Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
The OSI Seven-Layer Model is a conceptual framework developed by the International Organization for Standardization (ISO) to understand and describe how data is transmitted between computer systems. This model consists of seven layers: physical, data link, network, transport, session, presentation, and application. Each layer has a specific function, with the network layer responsible for routing and communication between different network systems using software-configured addresses and routing protocols. an overview of the OSI model, its layers, and their functions, as well as identifying various network components and their relation to the OSI model.
What you will learn
Typology: Exams
1 / 40
This page cannot be seen from the preview
Don't miss anything!
1.1 Explain the function of common networking protocols
. TCP . FTP . UDP . TCP/IP suite . DHCP . TFTP . DNS . HTTP(S) . ARP . SIP (VoIP) . RTP (VoIP) . SSH . POP . NTP . IMAP . Telnet . SMTP . SNMP2/ . ICMP . IGMP . TLS
Chapter 4: OSI Model and Network Protocols
4.1 Explain the function of each layer of the OSI model
. Layer 1 – physical . Layer 2 – data link . Layer 3 – network . Layer 4 – transport . Layer 5 – session . Layer 6 – presentation . Layer 7 – application
. Identify the seven layers of the OSI model. . Identify the function of each layer of the OSI model. . Identify the layer at which networking devices function. . Identify the function of various networking protocols.
Introduction
One of the most important networking concepts to understand is the Open Systems Interconnect (OSI) reference model. This conceptual model, created by the International Organization for Standardization (ISO) in 1978 and revised in 1984, describes a network architecture that allows data to be passed between computer systems.
This chapter looks at the OSI model and describes how it relates to real-world networking. It also examines how common network devices relate to the OSI model. Even though the OSI model is conceptual, an appreciation of its purpose and function can help you better understand how protocol suites and network architectures work in practical applications.
The OSI Seven-Layer Model
As shown in Figure 4.1, the OSI reference model is built, bottom to top, in the following order: physical, data link, network, transport, session, presentation, and application. The physical layer is classified as Layer 1, and the top layer of the model, the application layer, is Layer 7.
Chapter 4: OSI Model and Network Protocols
Data Link Layer (Layer 2)
The data link layer is responsible for getting data to the physical layer so that it can be transmitted over the network. The data link layer is also responsible for error detection, error correction, and hardware addressing. The term frame is used to describe the logical grouping of data at the data link layer.
The data link layer has two distinct sublayers:
. Media Access Control (MAC) layer : The MAC address is defined at this layer. The MAC address is the physical or hardware address burned into each network interface card (NIC). The MAC sublayer also controls access to network media. The MAC layer specification is included in the IEEE 802.1 standard. . Logical Link Control (LLC) layer : The LLC layer is responsible for the error and flow-control mechanisms of the data link layer. The LLC layer is specified in the IEEE 802.2 standard.
Network Layer (Layer 3)
The primary responsibility of the network layer is routing —providing mecha- nisms by which data can be passed from one network system to another. The network layer does not specify how the data is passed, but rather provides the mechanisms to do so. Functionality at the network layer is provided through routing protocols, which are software components.
Protocols at the network layer are also responsible for route selection , which refers to determining the best path for the data to take throughout the network. In contrast to the data link layer, which uses MAC addresses to communicate on the LAN, network layer protocols use software configured addresses and special routing protocols to communicate on the network. The term packet is used to describe the logical grouping of data at the network layer. are added manually to
the routing tables. In a dynamic routing environment, routing protocols such asRouting Information Protocol (RIP) andOpen Shortest Path First (OSPF) are used. These protocols communicate routing information between networked devices on the network. When working with networks, routes can be configured in two ways:statically or dynamically. In a static routing environment, routes are added manually to the routing tables. In a dynamic routing environment, routing protocols such asRouting
The OSI Seven-Layer Model
Information Protocol (RIP) andOpen Shortest Path First (OSPF) are used. These proto- cols communicate routing information between networked devices on the network.
Transport Layer (Layer 4)
The basic function of the transport layer is to provide mechanisms to transport data between network devices. Primarily it does this in three ways:
. Error checking : Protocols at the transport layer ensure that data is sent or received correctly. . Service addressing : Protocols such as TCP/IP support many network services. The transport layer makes sure that data is passed to the right service at the upper layers of the OSI model. . Segmentation : To traverse the network, blocks of data need to be bro- ken into packets that are of a manageable size for the lower layers to handle. This process, called segmentation , is the responsibility of the transport layer.
Protocols at the Transport Layer Protocols that operate at the transport layer can either be connectionless, such as User Datagram Protocol (UDP) , or connection-oriented, such as Transmission Control Protocol (TCP). For a further discussion of these protocols, and of the dif- ference between connection-oriented and connectionless protocols, refer to the later section “Connectionless and Connection-Oriented Protocols.”
Flow Control The transport layer is also responsible for data flow control , which refers to how the receiving device can accept data transmissions. Two common methods of flow control are used:
. Buffering : When buffering flow control is used, data is temporarily stored and waits for the destination device to become available. Buffering can cause a problem if the sending device transmits data much faster than the receiving device can manage it. . Windowing : In a windowing environment, data is sent in groups of seg- ments that require only one acknowledgment. The size of the window (that is, how many segments fit into one acknowledgment) is defined when the session between the two devices is established. As you can imagine, the need to have only one acknowledgment for every, say, five segments can greatly reduce overhead.
The OSI Seven-Layer Model
enable applications to use network services. For example, if an application needs to open a file from a network drive, the functionality is provided by components that reside at the application layer.
Before taking the Network+ exam, be sure you understand the OSI model and its pur- pose. You will almost certainly be asked questions on it for the exam.
OSI Model Summary
Table 4.1 summarizes the seven layers of the OSI model and describes some of the most significant points of each layer.
Table 4.1 OSI Model Summary OSI Layer Major Functions Physical (Layer 1) Defines the physical structure of the network and the topology. Data link (Layer 2) Provides error detection and correction. Uses two distinct sublayers: the Media Access Control (MAC) and Logical Link Control (LLC) layers. Identifies the method by which media are accessed. Defines hardware addressing through the MAC sublayer. Network (Layer 3) Handles the discovery of destination systems and address- ing. Provides the mechanism by which data can be passed and routed from one network system to another. Transport (Layer 4) Provides connection services between the sending and receiving devices and ensures reliable data delivery. Manages flow control through buffering or windowing. Provides segmentation, error checking, and service identifi- cation. Session (Layer 5) Synchronizes the data exchange between applications on separate devices. Presentation (Layer 6) Translates data from the format used by applications into one that can be transmitted across the network. Handles encryption and decryption of data. Provides compression and decompression functionality. Formats data from the application layer into a format that can be sent over the net- work. Application (Layer 7) Provides access to the network for applications.
Chapter 4: OSI Model and Network Protocols
Identifying the OSI Layers at Which
Various Network Components
Operate
When you understand the OSI model, it is possible to relate the network con- nectivity devices discussed in Chapter 3, “Networking Components and Devices,” to the appropriate layer of the OSI model. Knowing at which OSI level a device operates allows you to better understand how it functions on the network. Table 4.2 identifies various network devices and maps them to the OSI model.
Table 4.2 Mapping Network Devices to the OSI Model Device OSI Layer Hub Physical (Layer 1) Switch Data link (Layer 2) Bridge Data link (Layer 2) Router Network (Layer 3) NIC Data link (Layer 2) Access point (AP) Data link (Layer 2)
Connectionless and Connection-
Oriented Protocols
Before getting into the characteristics of the various network protocols and pro- tocol suites, it’s important to first identify the difference between connection- oriented and connectionless protocols.
In a connection-oriented communication, data delivery is guaranteed. The sending device re-sends any packet that the destination system does not receive. Communication between the sending and receiving devices continues until the transmission has been verified. Because of this, connection-oriented protocols have a higher overhead and place greater demands on bandwidth.
For the Network+ exam, you are expected to be able to identify at which layer of the OSI model certain network devices operate.
Chapter 4: OSI Model and Network Protocols
In addition to providing best-effort delivery, IP also performs fragmentation and reassembly tasks for network transmissions. Fragmentation is necessary because the maximum transmission unit (MTU) size is limited in IP. In other words, net- work transmissions that are too big to traverse the network in a single packet have to be broken into smaller chunks and reassembled at the other end. Another function of IP is addressing. IP addressing is a complex subject. Refer to Chapter 5, “TCP/IP Routing and Addressing,” for a complete discussion of IP addressing.
Transmission Control Protocol (TCP)
TCP, which is defined in RFC 793, is a connection-oriented protocol that uses IP as its transport protocol. Being connection-oriented means that TCP estab- lishes a mutually acknowledged session between two hosts before communica- tion takes place. TCP provides reliability to IP communications. Specifically, TCP adds features such as flow control, sequencing, and error detection and correction. For this reason, higher-level applications that need guaranteed deliv- ery use TCP rather than its lightweight and connectionless brother, UDP.
IP and the OSI model IP operates at the network layer of the OSI model.
Internet Protocol (IP)
IP, which is defined in RFC 791, is the protocol used to transport data from one node on a network to another. IP is connectionless, which means that it doesn’t guarantee the delivery of data; it simply makes its best effort to do so. To ensure that transmissions sent via IP are completed, a higher-level protocol such as TCP is required.
In this chapter and throughout the book, the term request for comment (RFC) is used. RFCs are standards published by the Internet Engineering Task Force (IETF) and describe methods, behaviors, research, or innovations applicable to the operation of the Internet and Internet-connected systems. Each new RFC has an associated reference number. Looking up this number gives you information on the specific technology. For more infor- mation on RFCs, look for the Internet Engineering Task Force online.
Introduction to Protocols
How TCP Works When TCP wants to open a connection with another host, it follows this pro- cedure:
1. It sends a message called a SYN to the target host. 2. The target host opens a connection for the request and sends back an acknowledgment message called an ACK (or SYN ACK). 3. The host that originated the request sends back another acknowledg- ment, saying that it has received the ACK message and that the session is ready to be used to transfer data.
When the data session is completed, a similar process is used to close the ses- sion. This three-step session establishment and acknowledgment process is called the TCP three-way handshake.
TCP and the OSI model TCP operates at the transport layer of the OSI model.
TCP is a reliable protocol because it has mechanisms that can accommodate and handle errors. These mechanisms include timeouts , which cause the sending host to automatically retransmit data if its receipt is not acknowledged within a given time period.
User Datagram Protocol (UDP)
UDP, which is defined in RFC 768, is the brother of TCP. Like TCP, UDP uses IP as its transport protocol, but the big difference is that UDP does not guaran- tee delivery like TCP does. In a sense, UDP is a “fire and forget” protocol; it assumes that the data sent will reach its destination intact. In fact, the checking of whether data is delivered is left to upper-layer protocols.
UDP and the OSI model UDP operates at the transport layer of the OSI model.
Introduction to Protocols
All the common network operating systems offer FTP server capabilities, although whether you use them depends on whether you need FTP services. All popular workstation operating systems offer FTP client functionality, although it is common to use third-party utilities such as CuteFTP and SmartFTP instead.
FTP assumes that files being uploaded or downloaded are straight text (that is, ASCII) files. If the files are not text, which is likely, the transfer mode has to be changed to binary. With sophisticated FTP clients, such as CuteFTP, the tran- sition between transfer modes is automatic. With more basic utilities, you have to perform the mode switch manually.
Unlike some of the other protocols discussed in this chapter that perform tasks transparent to the user, FTP is an application layer service that is called upon frequently. Therefore, it can be useful to know some of the commands support- ed by FTP. If you are using a client such as CuteFTP, you might never need to use these commands, but they are useful to know in case you find yourself using a command-line FTP client. Table 4.3 lists some of the most commonly used FTP commands.
FTP commands On the Network+ exam, you might be asked to identify the appropri- ate FTP command to use in a given situation.
Table 4.3 Commonly Used FTP Commands Command Description ls Lists the files in the current directory on the remote system. cd Changes the working directory on the remote host. lcd Changes the working directory on the local host. put Uploads a single file to the remote host. get Downloads a single file from the remote host. mput Uploads multiple files to the remote host. mget Downloads multiple files from the remote host. binary Switches transfers into binary mode. ascii Switches transfers into ASCII mode (the default).
Chapter 4: OSI Model and Network Protocols
Secure File Transfer Protocol (SFTP)
One of the big problems associated with FTP is that it is considered insecure. Even though simple authentication methods are associated with FTP, it is still susceptible to relatively simple hacking approaches. In addition, FTP transmits data between sender and receiver in an unencrypted format. By using a packet sniffer, a hacker could easily copy packets from the network and read the con- tents. In today’s high-security computing environments, a more robust solution is needed.
That solution is the Secure File Transfer Protocol, which, based on Secure Shell (SSH) technology, provides robust authentication between sender and receiver. It also provides encryption capabilities, which means that even if packets are copied from the network, their contents remain hidden from prying eyes.
SFTP is implemented through client and server software available for all com- monly used computing platforms.
Which SFTP is it? In an industry dominated by acronyms, it should come as no sur- prise that eventually two protocols will have the same acronym. In this case, the SFTP acronym is used to describe both Secure File Transfer Protocol and Simple File Transfer Protocol. If you are researching additional information for the Network+ exam, make sure that you are reading about the right protocol.
Trivial File Transfer Protocol (TFTP)
A variation on FTP is TFTP, which is also a file transfer mechanism. However, TFTP does not have the security capability or the level of functionality that FTP has. TFTP, which is defined in RFC 1350, is most often associated with simple downloads, such as those associated with transferring firmware to a device such as a router and booting diskless workstations.
Another feature that TFTP does not offer is directory navigation. Whereas in FTP commands can be executed to navigate and manage the file system, TFTP offers no such capability. TFTP requires that you request not only exactly what you want but also the particular location. Unlike FTP, which uses TCP as its transport protocol to guarantee delivery, TFTP uses UDP.
Chapter 4: OSI Model and Network Protocols
HTTP uses a uniform resource locator (URL) to determine what page should be downloaded from the remote server. The URL contains the type of request (for example, http://), the name of the server being contacted (for example, www.microsoft.com), and optionally the page being requested (for example, /support). The result is the syntax that Internet-savvy people are familiar with: http://www.microsoft.com/support.
Hypertext Transfer Protocol Secure (HTTPS)
One of the downsides of using HTTP is that HTTP requests are sent in clear text. For some applications, such as e-commerce, this method of exchanging information is unsuitable—a more secure method is needed. The solution is HTTPS. HTTPS uses a system known as Secure Socket Layer (SSL), which encrypts the information sent between the client and host.
For HTTPS to be used, both the client and server must support it. All popular browsers now support HTTPS, as do web server products, such as Microsoft Internet Information Server (IIS), Apache, and almost all other web server applications that provide sensitive applications. When you are accessing an application that uses HTTPS, the URL starts with https rather than http—for example, https://www.mybankonline.com.
Post Office Protocol Version 3/Internet
Message Access Protocol Version 4
(POP3/IMAP4)
Both POP3, which is defined in RFC 1939, and IMAP4, the latest version of which is defined in RFC 1731, are mechanisms for downloading, or pulling, email from a server. They are necessary because, although the mail is transport- ed around the network via SMTP, users cannot always read it immediately, so it must be stored in a central location. From this location, it needs to be down- loaded, which is what POP and IMAP allow you to do.
POP and IMAP are popular, and many people now access email through appli- cations such as Microsoft Outlook, Netscape Communicator, and Eudora, which are POP and IMAP clients.
One of the problems with POP is that the password used to access a mailbox is transmitted across the network in clear text. This means that if someone want- ed to, he could determine your POP password with relative ease. This is an area in which IMAP offers an advantage over POP. It uses a more sophisticated
Introduction to Protocols
authentication system, which makes it more difficult for someone to determine a password.
POP and IMAP POP and IMAP can be used to download, or pull, email from a server, but they cannot be used to send mail. That function is left to SMTP, which can both send and receive.
Web-based mail: the other, other email Although accessing email by using POP and IMAP has many advantages, such systems rely on servers to hold the mail until it is downloaded to the client system. In today’s world, a more sophisticated solution to any- time/anywhere email access is needed. For many people, that solution is web-based mail. Having an Internet-based email account allows you to access your mail from anywhere and from any device that supports a web browser. Recognizing the obvious advantages of such a system, all the major email systems have, for some time, included web access gateway products.
Telnet
Telnet, which is defined in RFC 854, is a virtual terminal protocol. It allows ses- sions to be opened on a remote host, and then commands can be executed on that remote host. For many years, Telnet was the method by which clients accessed multiuser systems such as mainframes and minicomputers. It also was the connection method of choice for UNIX systems. Today, Telnet is still com- monly used to access routers and other managed network devices.
One of the problems with Telnet is that it is not secure. As a result, remote ses- sion functionality is now almost always achieved by using alternatives such as SSH.
Telnet and UNIX/Linux Telnet is used to access UNIX and Linux systems.
Introduction to Protocols
the same rate as the data is being sent. To slow down the sending host, the receiving host sends ICMP source quench messages, telling the sender to slow down. This action prevents packets from being dropped and having to be re- sent.
ICMP is a useful protocol. Although ICMP operates largely in the background, the ping utility alone makes it one of the most valuable of the protocols dis- cussed in this chapter.
Address Resolution Protocol (ARP)/Reverse
Address Resolution Protocol (RARP)
ARP, which is defined in RFC 826, is responsible for resolving IP addresses to Media Access Control (MAC) addresses. When a system attempts to contact another host, IP first determines whether the other host is on the same network it is on by looking at the IP address. If IP determines that the destination is on the local network, it consults the ARP cache to see whether it has a correspon- ding entry. The ARP cache is a table on the local system that stores mappings between data link layer addresses (the MAC address or physical address) and network layer addresses (IP addresses). Here’s a sample of the ARP cache:
Interface: 192.168.1.66 --- 0x Internet Address Physical Address Type 192.168.1.65 00-1c-c0-17-41-c8 dynamic 192.168.1.67 00-22-68-cb-e2-f9 dynamic 192.168.1.254 00-18-d1-95-f6-02 dynamic 224.0.0.2 01-00-5e-00-00-02 static 239.255.255.250 01-00-5e-7f-ff-fa static
If the ARP cache doesn’t have an entry for the host, a broadcast on the local net- work asks the host with the target IP address to send back its MAC address. The communication is sent as a broadcast because without the target system’s MAC address, the source system cannot communicate directly with the target system.
Because the communication is a broadcast, every system on the network picks it up. However, only the target system replies, because it is the only device whose IP address matches the request. The target system, recognizing that the ARP request is targeted at it, replies directly to the source system. It can do this because the ARP request contains the MAC address of the system that sent it. If the destination host is determined to be on a different subnet than the sending host, the ARP process is performed against the default gateway and then repeat- ed for each step of the journey between the sending and receiving host. Table 4.4 lists the common switches used with the arp command.
Chapter 4: OSI Model and Network Protocols
Network Time Protocol (NTP)
NTP, which is defined in RFC 958, is the part of the TCP/IP protocol suite that facilitates the communication of time between systems. The idea is that one sys- tem configured as a time provider transmits time information to other systems that can be both time receivers and time providers for other systems.
Time synchronization is important in today’s IT environment because of the distributed nature of applications. Two good examples of situations in which time synchronization is important are email and directory services systems. In
Table 4.4 Commonly Used arp Command Switches Switch Description -a Displays the entries in the ARP cache. -s Manually adds a permanent entry to the ARP cache. -d Deletes an entry from the ARP cache.
When you work with the ARP cache, you can make entries either dynamically or statically. With dynamic entries, the ARP cache is updated automatically. The ARP cache is maintained with no intervention from the user. Dynamic entries are the ones most used. Static entries are configured manually using the arp -s command. The static entry becomes a permanent addition to the ARP cache until it is removed using the arp -d command.
Reverse Address Resolution Protocol (RARP) performs the same function as ARP, but in reverse. In other words, it resolves MAC addresses to IP addresses. RARP makes it possible for applications or systems to learn their own IP address from a router or Domain Name System (DNS) server. Such a resolution is use- ful for tasks such as performing reverse lookups in DNS. RARP is defined in RFC 903.
ARP is used to link IP addressing to our Ethernet addressing (MAC addressing).
ARP functions (^) The function of ARP is to resolve a system’s IP address to the interface’s MAC address on that system. Do not confuse ARP with DNS or WINS, which also per- form resolution functions, but for different things.
