior Gateway Routing Protocol (EIGRP)
• Open Shortest Path First (OSPF)

OSI Transport Layer

Data networks and the Internet support the human network by supplying seamless, reliable communication between people - both locally and around the globe. On a single device, people can use multiple services such as e-mail, the web, and instant messaging to send messages or retrieve information. Applications such as e-mail clients, web browsers, and instant messaging clients allow people to use computers and networks to send messages and find information.

Data from each of these applications is packaged, transported, and delivered to the appropriate server daemon or application on the destination device. The processes described in the OSI Transport layer accept data from the Application layer and prepare it for addressing at the Network layer. The Transport layer is responsible for the overall end-to-end transfer of application data.

Transport Layer – segment the data and manages the separation of data for different application. Multiple applications running on device receive the correct data.
Some protocols at the transport layer provide:
•Connection-oriented conversations
•Reliable delivery
•Ordered data reconstruction
•Flow control



Congestion – the state of a network when there is not sufficient bandwidth to support the amount of network traffic.

UDP – (user datagram protocol) a simple, connectionless protocol, described in RFC 768. It has the advantage of providing for low overhead data delivery. The pieces of communication in UDP are called datagrams.

Applications that use UDP include:
•Domain Name System (DNS)
•Video Streaming
•Voice over IP (VoIP)

TCP – (transmission control protocol) a connection-oriented protocol, described in RFC 793. TCP incurs additional overhead to gain functions. Additional functions specified by TCP are the same order delivery, reliable delivery, and flow control.

Applications that use TCP are:
•Web Browsers
•E-mail
•File Transfers

IANA – (Internet Assigned Numbers Authority) assigned port numbers. A standard body that is responsible for assigning various addressing standards.

There are different types of port numbers:
Well Known Ports (Numbers 0 to 1023) - These numbers are reserved for services and applications. They are commonly used for applications such as HTTP (web server) POP3/SMTP (e-mail server) and Telnet.

Registered Ports (Numbers 1024 to 49151) - These port numbers are assigned to user processes or applications. These processes are primarily individual applications that a user has chosen to install rather than common applications that would receive a Well Known Port.

Dynamic or Private Ports (Numbers 49152 to 65535) - Also known as Ephemeral Ports, these are usually assigned dynamically to client applications when initiating a connection. It is not very common for a client to connect to a service using a Dynamic or Private Port (although some peer-to-peer file sharing programs do).

Netstat - an important network utility that can be used to verify connections. It list the protocol in use, the local address and port number, the foreign address and port number, and the state of the connection.

Three-way handshake – a process that establishes a TCP session between two endpoints. The process is as follows:
1.A client wishes to communicate with a server.
2.In response, the server responds with a SYN-ACK.
3.The client then sends an ACK (usually called SYN-ACK-ACK) back to the other end and the session is established.



Within the TCP segment header, there are six 1-bit fields that contain control information used to manage the TCP processes. Those fields are:
URG - Urgent pointer field significant
ACK - Acknowledgement field significant
PSH - Push function
RST - Reset the connection
SYN - Synchronize sequence numbers
FIN - No more data from sender

These fields are referred to as flags, because the value of one of these fields is only 1 bit and, therefore, has only two values: 1 or 0. When a bit value is set to 1, it indicates what control information is contained in the segment.

Window size – to determine the number of segments sent by the sending device before the receiving device sends a confirmation. It is a field in the TCP header that enables the management of lost data and flow control.



Flow control – assists the reliability of TCP transmission by adjusting the effective rate of data flow between the two services in the session. When the source is informed that the specified amount of data in the segments is received, it can continue sending more data for this session.

Application Layer Functionality and Protocols

Most of us experience the Internet through the World Wide Web, e-mail services, and file-sharing programs. These applications, and many others, provide the human interface to the underlying network, enabling us to send and receive information with relative ease. Typically the applications that we use are intuitive, meaning we can access and use them without knowing how they work. However, for network professionals, it is important to know how an application is able to format, transmit and interpret messages that are sent and received across the network.


OSI – (Open System Interconnection) international standardization program created by ISO and ITU-T to develop standards for data networking that facilitate multivendor equipment interoperability. It divides the networking process into seven logical layers, each of which has unique functionality.

Application Layer – uses protocols that are implemented within applications and services. It provides the interface between the applications on either end of the network.

Presentation Layer – ensure that data from the source device can be interpreted by the appropriate application on the destination device.

Session Layer – create and maintain dialogs between source and destination applications. It handles the exchange of information to initiate dialogs, keep them active, and to restart sessions that are disrupted or idle for a long period of time.

DNS – (Domain Name Service) is used to resolve internet names to IP addresses. It matches resource names with the required IP address.

HTTP – (Hypertext Transfer Protocol) is used to transfer files that make up the web pages of the World Wide Web. It transfer data from a web server to a client.

SMTP – (Simple Mail Transfer Protocol) is used for the transfer of mail messages and attachments.

Telnet – is used to provide remote access to servers and networking devices. But it does not support encryption.

FTP – (File Transfer Protocol) is commonly used to support for file transfer between a client and a server.

Client-server model – the device requesting the information is called a client and the device responding to the request is called a server.
• centralized administration
• security is easier to enforce

Peer-to-peer – two or more computers are connected via a network and can share resources (such as printers and files) without having a dedicated server.
• Act as both a client and server within the same communication.
• Hybrid mode includes a centralized directory of files.
• Can be used in client-server networks



Nslookup – a utility of a computer operating systems that allows the user to manually query the name servers to resolve a given host name. This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers.



MTU – (Mail User Agent) allow messages to be sent and places received messages into the clients mailbox, both of which are distinct processes. In order to receive e-mail messages from an email server, the email client can use POP. Sending e-mail from either a client or a server uses message formats and command strings defined by the SMTP protocol. Usually an e-mail client provides the functionality of both protocols within one application.




Protocols operate at application layer of the OSI model:
• DNS
• SMTP
• POP

The e-mail server operates two separate processes:
• Mail Transfer Agent (MTA)
• Mail Delivery Agent (MDA)
The Mail Transfer Agent (MTA) process is used to forward e-mail. As shown in the figure, the MTA receives messages from the MUA or from another MTA on another e-mail server. Based on the message header, it determines how a message has to be forwarded to reach its destination. If the mail is addressed to a user whose mailbox is on the local server, the mail is passed to the MDA. If the mail is for a user not on the local server, the MTA routes the e-mail to the MTA on the appropriate server.

DHCP – (Dynamic Host Configuration Protocol) enables devices on a network to obtain IP addresses and other information from a DHCP server. This service automates the assignment of IP addresses, subnet masks, gateway and other IP networking parameters.

SMB – (Server Message Block) is a client/server file sharing protocol. It describe the structure of shared network resources, such as directories, files, printers and serial ports. SMB file-sharing and print services have become the mainstay of Microsoft networking.

Communicating over the Network

More and more, it is networks that connect us. People communicate online from everywhere. Efficient, dependable technology enables networks to be available whenever and wherever we need them. As our human network continues to expand, the platform that connects and supports it must also grow.

Rather than developing unique and separate systems for the delivery of each new service, the network industry as a whole has developed the means to both analyze the existing platform and enhance it incrementally. This ensures that existing communications are maintained while new services are introduced that are both cost effective and technologically sound.

Channel – consist of the media the provides the pathway over which the massage can travel from source to destination.

Multiplexing – the process used to interleave the pieces of separate conversation together on the network.

Two types of Network Devices:

End device – the network devices that people are most familiar. Examples are computers, printer, voip phones, security camera, mobile handheld.

Intermediary devices – provide connectivity and to work behind the scenes to ensure that data flows across the network. The management of data as it flows through the network is also a role of the intermediary devices.

Examples of intermediary network devices are:
• Network access devices (hubs, switches, and wireless access points)
• Internetworking devices (routers)
• Communication servers and modems
• Security Devices (firewalls)

LAN – an individual network usually spans a single geographical area, providing services and applications to people within a common organizational structure.

WAN – use specifically designed network devices to make the interconnections between LANS. It allow many forms of communication including exchange emails, corporate training, and other resource sharing.

Internetwork – a global mesh of interconnected networks meets these human communication needs. A connection of two or more data networks forms an internetwork.

Intranet – is often used to refer to a private connection of LANs and WANs that belongs to an organization, and is designed to be accessible only by the organization’s members.

Protocol suite – a group of inter-related protocols that are necessary to perform a communication function. It determines the formatting of messages and the process of encapsulation used to forward data.

IEEE – (Institute of Electrical and Electronics Engineers) a protocol that has been endorsed by the networking industry and ratified by a standards organization. The use of standards in developing and implementing protocols ensures that products from different manufacturers can work together for efficient communications.

Encapsulation – the wrapping of data in a particular protocol header. During the encapsulation process the data is formatted and separated into segments then the server adds the source and destination IP address to each segment header to deliver packets to the destination.

PDU – (Protocol Data Unit) the form that a piece of data takes at any layer.

------------------
TCP/IP Model
------------------
Application – represents data to the user plus encoding and dialog control.

Transport – supports communication between diverse devices across diverse networks.

Internet – determines the best path through the network

Network Access – controls the hardware devices and media that make up the network.

----------------
OSI Model
----------------

Application – provides the end-to-end connectivity between individuals in the human network using data networks.

Presentation – provides for common representation of the data transferred between applications layer services.

Session – provides services to the presentation layer to organize its dialogue and to manage data exchange.

Transport – defines services to segment, transfer, and reassemble the data for individual communications between the end devices.
• Called as Layer 4: port (software). TCP and UDP protocols are associated
• Encapsulate segments

Network – provides services to exchange the individual pieces of data over the network between identified end devices.
• Also called as Layer 3: IP address and logical address
• Encapsulate packets

Data Link – describe methods for exchanging data frames between devices over a common media.
• Also called as Layer 2: MAC and physical address
• Encapsulate frames

Physical – describe the mechanical, electrical, functional, and procedural means to activate, maintain, and de-activate physical-connections for bit transmission to and from a network device.
• Encapsulate bits