1.1 (OSI) model layers and encapsulation concepts Flashcards
Open Systems Interconnection Reference Model (OSI) Data Types
1) Physical (Bits)
2) Data Link (Frames)
3) Network (Packets)
4) Transport (Segments)
5) Session (Data)
6) Presentation (Data)
7) Application (Data)
Layer 1 - The Physical Layer
- The physics of the network
– Signaling, cabling, connectors
– This layer isn’t about protocols - You have a physical layer problem.”
– Fix your cabling, punch-downs, etc.
– Run loopback tests, test/replace cables,
swap adapter cards
Layer 2 - Data Link Layer
- The basic network “language
– The foundation of communication
at the data link layer - Data Link Control (DLC) protocols
– MAC (Media Access Control) address on Ethernet - The “switching” layer
Layer 3 - The Network Layer
*The “routing” layer
* Internet Protocol (IP)
* Fragments frames to traverse different networks
Layer 4 - Transport Layer
- The “post office” layer
– Parcels and letters - TCP (Transmission Control Protocol) and
UDP (UserDatagram Protocol)
Layer 5 - Session Layer
- Communication management between devices
– Start, stop, restart - Half-duplex, full-duplex
- Control protocols, tunneling protocols
Layer 6 - Presentation Layer
- Character encoding
- Application encryption
- Often combined with the Application Layer
Layer 7 - Application Layer
- The layer we see - HTTP, FTP, DNS, POP3
OSI Layers
1) Physical (Bits)
-Signaling, cabling, connectors (Cable, NIC, Hub)
2) Data Link (Frames)
-Theswitching layer (Frame, MAC address, EUI-‐48,EUI-‐64, Switch)
3) Network (Packets)
-The routing layer (IP address,router, packet)
4) Transport (Segments)
The“post office” layer (TCP segment, UDP datagram)
5) Session (Data)
Communication between devices (Control protocols, tunneling protocols)
6) Presentation (Data)
Encoding and encryption (SSL/TLS)
7) Application (Data)
“The layer we see” – Google Mail, Twitter, Facebook, etc.
What is IP Fragmentation?
Fragments are always in multiples of 8 because of the
number of fragmentation offset bits in the IP header
Encapsulation and decapsulation
As data moves through the OSI layers it is Encapsulated (moving from layer 7 to 1) or Decapsulated (moving from layer 1 to 7.)
Different layers have different communication methods and by using encapsulation the data is “tagged” are added and removed as needed to sort the data accordingly.
Ex. If I live in an appartment, and I said I’m in building 6 on the 5th story in apartment 22 the appartment number would just be 6522. By the same token, if someone said I live in appartment 8521 I would know that they live in building 8, floor 5, apt 21. by adding these “tags” of information it allows for the system to move data accordingly while limiting overhead.
Transmitting data
Transmission units
– A different group of data at different OSI layers
* Ethernet operates on a frame of data
– It doesn’t care what’s inside
* IP operates on a packet of data
– Inside is TCP or UDP, but IP doesn’t really care
* TCP or UDP
– TCP segment
– UDP datagram
TCP flags
- The header describes or identifies the payload
– Here’s what you’re about to see… - The TCP header contains important control information
– Includes a set of bits called TCP flags - The flags control the payload
– SYN - Synchronize sequence numbers
– PSH - Push the data to the application without
buffering
– RST - Reset the connection
– FIN - Last packet from the sender
Maximum Transmission Unit (MTU)
- Maximum IP packet to transmit
– But not fragment - Fragmentation slows things down
– Losing a fragment loses an entire packet
– Requires overhead along the path - Difficult to know the MTU all the way through the path
– Automated methods are often inaccurate
– Especially when ICMP is filtered
Troubleshooting MTU
- MTU sizes are usually configured once
– Based on the network infrastructure
and don’t change often - A significant concern for tunneled traffic
– The tunnel may be smaller than
your local Ethernet segment - What if you send packets with Don’t Fragment (DF) set?
– Routers will respond back and tell you to fragment
– Hope you get the ICMP message! - Troubleshoot using ping
– Ping with DF and force a maximum size of 1472 bytes
1500 bytes - 8 byte ICMP header - 20 bytes IP address = 1472 bytes
– Windows: ping -f -l 1472 8.8.8.8
Encapsulation By Layer
Layer 1: null
Layer 2: MAC (Frame Header)
Layer 3: IP (IP Header)
Layer 4: TCP/UDP (TCP/UDP Header)
Layers 5-7: HTTPS, IMAP, SSH (App Data)
