the session presentation and application layers are the support layers

The OSI Model – The 7 Layers of Networking Explained in Plain English

This article explains the Open Systems Interconnection (OSI) model and the 7 layers of networking, in plain English.

The OSI model is a conceptual framework that is used to describe how a network functions. In plain English, the OSI model helped standardize the way computer systems send information to each other.

Learning networking is a bit like learning a language - there are lots of standards and then some exceptions. Therefore, it’s important to really understand that the OSI model is not a set of rules. It is a tool for understanding how networks function.

Once you learn the OSI model, you will be able to further understand and appreciate this glorious entity we call the Internet, as well as be able to troubleshoot networking issues with greater fluency and ease.

All hail the Internet!

Prerequisites

You don’t need any prior programming or networking experience to understand this article. However, you will need:

Basic familiarity with common networking terms (explained below)
A curiosity about how things work :)

Learning Objectives

Over the course of this article, you will learn:

What the OSI model is
The purpose of each of the 7 layers
The problems that can happen at each of the 7 layers
The difference between TCP/IP model and the OSI model

Common Networking Terms

Here are some common networking terms that you should be familiar with to get the most out of this article. I’ll use these terms when I talk about OSI layers next.

A node is a physical electronic device hooked up to a network, for example a computer, printer, router, and so on. If set up properly, a node is capable of sending and/or receiving information over a network.

Nodes may be set up adjacent to one other, wherein Node A can connect directly to Node B, or there may be an intermediate node, like a switch or a router, set up between Node A and Node B.

Typically, routers connect networks to the Internet and switches operate within a network to facilitate intra-network communication. Learn more about hub vs. switch vs. router.

Here's an example:

For the nitpicky among us (yep, I see you), host is another term that you will encounter in networking. I will define a host as a type of node that requires an IP address. All hosts are nodes, but not all nodes are hosts. Please Tweet angrily at me if you disagree.

Links connect nodes on a network. Links can be wired, like Ethernet, or cable-free, like WiFi.

Links to can either be point-to-point, where Node A is connected to Node B, or multipoint, where Node A is connected to Node B and Node C.

When we’re talking about information being transmitted, this may also be described as a one-to-one vs. a one-to-many relationship.

A protocol is a mutually agreed upon set of rules that allows two nodes on a network to exchange data.

“A protocol defines the rules governing the syntax (what can be communicated), semantics (how it can be communicated), and synchronization (when and at what speed it can be communicated) of the communications procedure. Protocols can be implemented on hardware, software, or a combination of both. Protocols can be created by anyone, but the most widely adopted protocols are based on standards.” - The Illustrated Network.

Both wired and cable-free links can have protocols.

While anyone can create a protocol, the most widely adopted protocols are often based on standards published by Internet organizations such as the Internet Engineering Task Force (IETF).

A network is a general term for a group of computers, printers, or any other device that wants to share data.

Network types include LAN, HAN, CAN, MAN, WAN, BAN, or VPN. Think I’m just randomly rhyming things with the word can ? I can ’t say I am - these are all real network types. Learn more here .

Topology describes how nodes and links fit together in a network configuration, often depicted in a diagram. Here are some common network topology types:

What is Network Topology? Best Guides to Types & Diagrams - DNSstuff

A network consists of nodes, links between nodes, and protocols that govern data transmission between nodes.

At whatever scale and complexity networks get to, you will understand what’s happening in all computer networks by learning the OSI model and 7 layers of networking.

What is the OSI Model?

The OSI model consists of 7 layers of networking.

First, what’s a layer?

No, a layer - not a lair . Here there are no dragons.

A layer is a way of categorizing and grouping functionality and behavior on and of a network.

In the OSI model, layers are organized from the most tangible and most physical, to less tangible and less physical but closer to the end user.

Each layer abstracts lower level functionality away until by the time you get to the highest layer. All the details and inner workings of all the other layers are hidden from the end user.

How to remember all the names of the layers? Easy.

Please | Physical Layer
Do | Data Link Layer
Not | Network Layer
Tell (the) | Transport Layer
Secret | Session Layer
Password (to) | Presentation Layer
Anyone | Application Layer

Keep in mind that while certain technologies, like protocols, may logically “belong to” one layer more than another, not all technologies fit neatly into a single layer in the OSI model. For example, Ethernet, 802.11 (Wifi) and the Address Resolution Protocol (ARP) procedure operate on >1 layer.

The OSI is a model and a tool, not a set of rules.

OSI Layer 1

Layer 1 is the physical layer . There’s a lot of technology in Layer 1 - everything from physical network devices, cabling, to how the cables hook up to the devices. Plus if we don’t need cables, what the signal type and transmission methods are (for example, wireless broadband).

Instead of listing every type of technology in Layer 1, I’ve created broader categories for these technologies. I encourage readers to learn more about each of these categories:

Nodes (devices) and networking hardware components. Devices include hubs, repeaters, routers, computers, printers, and so on. Hardware components that live inside of these devices include antennas, amplifiers, Network Interface Cards (NICs), and more.
Device interface mechanics. How and where does a cable connect to a device (cable connector and device socket)? What is the size and shape of the connector, and how many pins does it have? What dictates when a pin is active or inactive?
Functional and procedural logic. What is the function of each pin in the connector - send or receive? What procedural logic dictates the sequence of events so a node can start to communicate with another node on Layer 2?
Cabling protocols and specifications. Ethernet (CAT), USB, Digital Subscriber Line (DSL) , and more. Specifications include maximum cable length, modulation techniques, radio specifications, line coding, and bits synchronization (more on that below).
Cable types. Options include shielded or unshielded twisted pair, untwisted pair, coaxial and so on. Learn more about cable types here .
Signal type. Baseband is a single bit stream at a time, like a railway track - one-way only. Broadband consists of multiple bit streams at the same time, like a bi-directional highway.
Signal transmission method (may be wired or cable-free). Options include electrical (Ethernet), light (optical networks, fiber optics), radio waves (802.11 WiFi, a/b/g/n/ac/ax variants or Bluetooth). If cable-free, then also consider frequency: 2.5 GHz vs. 5 GHz. If it’s cabled, consider voltage. If cabled and Ethernet, also consider networking standards like 100BASE-T and related standards.

The data unit on Layer 1 is the bit.

A bit the smallest unit of transmittable digital information. Bits are binary, so either a 0 or a 1. Bytes, consisting of 8 bits, are used to represent single characters, like a letter, numeral, or symbol.

Bits are sent to and from hardware devices in accordance with the supported data rate (transmission rate, in number of bits per second or millisecond) and are synchronized so the number of bits sent and received per unit of time remains consistent (this is called bit synchronization). The way bits are transmitted depends on the signal transmission method.

Nodes can send, receive, or send and receive bits. If they can only do one, then the node uses a simplex mode. If they can do both, then the node uses a duplex mode. If a node can send and receive at the same time, it’s full-duplex – if not, it’s just half-duplex.

The original Ethernet was half-duplex. Full-duplex Ethernet is an option now, given the right equipment.

How to Troubleshoot OSI Layer 1 Problems

Here are some Layer 1 problems to watch out for:

Defunct cables, for example damaged wires or broken connectors
Broken hardware network devices, for example damaged circuits
Stuff being unplugged (...we’ve all been there)

If there are issues in Layer 1, anything beyond Layer 1 will not function properly.

Layer 1 contains the infrastructure that makes communication on networks possible.

It defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating physical links between network devices. - Source

Fun fact: deep-sea communications cables transmit data around the world. This map will blow your mind: https://www.submarinecablemap.com/

And because you made it this far, here’s a koala:

OSI Layer 2

Layer 2 is the data link layer . Layer 2 defines how data is formatted for transmission, how much data can flow between nodes, for how long, and what to do when errors are detected in this flow.

In more official tech terms:

Line discipline. Who should talk for how long? How long should nodes be able to transit information for?
Flow control. How much data should be transmitted?
Error control - detection and correction . All data transmission methods have potential for errors, from electrical spikes to dirty connectors. Once Layer 2 technologies tell network administrators about an issue on Layer 2 or Layer 1, the system administrator can correct for those errors on subsequent layers. Layer 2 is mostly concerned with error detection, not error correction. ( Source )

There are two distinct sublayers within Layer 2:

Media Access Control (MAC): the MAC sublayer handles the assignment of a hardware identification number, called a MAC address, that uniquely identifies each device on a network. No two devices should have the same MAC address. The MAC address is assigned at the point of manufacturing. It is automatically recognized by most networks. MAC addresses live on Network Interface Cards (NICs). Switches keep track of all MAC addresses on a network. Learn more about MAC addresses on PC Mag and in this article . Learn more about network switches here .
Logical Link Control (LLC): the LLC sublayer handles framing addressing and flow control. The speed depends on the link between nodes, for example Ethernet or Wifi.

The data unit on Layer 2 is a frame .

Each frame contains a frame header, body, and a frame trailer:

Header: typically includes MAC addresses for the source and destination nodes.
Body: consists of the bits being transmitted.
Trailer: includes error detection information. When errors are detected, and depending on the implementation or configuration of a network or protocol, frames may be discarded or the error may be reported up to higher layers for further error correction. Examples of error detection mechanisms: Cyclic Redundancy Check (CRC) and Frame Check Sequence (FCS). Learn more about error detection techniques here .

Example of frames, the network layer, and the physical layer

Typically there is a maximum frame size limit, called an Maximum Transmission Unit, MTU. Jumbo frames exceed the standard MTU, learn more about jumbo frames here .

How to Troubleshoot OSI Layer 2 Problems

Here are some Layer 2 problems to watch out for:

All the problems that can occur on Layer 1
Unsuccessful connections (sessions) between two nodes
Sessions that are successfully established but intermittently fail
Frame collisions

The Data Link Layer allows nodes to communicate with each other within a local area network. The foundations of line discipline, flow control, and error control are established in this layer.

OSI Layer 3

Layer 3 is the network layer . This is where we send information between and across networks through the use of routers. Instead of just node-to-node communication, we can now do network-to-network communication.

Routers are the workhorse of Layer 3 - we couldn’t have Layer 3 without them. They move data packets across multiple networks.

Not only do they connect to Internet Service Providers (ISPs) to provide access to the Internet, they also keep track of what’s on its network (remember that switches keep track of all MAC addresses on a network), what other networks it’s connected to, and the different paths for routing data packets across these networks.

Routers store all of this addressing and routing information in routing tables.

Here’s a simple example of a routing table:

A routing table showing the destination, subnet mask, and interface

The data unit on Layer 3 is the data packet . Typically, each data packet contains a frame plus an IP address information wrapper. In other words, frames are encapsulated by Layer 3 addressing information.

The data being transmitted in a packet is also sometimes called the payload . While each packet has everything it needs to get to its destination, whether or not it makes it there is another story.

Layer 3 transmissions are connectionless, or best effort - they don't do anything but send the traffic where it’s supposed to go. More on data transport protocols on Layer 4.

Once a node is connected to the Internet, it is assigned an Internet Protocol (IP) address, which looks either like 172.16. 254.1 (IPv4 address convention) or like 2001:0db8:85a3:0000:0000:8a2e:0370:7334 (IPv6 address convention). Routers use IP addresses in their routing tables.

IP addresses are associated with the physical node’s MAC address via the Address Resolution Protocol (ARP), which resolves MAC addresses with the node’s corresponding IP address.

ARP is conventionally considered part of Layer 2, but since IP addresses don’t exist until Layer 3, it’s also part of Layer 3.

How to Troubleshoot OSI Layer 3 Problems

Here are some Layer 3 problems to watch out for:

All the problems that can crop up on previous layers :)
Faulty or non-functional router or other node
IP address is incorrectly configured

Many answers to Layer 3 questions will require the use of command-line tools like ping , trace , show ip route , or show ip protocols . Learn more about troubleshooting on layer 1-3 here .

The Network Layer allows nodes to connect to the Internet and send information across different networks.

OSI Layer 4

Layer 4 is the transport layer . This where we dive into the nitty gritty specifics of the connection between two nodes and how information is transmitted between them. It builds on the functions of Layer 2 - line discipline, flow control, and error control.

This layer is also responsible for data packet segmentation, or how data packets are broken up and sent over the network.

Unlike the previous layer, Layer 4 also has an understanding of the whole message, not just the contents of each individual data packet. With this understanding, Layer 4 is able to manage network congestion by not sending all the packets at once.

The data units of Layer 4 go by a few names. For TCP, the data unit is a packet. For UDP, a packet is referred to as a datagram. I’ll just use the term data packet here for the sake of simplicity.

Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are two of the most well-known protocols in Layer 4.

TCP, a connection-oriented protocol, prioritizes data quality over speed.

TCP explicitly establishes a connection with the destination node and requires a handshake between the source and destination nodes when data is transmitted. The handshake confirms that data was received. If the destination node does not receive all of the data, TCP will ask for a retry.

TCP also ensures that packets are delivered or reassembled in the correct order. Learn more about TCP here .

UDP, a connectionless protocol, prioritizes speed over data quality. UDP does not require a handshake, which is why it’s called connectionless.

Because UDP doesn’t have to wait for this acknowledgement, it can send data at a faster rate, but not all of the data may be successfully transmitted and we’d never know.

If information is split up into multiple datagrams, unless those datagrams contain a sequence number, UDP does not ensure that packets are reassembled in the correct order. Learn more about UDP here .

TCP and UDP both send data to specific ports on a network device, which has an IP address. The combination of the IP address and the port number is called a socket.

Learn more about sockets here .

Learn more about the differences and similarities between these two protocols here .

How to Troubleshoot OSI Layer 4 Problems

Here are some Layer 4 problems to watch out for:

Blocked ports - check your Access Control Lists (ACL) & firewalls
Quality of Service (QoS) settings. QoS is a feature of routers/switches that can prioritize traffic, and they can really muck things up. Learn more about QoS here .

The Transport Layer provides end-to-end transmission of a message by segmenting a message into multiple data packets; the layer supports connection-oriented and connectionless communication.

OSI Layer 5

Layer 5 is the session layer . This layer establishes, maintains, and terminates sessions.

A session is a mutually agreed upon connection that is established between two network applications. Not two nodes! Nope, we’ve moved on from nodes. They were so Layer 4.

Just kidding, we still have nodes, but Layer 5 doesn’t need to retain the concept of a node because that’s been abstracted out (taken care of) by previous layers.

So a session is a connection that is established between two specific end-user applications. There are two important concepts to consider here:

Client and server model: the application requesting the information is called the client, and the application that has the requested information is called the server.
Request and response model: while a session is being established and during a session, there is a constant back-and-forth of requests for information and responses containing that information or “hey, I don’t have what you’re requesting.”

Sessions may be open for a very short amount of time or a long amount of time. They may fail sometimes, too.

Depending on the protocol in question, various failure resolution processes may kick in. Depending on the applications/protocols/hardware in use, sessions may support simplex, half-duplex, or full-duplex modes.

Examples of protocols on Layer 5 include Network Basic Input Output System (NetBIOS) and Remote Procedure Call Protocol (RPC), and many others.

From here on out (layer 5 and up), networks are focused on ways of making connections to end-user applications and displaying data to the user.

How to Troubleshoot OSI Layer 5 Problems

Here are some Layer 5 problems to watch out for:

Servers are unavailable
Servers are incorrectly configured, for example Apache or PHP configs
Session failure - disconnect, timeout, and so on.

The Session Layer initiates, maintains, and terminates connections between two end-user applications. It responds to requests from the presentation layer and issues requests to the transport layer.

OSI Layer 6

Layer 6 is the presentation layer . This layer is responsible for data formatting, such as character encoding and conversions, and data encryption.

The operating system that hosts the end-user application is typically involved in Layer 6 processes. This functionality is not always implemented in a network protocol.

Layer 6 makes sure that end-user applications operating on Layer 7 can successfully consume data and, of course, eventually display it.

There are three data formatting methods to be aware of:

American Standard Code for Information Interchange (ASCII): this 7-bit encoding technique is the most widely used standard for character encoding. One superset is ISO-8859-1, which provides most of the characters necessary for languages spoken in Western Europe.
Extended Binary-Coded Decimal Interchange Code (EBDCIC): designed by IBM for mainframe usage. This encoding is incompatible with other character encoding methods.
Unicode: character encodings can be done with 32-, 16-, or 8-bit characters and attempts to accommodate every known, written alphabet.

Learn more about character encoding methods in this article , and also here .

Encryption: SSL or TLS encryption protocols live on Layer 6. These encryption protocols help ensure that transmitted data is less vulnerable to malicious actors by providing authentication and data encryption for nodes operating on a network. TLS is the successor to SSL.

How to Troubleshoot OSI Layer 6 Problems

Here are some Layer 6 problems to watch out for:

Non-existent or corrupted drivers
Incorrect OS user access level

The Presentation Layer formats and encrypts data.

OSI Layer 7

Layer 7 is the application layer .

True to its name, this is the layer that is ultimately responsible for supporting services used by end-user applications. Applications include software programs that are installed on the operating system, like Internet browsers (for example, Firefox) or word processing programs (for example, Microsoft Word).

Applications can perform specialized network functions under the hood and require specialized services that fall under the umbrella of Layer 7.

Electronic mail programs, for example, are specifically created to run over a network and utilize networking functionality, such as email protocols, which fall under Layer 7.

Applications will also control end-user interaction, such as security checks (for example, MFA), identification of two participants, initiation of an exchange of information, and so on.

Protocols that operate on this level include File Transfer Protocol (FTP), Secure Shell (SSH), Simple Mail Transfer Protocol (SMTP), Internet Message Access Protocol (IMAP), Domain Name Service (DNS), and Hypertext Transfer Protocol (HTTP).

While each of these protocols serve different functions and operate differently, on a high level they all facilitate the communication of information. ( Source )

How to Troubleshoot OSI Layer 7 Problems

Here are some Layer 7 problems to watch out for:

All issues on previous layers
Incorrectly configured software applications
User error (... we’ve all been there)

The Application Layer owns the services and functions that end-user applications need to work. It does not include the applications themselves.

Our Layer 1 koala is all grown up.

Learning check - can you apply makeup to a koala?

Don’t have a koala?

Well - answer these questions instead. It’s the next best thing, I promise.

What is the OSI model?
What are each of the layers?
How could I use this information to troubleshoot networking issues?

Congratulations - you’ve taken one step farther to understanding the glorious entity we call the Internet.

Learning Resources

Many, very smart people have written entire books about the OSI model or entire books about specific layers. I encourage readers to check out any O’Reilly-published books about the subject or about network engineering in general.

Here are some resources I used when writing this article:

The Illustrated Network, 2nd Edition
Protocol Data Unit (PDU): https://www.geeksforgeeks.org/difference-between-segments-packets-and-frames/
Troubleshooting Along the OSI Model: https://www.pearsonitcertification.com/articles/article.aspx?p=1730891
The OSI Model Demystified: https://www.youtube.com/watch?v=HEEnLZV2wGI
OSI Model for Dummies: https://www.dummies.com/programming/networking/layers-in-the-osi-model-of-a-computer-network/

Chloe Tucker is an artist and computer science enthusiast based in Portland, Oregon. As a former educator, she's continuously searching for the intersection of learning and teaching, or technology and art. Reach out to her on Twitter @_chloetucker and check out her website at chloe.dev .

How-To Geek

The 7 osi networking layers explained.

Your changes have been saved

Email is sent

Email has already been sent

Please verify your email address.

You’ve reached your account maximum for followed topics.

Microsoft Is About to Kill Paint 3D

How to organize your life using the project management app trello, you can build a simple to-do list app in python, here's how, quick links.

Physical Layer
Data Link Layer
Network Layer
Transport Layer
Session Layer
Presentation Layer
Application Layer

The Open Systems Interconnection (OSI) networking model defines a conceptual framework for communications between computer systems. The model is an ISO standard which identifies seven fundamental networking layers, from the physical hardware up to high-level software applications.

Each layer in the model handles a specific networking function. The standard helps administrators to visualize networks, isolate problems, and understand the use cases for new technologies. Many network equipment vendors advertise the OSI layer that their products are designed to slot into.

OSI was adopted as an international standard in 1984. It remains relevant today despite the changes to network implementation that have occurred since first publication. Cloud, edge, and IoT can all be accommodated within the model.

Diagram showing the 7 OSI networking layers

In this article, we'll explain each of the seven OSI layers in turn. We'll start from the lowest level, labelled as Layer 1.

1. Physical Layer

All networking begins with physical equipment. This layer encapsulates the hardware involved in the communications, such as switches and cables. Data is transferred as a stream of binary digits - 0 or 1 - that the hardware prepares from input it's been fed. The physical layer specifies the electrical signals that are used to encode the data over the wire, such as a 5-volt pulse to indicate a binary "1."

Errors in the physical layer tend to result in data not being transferred at all. There could be a break in the connection due to a missing plug or incorrect power supply. Problems can also arise when two components disagree on the physical encoding of data values. In the case of wireless connections, a weak signal can lead to bit loss during transmission.

2. Data Link Layer

The model's second layer concerns communication between two devices that are directly connected to each other in the same network. It's responsible for establishing a link that allows data to be exchanged using an agreed protocol. Many network switches operate at Layer 2.

The data link layer will eventually pass bits to the physical layer. As it sits above the hardware, the data link layer can perform basic error detection and correction in response to physical transfer issues. There are two sub-layers that define these responsibilities: Logical Link Control (LLC) that handles frame synchronization and error detection, and Media Access Control (MAC) which uses MAC addresses to constrain how devices acquire permission to transfer data.

3. Network Layer

The network layer is the first level to support data transfer between two separately maintained networks. It's redundant in situations where all your devices exist on the same network.

Data that comes to the network layer from higher levels is first broken up into packets suitable for transmission. Packets received from the remote network in response are reassembled into usable data.

The network layer is where several important protocols are first encountered. These include IP (for determining the path to a destination), ICMP, routing, and virtual LAN. Together these mechanisms facilitate inter-network communications with a familiar degree of usability. However operations at this level aren't necessarily reliable: messages aren't required to succeed and may not necessarily be retried.

4. Transport Layer

The transport layer provides higher-level abstractions for coordinating data transfers between devices. Transport controllers determine where data will be sent and the rate it should be transferred at.

Layer 4 is where TCP and UDP are implemented, providing the port numbers that allow devices to expose multiple communication channels. Load balancing is often situated at Layer 4 as a result, allowing traffic to be routed between ports on a target device.

Transport mechanisms are expected to guarantee successful communication. Stringent error controls are applied to recover from packet loss and retry failed transfers. Flow control is enforced so the sender doesn't overwhelm the remote device by sending data more quickly than the available bandwidth permits.

5. Session Layer

Layer 5 creates ongoing communication sessions between two devices. Sessions are used to negotiate new connections, agree on their duration, and gracefully close down the connection once the data exchange is complete. This layer ensures that sessions remain open long enough to transfer all the data that's being sent.

Checkpoint control is another responsibility that's held by Layer 5. Sessions can define checkpoints to facilitate progress updates and resumable transmissions. A new checkpoint could be set every few megabytes for a file upload, allowing the sender to continue from a particular point if the transfer gets interrupted.

Many significant protocols operate at Layer 5 including authentication and logon technologies such as LDAP and NetBIOS. These establish semi-permanent communication channels for managing an end user session on a specific device.

6. Presentation Layer

The presentation layer handles preparation of data for the application layer that comes next in the model. After data has made it up from the hardware, through the data link, and across the transport, it's almost ready to be consumed by high-level components. The presentation layer completes the process by performing any formatting tasks that may be required.

Decryption, decoding, and decompression are three common operations found at this level. The presentation layer processes received data into formats that can be eventually utilized by a client application. Similarly, outward-bound data is reformatted into compressed and encrypted structures that are suitable for network transmission.

TLS is one major technology that's part of the presentation layer. Certificate verification and data decryption is handled before requests reach the network client, allowing information to be consumed with confidence that it's authentic.

7. Application Layer

The application layer is the top of the stack. It represents the functionality that's perceived by network end users. Applications in the OSI model provide a convenient end-to-end interface to facilitate complete data transfers, without making you think about hardware, data links, sessions, and compression.

Despite its name, this layer doesn't relate to client-side software such as your web browser or email client. An application in OSI terms is a protocol that caters for the complete communication of complex data through layers 1-6.

HTTP, FTP, DHCP, DNS, and SSH all exist at the application layer. These are high-level mechanisms which permit direct transfers of user data between an origin device and a remote server. You only need minimal knowledge of the workings of the other layers.

The seven OSI layers describe the transfer of data through computer networks. Understanding the functions and responsibilities of each layer can help you identify the source of problems and assess the intended use case for new components.

OSI is an abstract model that doesn't directly map to the specific networking implementations commonly used today. As an example, the TCP/IP protocol works on its own simpler system of four layers: Network Access, Internet, Transport, and Application. These abstract and absorb the equivalent OSI layers: the application layer spans OSI L5 to L7, while L1 and L2 are combined in TCP/IP's concept of Network Access.

OSI remains applicable despite its lack of direct real-world application. It's been around so long that it's widely understood among administrators from all backgrounds. Its relatively high level of abstraction has also ensured it's remained relevant in the face of new networking paradigms, many of which have targeted Layer 3 and above. An awareness of the seven layers and their responsibilities can still help you appreciate the flow of data through a network while uncovering integration opportunities for new components.

Artificial Intelligence
Generative AI
Cloud Computing
CPUs and Processors
Data Center
Edge Computing
Enterprise Storage
Virtualization
Enterprise Buyer’s Guides
Internet of Things
Network Management Software
Network Security
United States
Newsletters
Foundry Careers
Terms of Service
Privacy Policy
Cookie Policy
Copyright Notice
Member Preferences
About AdChoices
E-commerce Links
Your California Privacy Rights

Our Network

Computerworld

What is the OSI model? How to explain and remember its 7 layers

A tutorial on the open systems interconnection (osi) networking reference model plus tips on how to memorize the seven layers..

AI image 7 layers of OSI model telecommunications network

The Open Systems Interconnect (OSI) model is a conceptual framework that describes networking or telecommunications systems as seven layers, each with its own function.

The layers help network pros visualize what is going on within their networks and can help network managers narrow down problems (is it a physical issue or something with the application?), as well as computer programmers (when developing an application, which other layers does it need to work with?). Tech vendors selling new products will often refer to the OSI model to help customers understand which layer their products work with or whether it works “across the stack”.

The 7 layers of the OSI model

The layers (from bottom to top) are: Physical, Data Link, Network, Transport, Session, Presentation, and Application.

It wasn’t always this way. Conceived in the 1970s when computer networking was taking off, two separate models were merged in 1983 and published in 1984 to create the OSI model that most people are familiar with today. Most descriptions of the OSI model go from top to bottom, with the numbers going from Layer 7 down to Layer 1.

The layers, and what they represent, are as follows:

Layer 7: Application

The Application Layer in the OSI model is the layer that is the “closest to the end user”. It receives information directly from users and displays incoming data to the user. Oddly enough, applications themselves do not reside at the application layer. Instead the layer facilitates communication through lower layers in order to establish connections with applications at the other end. Web browsers (Google Chrome, Firefox, Safari, etc.) TelNet, and FTP, are examples of communications that rely on Layer 7.

Layer 6: Presentation

The Presentation Layer represents the area that is independent of data representation at the application layer. In general, it represents the preparation or translation of application format to network format, or from network formatting to application format. In other words, the layer “presents” data for the application or the network. A good example of this is encryption and decryption of data for secure transmission; this happens at Layer 6.

Layer 5: Session

When two computers or other networked devices need to speak with one another, a session needs to be created, and this is done at the Session Layer . Functions at this layer involve setup, coordination (how long should a system wait for a response, for example) and termination between the applications at each end of the session.

Layer 4: Transport

The Transport Layer deals with the coordination of the data transfer between end systems and hosts. How much data to send, at what rate, where it goes, etc. The best known example of the Transport Layer is the Transmission Control Protocol (TCP), which is built on top of the Internet Protocol (IP), commonly known as TCP/IP. TCP and UDP port numbers work at Layer 4, while IP addresses work at Layer 3, the Network Layer.

Layer 3: Network

Here at the Network Layer is where you’ll find most of the router functionality that most networking professionals care about and love. In its most basic sense, this layer is responsible for packet forwarding, including routing through different routers . You might know that your Boston computer wants to connect to a server in California, but there are millions of different paths to take. Routers at this layer help do this efficiently.

Layer 2: Data Link

The Data Link Layer provides node-to-node data transfer (between two directly connected nodes), and also handles error correction from the physical layer. Two sublayers exist here as well–the Media Access Control (MAC) layer and the Logical Link Control (LLC) layer. In the networking world, most switches operate at Layer 2. But it’s not that simple. Some switches also operate at Layer 3 in order to support virtual LANs that may span more than one switch subnet, which requires routing capabilities.

Layer 1: Physical

At the bottom of our OSI model we have the Physical Layer, which represents the electrical and physical representation of the system. This can include everything from the cable type, radio frequency link (as in a Wi-Fi network), as well as the layout of pins, voltages, and other physical requirements. When a networking problem occurs, many networking pros go right to the physical layer to check that all of the cables are properly connected and that the power plug hasn’t been pulled from the router, switch or computer, for example.

Why you need to know the 7 OSI layers

Most people in IT will likely need to know about the different layers when they’re going for their certifications, much like a civics student needs to learn about the three branches of the US government. After that, you hear about the OSI model when vendors are making pitches about which layers their products work with.

In a Quora post asking about the purpose of the OSI model, Vikram Kumar answered this way: “The purpose of the OSI reference model is to guide vendors and developers so the digital communication products and software programs they create will interoperate, and to facilitate clear comparisons among communications tools.”

While some people may argue that the OSI model is obsolete (due to its conceptual nature) and less important than the four layers of the TCP/IP model, Kumar says that “it is difficult to read about networking technology today without seeing references to the OSI model and its layers, because the model’s structure helps to frame discussions of protocols and contrast various technologies.”

If you can understand the OSI model and its layers, you can also then understand which protocols and devices can interoperate with each other when new technologies are developed and explained.

The OSI model remains relevant

In a post on GeeksforGeeks, contributor Vabhav Bilotia argues several reasons why the OSI model remains relevant, especially when it comes to security and determining where technical risks and vulnerabilities may exist.

For example, by understanding the different layers, enterprise security teams can identify and classify physical access, where the data is sitting, and provide an inventory of the applications that employees use to access data and resources.

“Knowing where the majority of your company’s data is held, whether on-premises or in cloud services, will help define your information security policy,” writes Bilotia. “You can invest in the correct solutions that provide you data visibility within the proper OSI layers once you have this knowledge.”

In addition, the OSI model can be used to understand cloud infrastructure migrations, particularly when it comes to securing data within the cloud.

And because the model has been around for so long and understood by so many, the uniform vocabulary and terms helps networking professionals understand quickly about the components of the networking system “While this paradigm is not directly implemented in today’s TCP/IP networks, it is a useful conceptual model for relating multiple technologies to one another and implementing the appropriate technology in the appropriate way,” Bilotia writes. We couldn’t agree more.

How to remember the OSI Model 7 layers: 8 mnemonic tricks

If you need to memorize the layers for a college or certification test, here are a few sentences to help remember them in order. The first letter of each word is the same as the first letter an OSI layer.

From Application to Physical (Layer 7 to Layer 1):

All People Seem To Need Data Processing
All Pros Search Top Notch Donut Places
A Penguin Said That Nobody Drinks Pepsi
A Priest Saw Two Nuns Doing Pushups

From Physical to Application (Layer 1 to Layer 7):

Please Do Not Throw Sausage Pizza Away
Pew! Dead Ninja Turtles Smell Particularly Awful
People Don’t Need To See Paula Abdul
Pete Doesn’t Need To Sell Pickles Anymore

More from this author

Bgp: what is border gateway protocol, and how does it work, what is a virtual machine, and why are they so useful, what is a network switch and how does it work, what is zero trust network access, what is sd-wan, and what does it mean for networking, security, cloud, what is a network router, what is beamforming and how does it make wireless better, colleges expand vpn capacity, conferencing to answer covid-19, most popular authors.

the session presentation and application layers are the support layers

Show me more

Talent gap threatens us semiconductor industry.

What enterprises say the CrowdStrike outage really teaches

NIST finally settles on quantum-safe crypto standards

Has the hype around ‘Internet of Things’ paid off? | Ep. 145

Episode 1: Understanding Cisco’s Converged SDN Transport

Episode 2: Pluggable Optics and the Internet for the Future

How to see how many days passed since the beginning of the Linux epoch

How to use the pv command

How to use the stat command

What is the OSI Model?

Explanation, layers, and data flows in the Open Systems Interconnection model.

OSI Model Explained

The Open Systems Interconnection (OSI) model is a framework that describes the functions of a networking system. The OSI model categorizes the computing functions of the different network components, outlining the rules and requirement needed to support the interoperability of the software and hardware that make up the network.

In addition to understanding what the OSI model is, note that the OSI model layers are particularly helpful when visualizing the flow of data from the sender to the receiver. The descriptions of the various levels, as well as their interdependency, make it easier to pinpoint networking issues. Also, programmers can use the OSI model to better understand how data gets to and from their applications or to write code specific for use at certain levels.

In the following sections, you will see the OSI model explained.

Global Threat Landscape Report 2H 2023

FortiGuard Labs Global Threat Landscape Report 2H 2023 shows Cybercriminals Exploiting New Industry Vulnerabilities 43% Faster than 1H 2023.

What Are the 7 Layers of the OSI Model?

There are seven abstraction layers that make up the OSI model. Communication from one person to another goes from Layer 7 to Layer 1. Each layer performs a specific job before it sends the data on to the next layer.

Layer 7 - Application layer

The application layer is the closest to the end-user. It initiates communication between the user and the applications they personally interact with. At this layer, data is translated from the syntax it was converted to into something the user can read.

Examples of Layer 7 applications include a web browser like Chrome, Safari, or Firefox, or an email application. Layer 7 can also identify communication partners, check to see which resources are available, and make sure communication is properly synced.

Layer 6 - Presentation layer

The presentation layer takes care of getting data ready for the application layer. The two devices that are communicating may use different methods of encoding their data. Layer 6 therefore turns the incoming data into something that can be read at the application layer. This includes encrypting and decrypting data.

The presentation layer also compresses data that comes from the application layer before it sends it on to Layer 5, the session layer.

Layer 5 - Session layer

The session layer handles opening and closing network communications between two interacting devices. The “session” refers to the time between the opening and closing of the interaction. The session layer makes sure the session is open for a long enough period of time for all the necessary data to be sent through. The session layer then closes the session to prevent expending unnecessary resources.

Also, it synchronizes the data transfer. If a large amount of data is being sent, the session layer can set up checkpoints. If the transmission gets interrupted before all the data is downloaded, the checkpoints allow the transmission to be resumed without it starting all over again.

Layer 4 - Transport layer

The transport layer handles end-to-end communication between the devices interacting with each other. The management of the communication involves taking the data in the session layer and dividing it into pieces referred to as segments. The transport layer on the device receiving the communication handles the reassembly of the segments into data that is consumable by the session layer.

Also, the transport layer takes care of managing the flow and any necessary error messages that need to be sent in the event something goes wrong. To manage data flow, the transport layer makes sure it is not being sent so quickly that the receiver’s device cannot handle it. To control errors, the transport layer checks to see if the data transmitted was done so completely. If it is not, this layer will request a retransmission.

Layer 4 is where Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) port numbers work. Internet Protocol (IP) addresses operate at Layer 3, the network layer. TCP, UDP, and IP are protocols that facilitate how data is sent and received.

Layer 3 - Network layer

The network layer facilitates the transfer of data when two networks are communicating with each other. If two communicating devices are using the same network, then there is no need for the network layer. The network layer divides the segments that come from the transport layer. These are referred to as packets. The division of the segments into packets happens on the sender’s device, and they are reassembled on the receiving device.

The network layer also functions as an efficiency tool. It figures out the optimal physical path needed to get the data to its destination. This function is called “routing.”

Layer 2 - Data link layer

The data link layer is like the network layer, except that the data link layer facilitates data transfer between two devices using the same network. In the data link layer, packets are broken into pieces referred to as frames. Similar to the network layer, the data link layer handles flow and error control. The transport layer is different in that it only manages the flow of data and errors when two networks are communicating with each other.

Within the data link layer, you have two sublayers, the media access control (MAC) and logical link control (LLC) layers. The majority of switches perform their duties at Layer 2. In some cases, switches work at Layer 3 because they are facilitating communication between two networks or virtual local-area networks (VLANs). This has to happen at Layer 3 because, in these situations, the data needs to be routed, which is a Layer 3 task.

Layer 1 - Physical layer

The physical layer involves the physical equipment that transfers data, like switches and cables. In this layer, the data is converted into strings of 1s and 0s. In the physical layer, the devices have to agree on a method of distinguishing the 1s from the 0s, which enables the digital data to be properly interpreted by each device.

The physical layer includes a variety of components, such as cables, the radio frequency used to transmit data, Wi-Fi, and the other physical structures for transmitting data, such as pins, necessary voltages, and types of ports.

How Data Flows through OSI Model Layers

Each of the seven OSI model layers communicates with layers below and above it. For example, the application layer interacts with software applications, while the presentation layer provides encryption and data compression. Likewise, the session layer creates communications between devices. The transport layer breaks data into chunks (called segments) to send them, then the receiving device reassembles the segments before the network layer breaks them into smaller packets to send to other networks. The data link layer facilitates data transfer between devices on the same network, and, finally, the physical layer transfers data in machine language (ones and zeros).

Frequently Asked Questions about OSI Model

What is osi model, why do we use the osi model.

OSI model layers are particularly helpful when visualizing the flow of data from the sender to the receiver. The descriptions of the various levels, as well as their interdependency, make it easier to pinpoint networking issues.

What are 7 layers of the OSI model?

Cybersecurity resources.

Cybersecurity
Types of Cyber Attacks
IT vs OT Cybersecurity
AI Cybersecurity
Cyber Threat Intelligence
Cybersecurity Management
Network Security
Data Security
Email Security
Endpoint Security
Web Security
Enterprise Security
Cybersecurity Mesh

Quick Links

Fortinet Products
Fortinet Demos
Analyst Reports

The OSI (Open Systems Interconnection) Model

1. the osi (open systems interconnection) model.

Definition: The OSI model defines internetworking in terms of a vertical stack of seven layers. The upper layers of the OSI model represent software that implements network services like encryption and connection management. The lower layers of the OSI model implement more primitive, hardware-oriented functions like routing, addressing, and flow control.

The OSI model was introduced in 1984. Although it was designed to be an abstract model, the OSI model remains a practical framework for today's key network technologies like Ethernet and protocols like IP.

The OSI model should be used as a guide for how data is transmitted over the network. It is an abstract representation of the data pathway and should be treated as such.

The OSI model was specifically made for connecting open systems. These systems are designed to be open for communication with almost any other system. The model was made to break down each functional layer so that overall design complexity could be lessened. The model was constructed with seven layers for the flow of information. These are:

Application Layer
Presentation layer
Session layer
Transport layer
Network layer
Data link layer
Physical layer

1.1 Application layer

Provides a means for the user to access information on the network through an application. This layer is the main interface for the user to interact with the application and therefore the network.

The application layer is the OSI layer closest to the end user, which means that both the OSI application layer and the user interact directly with the software application. This layer interacts with software applications that implement a communicating component. Such application programs fall outside the scope of the OSI model. Application layer functions typically include identifying communication partners, determining resource availability, and synchronizing communication. When identifying communication partners, the application layer determines the identity and availability of communication partners for an application with data to transmit. When determining resource availability, the application layer must decide whether sufficient network resources for the requested communication exist. In synchronizing communication, all communication between applications requires cooperation that is managed by the application layer.

Some examples of application layer implementations include Telnet, File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).

1.2 Presentation layer

Manages the presentation of the information in an ordered and meaningful manner. This layer's primary function is the syntax and semantics of the data transmission. It converts local host computer data representations into a standard network format for transmission on the network. On the receiving side, it changes the network format into the appropriate host computer's format so that data can be utilized independent of the host computer. ASCII and EBCDIC conversions, cryptography, and the like are handled here.

The presentation layer provides a variety of coding and conversion functions that are applied to application layer data. These functions ensure that information sent from the application layer of one system would be readable by the application layer of another system. Some examples of presentation layer coding and conversion schemes include common data representation formats, conversion of character representation formats, common data compression schemes, and common data encryption schemes.

Common data representation formats, or the use of standard image, sound, and video formats, enable the interchange of application data between different types of computer systems. Using different text and data representations, such as EBCDIC and ASCII, uses conversion schemes to exchange information with systems. Standard data compression schemes enable data that is compressed. or encrypted at the source device to be properly decompressed, or deciphered at the destination.

Presentation layer implementations are not typically associated with a particular protocol stack. Some well-known standards for video include QuickTime and Motion Picture Experts Group (MPEG). QuickTime is an Apple Computer specification for video and audio, and MPEG is a standard for video compression and coding.

Among the well-known graphic image formats are Graphics Interchange Format (GIF), Joint Photographic Experts Group (JPEG), and Tagged Image File Format (TIFF). GIF is a standard for compressing and coding graphic images. JPEG is another compression and coding standard for graphic images, and TIFF is a standard coding format for graphic images.

1.3 Session layer

Coordinates dialogue/session/connection between devices over the network. This layer manages communications between connected sessions. Examples of this layer are token management (the session layer manages who has the token) and network time synchronization.

The session layer establishes, manages, and terminates communication sessions. Communication sessions consist of service requests and service responses that occur between applications located in different network devices. These requests and responses are coordinated by protocols implemented at the session layer. Some examples of session-layer implementations include Zone Information Protocol (ZIP), the AppleTalk protocol that coordinates the name binding process; and Session Control Protocol (SCP), the Decent Phase IV session layer protocol.

1.4 Transport layer

Responsible for reliable transmission of data and service specification between hosts. The major responsibility of this layer is data integrity--that data transmitted between hosts is reliable and timely. Upper layer data grams are broken down into network-sized data grams if needed and then implemented using appropriate transmission control. The transport layer creates one or more than one network connection, depending on conditions. This layer also handles what type of connection will be created. Two major transport protocols are the TCP (Transmission Control Protocol) and the UDP (User Data gram Protocol).

Important features of Transport layer:

Transport layer ensures reliable service.
Breaks the message (from sessions layer) into smaller packets, assigns sequence number and sends them.
Reliable transport connections are built on top of X.25 or IP.
In case IP, lost packets arriving out of order must be reordered.

Important features of TCP/UDP:

TCP/IP Widely used for network/transport layer (UNIX).
TCP (Transport Control Protocol): This is a connection oriented protocol.
UDP (Universal Data gram Protocol): This is a connectionless transport layer protocol.
Application programs that do not need connection-oriented protocol generally use UDP.

1.5 Network layer

Responsible for the routing of data (packets) through the network; handles the addressing and delivery of data. This layer provides for congestion control, accounting information for the network, routing, addressing, and several other functions. IP (Internet Protocol) is a good example of a network layer protocol. Network layer does not deal with lost messages.

Important features of Network layer protocols:

Concerned with the transmission of packets.
Choose the best path to send a packet (routing).
The routing may be complex in a large network (e.g. Internet).
Routing packets through a network may be accomplished by using simple static routes or by using complex dynamic routing algorithms.

1.6 Data link layer

Provides for the reliable delivery of data across a physical network. This layer deals with issues such as flow regulation, error detection and control, and frames. This layer has the important task of creating and managing what frames are sent out on the network. The network data frame, or packet, is made up of checksum, source address, destination address, and the data itself. The largest packet size that can be sent defines the maximum transmission Unit (MTU).

Important features of Data link layer:

Handles errors in the physical layer.
Groups bits into frames and ensures their correct delivery.
Adds some bits at the beginning and end of each frame plus the checksum.
Receiver verifies the checksum.
If the checksum is not correct, it asks for retransmission. (Send a control message).
Consists of two sub layers:

Logical Link Control (LLC) defines how data is transferred over the cable and provides data link service to the higher layers.

Medium Access Control (MAC) defines who can use the network when multiple computers are trying to access it simultaneously (i.e. Token passing, Ethernet [CSMA/CD]).

The data link layer provides reliable transit of data across a physical network link. Different data link layer specifications define different network and protocol characteristics, including physical addressing, network topology, error notification, sequencing of frames, and flow control. Physical addressing (as opposed to network addressing) defines how devices are addressed at the data link layer. Network topology consists of the data link layer specifications that often define how devices are to be physically connected, such as in a bus or a ring topology. Error notification alerts upper-layer protocols that a transmission error has occurred, and the sequencing of data frames reorders frames that are transmitted out of sequence. Finally, flow control moderates the transmission of data so that the receiving device is not overwhelmed with more traffic than it can handle at one time.

The protocols used in Data link layer are SLIP, PPP, MTU, and CSLP.

1.7 Physical layer

Handles the bit-level electrical/light communication across the network channel. The physical layer defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between communicating network systems. Physical layer specifications define characteristics such as media, voltage levels, timing of voltage changes, physical data rates, maximum transmission distances, and physical connectors.

Basically, this layer ensures that a bit sent on one side of the Network is received correctly on the other side.

Data travels from the application layer of the sender, down through the levels, across the nodes of the network service, and up through the levels of the receiver

To keep track of the transmission, each layer "wraps" the preceding layer's data and header with its own header. A small chunk of data will be transmitted with multiple layer headers attached to it. On the receiving end, each layer strips off the header that corresponds to its respective level.

Physical layer is concerned with the following:

Physical interface characteristics like electrical, and mechanical specifications,
Number of bits of second to be transmitted,
Transmission type like duplex or half-duplex etc.

Frequently used Physical layer protocols:

Some of the important standards that deal with physical layer specifications are:

RS-232(for serial communication lines), X.21, EIA 232, and G730.

Physical layer and Data link layer implementations can be categorized as either LAN or WAN specifications.

Partner Login
Find a Partner
Become a Partner
Global Partner Program
Technology Partners
Find a Distributor
Support Login
Work With Us
Forcepoint Trust Hub

What is the OSI Model?

The OSI Model Defined

The OSI Model (Open Systems Interconnection Model) is a conceptual framework used to describe the functions of a networking system. The OSI model characterizes computing functions into a universal set of rules and requirements in order to support interoperability between different products and software. In the OSI reference model, the communications between a computing system are split into seven different abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application.

Created at a time when network computing was in its infancy, the OSI was published in 1984 by the International Organization for Standardization (ISO). Though it does not always map directly to specific systems, the OSI Model is still used today as a means to describe Network Architecture.

Protect Your Network Layers with Forcepoint Secure SD-WAN

The 7 Layers of the OSI Model
Physical Layer

The lowest layer of the OSI Model is concerned with electrically or optically transmitting raw unstructured data bits across the network from the physical layer of the sending device to the physical layer of the receiving device. It can include specifications such as voltages, pin layout, cabling, and radio frequencies. At the physical layer, one might find “physical” resources such as network hubs, cabling, repeaters, network adapters or modems.

Data Link Layer

At the data link layer, directly connected nodes are used to perform node-to-node data transfer where data is packaged into frames. The data link layer also corrects errors that may have occurred at the physical layer.

The data link layer encompasses two sub-layers of its own. The first, media access control (MAC), provides flow control and multiplexing for device transmissions over a network. The second, the logical link control (LLC), provides flow and error control over the physical medium as well as identifies line protocols.

Network Layer

The network layer is responsible for receiving frames from the data link layer, and delivering them to their intended destinations among based on the addresses contained inside the frame. The network layer finds the destination by using logical addresses, such as IP (internet protocol). At this layer, routers are a crucial component used to quite literally route information where it needs to go between networks.

Transport Layer

The transport layer manages the delivery and error checking of data packets. It regulates the size, sequencing, and ultimately the transfer of data between systems and hosts. One of the most common examples of the transport layer is TCP or the Transmission Control Protocol.

Session Layer

The session layer controls the conversations between different computers. A session or connection between machines is set up, managed, and termined at layer 5. Session layer services also include authentication and reconnections.

Presentation Layer

The presentation layer formats or translates data for the application layer based on the syntax or semantics that the application accepts. Because of this, it at times also called the syntax layer. This layer can also handle the encryption and decryption required by the application layer.

Application Layer

At this layer, both the end user and the application layer interact directly with the software application. This layer sees network services provided to end-user applications such as a web browser or Office 365. The application layer identifies communication partners, resource availability, and synchronizes communication.

eBook Four Steps to Future-Ready Network Security

Datasheet Forcepoint Next Generation Firewall (NGFW) Datasheet

Webcast Securing the Edge in Higher Education: A Fireside Chat with SUNY Plattsburgh

In This Doc:

Cyberratings: forcepoint enterprise firewall, more from cyber edu.

What is Data Security Compliance? Explained and Explored

What is Data Loss Prevention?

What is Data Privacy Compliance? Explained and Explored

Choose your language...
English (English)
Spanish (Español)
French (Français)
German (Deutsch)
Italian (Italiano)
Portuguese (Português)
Japanese (日本語)
Chinese (中文)
Korean (한국어)
Taiwan (繁體中文)
Organization Size
Hybrid Cloud
Generative AI
Zero Trust & Least Privilege
Developer Security & Operations
IoT Security Solutions
Anti-Ransomware

See how use cases come to life through Check Point's customer stories.

Financial Services
Federal Government
State & Local Government
Telco Service Provider
Small & Medium Business
Infinity Platform
Secure the Network
Secure the Cloud
Secure the Workspace
Platform Overview Industry leading AI-Powered and Cloud-Delivered cyber security platform
Infinity Services Prevention-first security operation, AI Copilot, ThreatCloud AI, and 24/7 managed security services, consulting, and training
Infinity Portal Learn about and sign into Check Point's unified security management platform
Infinity Platform Agreement Predictable cyber security environments through a platform agreement
See All Products >

Introducing Quantum Force

Next Generation Firewall (NGFW) Security Gateway Industry leading AI-powered security gateways for modern enterprises
SD-WAN Software-defined wide are network to converge security with networking
Security Policy and Threat Management Manage firewall and security policy on a unified platform for on-premise and cloud networks
Internet of Things (IoT) Autonomous IoT threat prevention with zero trust profiling, virtual patching, and segmentation
Remote Access VPN Secure, seamless remote access to corporate networks
Industrial Control System Security Gateways Protect ICS, Operational Technology, and SCADA systems
Cloud Network Security Industry leading threat prevention with cloud-native firewalls
Cloud Native Application Protection Platform Cloud-native prevention-first security
Code Security Developer-centric code security
Web Application and API Security Automated application and API security
Email and Collaboration Security Email security that includes office and collaboration applications
Endpoint Security Comprehensive endpoint protection to prevent attacks and data compromise
Mobile Security Complete protection for the workforce across all mobile devices
SASE Unified security with optimized internet and network connectivity
SaaS Security Threat prevention management for SaaS
Managed Prevention & Response Service SOC operations-as-a-service with Infinity MDR/MPR
Extended Prevention & Response AI-powered, cloud-delivered security operations with Infinity XDR/XR
Secure Automation and Collaboration Automate response playbooks with Infinity Playblocks
Unified Security Events and Logs as a Service Infinity events cloud-based analysis, monitoring, and reporting
AI Powered Teammate Automated Security Admin & Incident Response with AI Copilot
ThreatCloud AI The brain behind Check Point’s premier threat prevention
Cyber Risk Assessment Assess your cyber risks and plan actionable strategy
Attack Surface & Penetration Testing Evaluate security defenses against potential cyber attacks and threats
Security Controls Gap Analysis (NIST, CIS) Analyze technology gaps and plan solutions for improved security and ROI
Threat Intelligence & Brand Reputation Analyzed data on cyber threats, aiding proactive security measures
See All Assess Services >

Infinity Global Services Find the right end-to-end cybersecurity service solutions tailored to meet your organization's specific needs.

Security Deployment & Optimization Strategic deployment and refinement of security for optimal protection
Advanced Technical Account Management Proactive service delivered by highly skilled cyber security professionals
Lifecycle Management Services Effectively maintain the lifecycle of security products and services
See All Transform Services >
Training & Certifications Comprehensive cyber security training and certification programs
CISO Training Globally recognized training for Chief Information Security Officers
Security Awareness Empower employees with cyber security skills for work and home
Cyber Park - Cyber Range Simulated gamification environment for security training
Mind Training Hub Check Point cyber security and awareness programs training hub
See All Master Services >
Incident Response Manage and mitigate security incidents with systematic response services
Managed Detection and Response 24/7 SOC Operations for Check Point + 3rd party solutions, 24/7 response
Digital Forensics Comprehensive investigation and analysis of cyber incidents and attacks
See All Respond Services >
SOC-as-a-Service Leverage SOC expertise to monitor and manage the security solutions
Network Security and NOC-as-a-Service Management of IT network and firewall infrastructure
Cloud & IT Access to managed cloud and IT technologies, expertise, and resources
Managed Firewall as a Service Simplify data center workflow orchestration and scale up on demand
See All Managed Services >
Support Programs Programs designed to help maximize security technology utilization
Check Point PRO Proactive monitoring of infrastructure program offerings
Contact Support

Our customer support team is only a click away and ready to help you 24 hours a day.

Platform Overview
Infinity Services
Infinity Portal
Infinity Platform Agreement
Next Generation Firewall (NGFW) Security Gateway
Security Policy and Threat Management
Internet of Things (IoT)
Industrial Control System Security Gateways
Remote Access VPN
Cloud Network Security
Cloud Native Application Protection Platform
Code Security
Web Application and API Security
Email and Collaboration Security
Endpoint Security
Mobile Security
SaaS Security
Managed Prevention & Response Service
Extended Prevention & Response
Secure Automation and Collaboration
Unified Security Events and Logs as a Service
AI Powered Teammate
ThreatCloud AI
Cyber Risk Assessment
Attack Surface & Penetration Testing
Security Controls Gap Analysis (NIST, CIS)
Threat Intelligence & Brand Reputation
Security Deployment & Optimization
Advanced Technical Account Management
Lifecycle Management Services
Training & Certifications
CISO Training
Security Awareness
Cyber Park - Cyber Range
Mind Training Hub
Incident Response
Managed Detection and Response
Digital Forensics
SOC-as-a-Service
Network Security and NOC-as-a-Service
Cloud & IT
Managed Firewall as a Service
Support Programs
Check Point PRO
Find a Partner
Channel Partners
Technology Partners
MSSP Partners
Azure Cloud
Partner Portal

Check Point is 100% Channel. Grow Your Business with Us!

Investor Relations
Resource Center
Customer Stories
Events & Webinars
Check Point Research
Cyber Talk for Executives
CheckMates Community

What is the OSI Model? Understanding the 7 Layers

Network stacks are complex, multi-layered systems that map application-layer data structures to bits transferred over physical media and back again. The Open Systems Interconnection (OSI) Model is a conceptual framework that provides a protocol-agnostic description of how the various layers of a network stack combine to enable network communications. The goal of the OSI model is to enable diverse communication systems to better interoperate using standard communication protocols.

Request A Demo Miercom 2024 NGFW Security Benchmark

The Importance for Network Security

The OSI model takes a complex system and breaks it into several discrete layers based upon the various tasks fulfilled by networking protocols. This abstraction makes it easier to troubleshoot issues, identify security risks, and describe network-layer attacks.

As a theoretical model, the OSI model is not necessary for modern networking protocols to operate. However, it does make it easier to identify security risks and analyze the capabilities of cybersecurity solutions, making it an invaluable tool for network security .

7 Layers of OSI Model

The OSI model is broken up into seven layers. Each layer fulfills an important role within the networking stack and communicates with other layers by exchanging protocol data units (PDUs).

The layers in the OSI model are commonly referred to by name or number (1-7). From lowest-level to highest-level they are:

#1. The Physical Layer

The physical layer is where the raw bitstream is physically transmitted over a physical medium. The Layer 1 PDU is the “symbol”. This includes translating bits to electricity, light, or radio signals and controlling the rates at which they are sent over the chosen medium.

#2. The Data Link Layer

The data link layer breaks data to be transmitted into frames for transmission at the physical layer. It also manages connections between two different nodes, including setting up the connection, identifying and correcting any bit errors that occur at the physical layer, and terminating the connection once the session is complete.

#3. The Network Layer

At the network layer, the focus expands from a point-to-point link to include many interconnected nodes within a network. Network-layer devices operate on packets and are responsible for routing traffic to its destination based on IP addresses.

#4. The Transport Layer

The transport layer is the first of four “host” layers with the rest referred to as “media” layers. The transport layer PDU is the “segment” or “datagram”. This layer manages the transmission of data between nodes, including ensuring that data arrives in the correct sequence and that any errors are corrected. The Transmission Control Protocol (TCP) operates at Layer 4

#5. The Session Layer

The session layer manages sessions between nodes and acts on the “data” PDU. Session management includes setup, authentication, termination, and reconnections.

#6. The Presentation Layer

The presentation layer is primarily responsible for translating data from network data to the formats expected by an application. For example, data encodings and encryption are managed at Layer 6.

#7. The Application Layer

The application layer includes protocols designed for end-users. For example, HTTP is a Layer 7 protocol designed to transmit data between a web server and a client.

Network Layers: OSI vs TCP/IP

The OSI model is only one networking model. Another is the TCP/IP model, which predates the OSI model and maps more closely to the protocols that implement the networking stack.

The TCP/IP model breaks the network stack into four layers:

Application Layer: This single layer maps to the Application, Presentation, and Session layers of the OSI model. Some protocols that operate at this layer include HTTP, SMTP, and DNS.
Transport Layer: This layer maps to the Transport layer of the OSI model. TCP and the User Datagram Protocol (UDP) operate at this layer.
Internet Layer: The Internet layer is equivalent to the Network Layer in the OSI model. This layer is primarily covered by the Internet Protocol (IP), but ARP, IGMP, and ICMP also operate at this layer.
Network Access Layer: This layer combines the Physical and Data Link layers from the OSI model. Ethernet, Token Ring, ATM, and Frame Relay are examples from the TCP/IP Protocol Suite that operate at this layer.

The OSI model is more theoretical, describing the various tasks that must be accomplished to enable application-layer data to be transmitted via electricity, light, or radio waves. The TCP/IP model is more practical and maps closely to actual network protocols.

Advantages of the OSI Model

OSI provides a mental model for how networking works, including describing all of the various functions that are performed to make network communications possible. This model makes it easier to troubleshoot issues with network protocols, to examine the security of networking protocols, and discuss various network-level attacks.

Check Point Solutions and the OSI Model

Network attacks can occur at varying levels of the OSI model. For example, Distributed Denial of Service (DDoS) attacks can attempt to exhaust network bandwidth (layers 3/4) or overwhelm a particular application with more requests than it can handle (layer 7).

An enterprise network security architecture should have the ability to view and analyze data at all of the “host” layers (4-7) of the OSI model. To learn more about expanding your organization’s network visibility through the OSI model, you’re welcome to request a free demo of Check Point Quantum Network Security.

Get Started

Quantum Network Security

Consolidated Security Architecture

Applied Zero Trust Security

Quantum NGFW

Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Get early access and see previews of new features.

OSI model - What's the presentation and session layer for?

So I feel I pretty well understand the application layer, and everything below (and including) the transport layer.

The session and presentation layers, though, I don't fully understand. I've read the simplistic descriptions in Wikipedia, but it doesn't have an example of why separating out those layers is useful.

What is the session layer? What does it do, and under what circumstances is it better to have a session layer than simply talk to the transport with your app?
What is the presentation layer? (same questions as above)

7 Answers 7

The session layer is meant to store states between two connections, like what we use cookies for when working with web programming.

The presentation layer is meant to convert between different formats. This was simpler when the only format that was worried about was character encoding, ie ASCII and EBCDIC. When you consider all of the different formats that we have today(Quicktime, Flash, Pdf) centralizing this layer is out of the question.

TCP/IP doesn't make any allocation to these layers, since they are really out of the scope of a networking protocol. It's up to the applications that take advantage of the stack to implement these.

The reasons there aren't any examples on wikipedia is that there aren't a whole lot of examples of the OSI network model, period.

OSI has once again created a standard nobody uses, so nobody really know how one should use it.

Layers 5-6 are not commonly used in today's web applications, so you don't hear much about them. The TCP/IP stack is slightly different than a pure OSI Model.

One of the reasons TCP/IP is used today instead of OSI is it was too bloated and theoretical, the session and presentation layer aren't really needed as separate layers as it turned out.

I think that presentation layer protocols define the format of data. This means protocols like XML or ASN.1. You could argue that video/audio codecs are part of the presentation layer Although this is probably heading towards the application layer.

I can't help you with the session layer. That has always baffled me.

To be honest, there are very vague boundaries in everything above the transport layer. This is because it is usually handled by a single software application. Also, these layers are not directly associated with transporting data from A to B. Layers 4 and below each have a very specific purpose in moving the data e.g. switching, routing, ensuring data integrity etc. This makes it easier to distinguish between these layers.

Presentation Layer The Presentation Layer represents the area that is independent of data representation at the application layer - in general, it represents the preparation or translation of application format to network format, or from network formatting to application format. In other words, the layer “presents” data for the application or the network. A good example of this is encryption and decryption of data for secure transmission - this happens at Layer 6.

Session Layer When two devices, computers or servers need to “speak” with one another, a session needs to be created, and this is done at the Session Layer. Functions at this layer involve setup, coordination (how long should a system wait for a response, for example) and termination between the applications at each end of the session.

For the presentation layer :because most of communication done between heterogeneous systems (Operating Systems,programing langages,cpu architectures)we need to use a unified idepedent specification .like ANS1 ans BRE.

Your Answer

Reminder: Answers generated by artificial intelligence tools are not allowed on Stack Overflow. Learn more

Sign up or log in

Post as a guest.

Required, but never shown

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy .

Not the answer you're looking for? Browse other questions tagged networking model stack osi or ask your own question .

The Overflow Blog
Scaling systems to manage all the metadata ABOUT the data
Navigating cities of code with Norris Numbers
Featured on Meta
We've made changes to our Terms of Service & Privacy Policy - July 2024
Bringing clarity to status tag usage on meta sites
Tag hover experiment wrap-up and next steps

Hot Network Questions

Can I continue using technology after it is patented
Reference request for a proof of the fact that every congruence-permutable variety is semidegenerate
WW2 Bombers continuing on one of 2 or 4 engines, how would that work?
Molecule that is placed on the equal sign
How can we objectively measure the similarity between two scatter plots whose coordinates are known?
Using "where" to modify people
Why does editing '/etc/shells' file using 'sudo open' show an error saying I don't own the file?
Shift right by half a trit
Suitable tool bag for vintage centre pull brake bike
In zsh, annotate each line in a file to which both stdout and stderr have been redirected with the line's source (stdout or stderr)
Rock paper scissor game in Javascript
Are the US or its European allies offering Iran anything in return for de-escalation?
I need to better understand this clause in an independent contract agreement for Waiverability:
I stopped an interview because I couldn't solve some difficult problems involving technology I haven't used in years. What could I have done instead?
Why didn't Walter White choose to work at Gray Matter instead of becoming a drug lord in Breaking Bad?
When is internal use internal (considering licenses and their obligations)?
Can this Integer Linear Programming problem be solved in polynomial time?
Decent 900 MHz radome material from a hardware store
Someone wants to pay me to be his texting buddy. How am I being scammed?
Communicate the intention to resign
Can you continue a database log restore after putting an interim restore online?
Functional derivative under a path integral sign
Why did Borland ignore the Macintosh market?
What are those bars in subway train or bus called?

Want to create or adapt books like this? Learn more about how Pressbooks supports open publishing practices.

7. The Application Layer

Chapter objectives.

7-1 Explain the role of client–server architectures at the application layer.
7-2 Analyze an HTTP header , request , and response .
7-3 Summarize the security features of the HTTPS , SSH, and TLS 1.3 protocols.
7-4 Describe the functions and major features of Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) .
7-5 Summarize the functions of the FTP , IMAP , LDAP , POP , SMTP , and SNMP protocols.

Application Architecture

As we learned earlier in this text, in the client-server architecture , a server provides services to clients that exchange information with it.

Figure 7-1: A simplified diagram of a client and web server.

Clients and servers communicate by exchanging two types of messages (as opposed to a stream of data). The messages sent by the client, such as a Web browser, are called requests and the messages sent by the server as an answer are called responses .

Various types of servers and clients are part of this ecosystem. A web server provides information in response to the query sent by its clients. A print server prints documents sent as queries by the client. When queried, an email server forwards email messages to the designated recipient, while a music server delivers the music requested to the client.

Networked applications do not exchange random messages. In order to ensure that the server is able to understand the queries sent by a client, and also that the client is able to understand the responses sent by the server, they must both agree on a set of syntactic and semantic rules. These rules define the format of the messages exchanged as well as their ordering. This set of rules at the application layer make up an application-level protocol .

An application-level protocol is similar to a structured conversation between humans. Assume that Alice wants to know the current time but does not have a watch. If Bob passes close by, the following conversation could take place:

Alice: Hello Bob: Hello Alice: What time is it ? Bob: 11:55 Alice: Thank you Bob: You’re welcome

Request messages are sent by the client to the server to ask for a service or a resource . Response messages are sent by the server to the client to provide the requested service or resource, or to indicate an error or a status . For example, in the HTTP protocol , the client sends a GET request message to the server to ask for a web page, and the server sends a response message with the web page content or an error code. A complete document is reconstructed from the different sub-documents fetched, for instance, text, layout description, images, videos, scripts, and more.

Most applications exchange strings that are composed of fixed or variable numbers of characters. A common solution to define the character strings that are acceptable is to define a grammar using a Backus-Naur Form (BNF) such as the Augmented BNF defined in RFC 5234 . A BNF is a set of production rules that generate all valid character strings, and describes the rules and formats (i.e., the syntax) for exchanging messages between applications on different hosts. BNF can help to ensure that the messages are well-formed and unambiguous, and that they can be parsed and interpreted correctly by the applications. BNF can also help to document and standardize application protocols, making them easier to understand and implement by different parties. BNF is widely used to describe the syntax of many common application protocols. We will cover a few of these in this chapter.

Application Layer Protocols

Some common application layer protocols include HTTP, DNS, DHCP, FTP, SMTP SNMP, IMAP/POP, and FTP. HTTPS, TLS, SSL, and DNSSEC are also related to application layer protocols, enabling encryption and authentication between applications on different hosts.

Hypertext Transfer Protocol (HTTP)

Hypertext Transfer Protocol (HTTP) is a text-based protocol that governs the movement of web traffic and is the foundation of any data exchange on the Web. A typical request has a method and a path , such as GET /index.html , which retrieves the landing page of a website. Responses have a response code , message , and optionally, some data .

Both requests and responses can take advantage of headers , arbitrary lines of text following the initial request or response. Because headers were designed to be open-ended, many new headers have been added over time. A modern web request/response usually has far more information in the headers than just the basics defined in HTTP 1.1 .

HTTP messages, as defined in HTTP/1.1 and earlier, are human-readable. In HTTP/2 , these messages are embedded into a binary structure, called a frame , allowing optimizations such as the compression of headers and multiplexing. Even if only part of the original HTTP message is sent in this version of HTTP, the semantics of each message is unchanged and the client reconstitutes (virtually) the original HTTP/1.1 request. Therefore, we find it useful to comprehend HTTP/2 messages in the HTTP/1.1 format.

Unencrypted HTTP traffic is sent over port 80 and is vulnerable to attack as all information is sent in cleartext .

When a client wants to communicate with a server, either the final server or an intermediate proxy, it performs the following steps:

Open a TCP connection : The TCP connection is used to send a request, or several, and receive an answer. The client may open a new connection, reuse an existing connection, or open several TCP connections to the servers.
Send an HTTP message : HTTP messages (before HTTP/2) are human-readable. With HTTP/2, we cannot read the messages directly, but the principle remains the same. For example: GET / HTTP/1.1 Host : developer.mozilla.org Accept-Language : fr
Read the response sent by the server. Here is an example. HTTP/1.1 200 OK Date : Sat, 09 Oct 2010 14:28:02 GMT Server : Apache Last-Modified : Tue, 01 Dec 2009 20:18:22 GMT ETag : "51142bc1-7449-479b075b2891b" Accept-Ranges : bytes Content-Length : 29769 Content-Type : text/html <! DOCTYPE html > … (here come the 29769 bytes of the requested web page)
Close or reuse the connection for further requests.

Below is the format of an example HTTP request :

Requests consist of the following elements:

An HTTP method , usually a verb like GET or POST , or a noun like OPTIONS or HEAD . These defines the operation the client wants to perform. Typically, a client wants to fetch a resource (using GET ) or post the value of an HTML form (using POST ), though more operations may be needed in other cases.
The path of the resource to fetch, which is the URL of the resource stripped from elements that are obvious from the context, for example, the domain (such as developer.mozilla.org), or the TCP port (such as 80).
The version of the HTTP protocol.
Optional headers that convey additional information for the servers.
A body, for some methods like POST, similar to those in responses, which contain the resource.

Below is the format of an HTTP response :

Responses consist of the following elements:

The version of the HTTP protocol they follow.
A status code , indicating if the request was successful or not, and why.
A status message , a non-authoritative short description of the status code.
HTTP headers , similar to those for requests.
Optionally, a body containing the fetched resource.

Some standard response codes are shown below.

Code	Message
200	OK
202	Accepted
400	Bad Request
401	Unauthorized
403	Forbidden
404	Not Found
500	Internal Server Error
502	Bad Gateway
503	Service Unavailable

Table 7-1: Standard HTTP error codes

Hypertext Transfer Protocol Secure (HTTPS)

Hypertext Transfer Protocol Secure (HTTPS) solves the problem of unencrypted traffic by wrapping HTTP requests in TLS , which we will cover at the end of this section. HTTPS traffic uses port 443 and is typically signified in a browser with a lock icon in the upper left-hand corner. By clicking on the icon, users can learn more about the certificates being used for communication. Utilizing a robust PKI (public key infrastructure) , HTTPS allows for safe HTTP communication between client and server.

The Domain Name System (DNS)

While RFC 819 discussed the possibility of organizing the names as a directed graph , the Internet opted for a tree structure to contain all names. In this tree, the top-level domains are those that are directly attached to the root . The set of top-level domain-names is managed by the Internet Corporation for Assigned Names and Numbers ( ICANN ), which holds ongoing discussions to increase the number of top-level domains.

Each top-level domain is managed by an organization that decides how sub-domain names can be registered. Most top-level domain names use a first-come first served (FCF S) system, and allow anyone to register domain names, but there are some exceptions. For example, .gov is reserved for the United States government, and .int is reserved for international organizations.

Watch an overview for the DNS tree structure by Barry Brown (CC-BY).

The syntax of the domain names has been defined more precisely in RFC 1035 . This document recommends the following BNF for a fully qualified domain name (the domain names themselves have a much richer syntax).

This grammar specifies that a host name is an ordered list of labels separated by the dot ( . ) character. Each label can contain letters, numbers and the hyphen character ( – ). Fully qualified domain names are read from left to right. The first label is a hostname or a domain name followed by the hierarchy of domains and ending with the root implicitly at the right. The top-level domain name must be one of the registered TLDs.

The Domain Name System was created at a time when the Internet was mainly used in North America. The initial design assumed that all domain names would be composed of letters and digits RFC 1035 . As Internet usage grew in other parts of the world, it became important to support non-ASCII characters. For this, extensions have been proposed to the Domain Name System RFC 3490 . In a nutshell, the solution that is used to support Internationalized Domain Names works as follows. First, it is possible to use most of the Unicode characters to encode domain names and hostnames, with a few exceptions (for example, the dot character cannot be part of a name since it is used as a separator). Once a domain name has been encoded as a series of Unicode characters, it is then converted into a string that contains the xn-- prefix and a sequence of ASCII characters. More details on these algorithms can be found in RFC 3490 and RFC 3492 .

The possibility of using all Unicode characters to create domain names opened a new form of attack called the homograph attack . This attack occurs when two character strings or domain names are visually similar but do not correspond to the same server. A simple example is https://G00GLE.COM and https://GOOGLE.COM . These two URLs are visually close but they correspond to different names (the first one does not point to a valid server). With other Unicode characters, it is possible to construct domain names that are visually equivalent to existing ones.

DNS Resolution

How do client hosts or applications retrieve the mapping for a given name?

DNS resolution of namespaces is the process of finding the IP address of a host based on its domain name. A domain name is a human-readable name that identifies a host on a network, such as www.example.com . Each nameserver stores part of the distributed database and answers the queries sent by clients. There is at least one nameserver that is responsible for each domain. A sub-domain may contain both host names and sub-domains. A namespace is a collection of domain names that are organized in a hierarchical tree structure, such as the DNS namespace . The DNS namespace consists of different levels of domains, such as top-level domains (TLDs), second-level domains, and subdomains. Each domain has one or more name servers that store information about the hosts in that domain. For example, the name server for the .com TLD stores information about all the second-level domains that end with .com, such as example.com .

To resolve a domain name into an IP address, a client needs to query a DNS serve r. The DNS server can be either a recursive resolver or an authoritative server . A recursive resolver is a server that acts as an intermediary between the client and the authoritative servers. It follows a chain of referrals from the root nameserver to the TLD server to the authoritative server for the queried domain name, and returns the IP address to the client. An authoritative server is a server that hosts a zone, which is a portion of the DNS namespace. It can answer queries for any name in its zone directly, without contacting other servers.

For example, suppose a client wants to resolve www.cnet.com into an IP address. The client sends a query to its recursive resolver, which then contacts the root nameserver for the DNS namespace. The root nameserver responds with a referral to the .com TLD server. The recursive resolver then contacts the .com TLD server, which responds with a referral to the cnet.com authoritative server. The recursive resolver then contacts the cnet.com authoritative server, which responds with the IP address of www.cnet.com . The recursive resolver then sends the IP address back to the client, which can then connect to the host.

DNS resolvers have several advantages over letting each Internet host directly query nameservers. Firstly, regular Internet hosts do not need to maintain the up-to-date list of the addresses of the root servers. Secondly, regular Internet hosts do not need to send queries to nameservers all over the Internet. Furthermore, as a DNS resolver serves a large number of hosts, it can cache the received answers. This allows the resolver to quickly return answers for popular DNS queries and reduces the load on all DNS servers [JSBM2002] .

See how DNS resolution works, step by step, in this video by Barry Brown (CC-BY).

Benefits of Names

In addition to being more human friendly, using names instead of addresses inside applications has several important benefits. Let’s consider a popular application that provides information stored on servers. The server provides information upon requests from client processes. A first deployment of this application would be to rely only on addresses. In this case, the server process would be installed on one host and the clients would connect to this server to retrieve information. Such a deployment has several drawbacks :

If the server process moves to another physical server, all clients must be informed about the new server address.
If there are many concurrent clients, the load of the server will increase without any possibility of adding another server without changing the server addresses used by the clients.

Using names solves these problems. In addition, if the clients are configured with the name of the server, they will query the name service before contacting the server. The name service will resolve the name into the corresponding address. If a server process needs to move from one physical server to another, it suffices to update the name to address mapping on the name service to allow all clients to connect to the new server. The name service also enables the servers to better sustain the load. Assume a very popular server is accessed by millions of users. This service cannot be provided by a single physical server due to performance limitations. Thanks to the utilization of names, it is possible to scale this service by mapping a given name to a set of addresses.

When a client queries the name service with the server’s name, the name service returns one of the addresses in the set. Various strategies can be used to select one particular address inside the set of addresses. A first strategy is to select a random address in the set. A second strategy is to maintain information about the load on the servers and return the address of the less loaded server. Note that the list of server addresses does not need to remain fixed. It is possible to add and remove addresses from the list to cope with load fluctuations . Another strategy is to infer the location of the client from the name request and return the address of the closest server.

Mapping a single name onto a set of addresses allows popular servers to dynamically scale. There are also benefits in mapping multiple names, possibly a large number of them, onto a single address. Consider the case of information servers, in which some of the servers attract only a few clients per day. Using a single physical server for each of these services would be a waste of resources. A better approach is to use a single server for a set of services that are all identified by different names. This enables service providers to support a large number of server processes, identified by different names, onto a single physical server. If one of these server processes becomes very popular, it will be possible to map its name onto a set of addresses to be able to sustain the load. This can be done dynamically if needed.

Names provide a lot of flexibility compared to addresses. For the network, they play a similar role as variables in programming languages. No programmer using a high-level programming language would consider using hardcoded values instead of variables. For the same reasons, all networked applications depend on names and abstract the addresses as much as possible.

The official list of top-level domain names is maintained by IANA at http://data.iana.org/TLD/tlds-alpha-by-domain.txt . Until February 2008, the root DNS servers only had IPv4 addresses. IPv6 addresses were slowly added to the root DNS servers to avoid creating the problems discussed in http://www.icann.org/en/committees/security/sac018.pdf . As of February 2021, a few DNS root servers are still not reachable using IPv6. The full list is available at http://www.root-servers.org/.

DNS operates mostly via UDP on port 53 . This means that although DNS is designed to be resilient and decentralized, the traffic is not authenticated or encrypted . This has made it a target for MitM attacks. Likewise, cache hits and misses can yield information as to what names have been recently resolved (e,g., as with the Sony Rootkit). The recursive nature of DNS has also allowed for DoS attacks in the past, but much of that has been solved by limiting recursive queries to the user-facing DNS servers (i.e., the one given to you by your DHCP request).

Domain Name System Security Extensions (DNSSEC) is a suite of extension specifications designed to authenticate responses to domain name lookups. This can help prevent MitM attacks by checking the digital signature of the responding server. While this is certainly helpful, it is important to note that DNSSEC does not provide confidentiality. DNS resolutions can still be monitored by anyone who has access to the traffic.

Dynamic Host Configuration (DHCP)

The Dynamic Host Configuration Protocol (DHCP) is used to allow new clients on a network obtain an IP address and information about the services provided. IPv4 addresses can be thought of as being in two groups: static addresses and dynamic addresses. Dynamic addresses are distributed by a DHCP server for a particular lease time. When the time is up, the DHCP server may distribute the address to another client. DHCP servers can also give information about proxies , domain name servers (DNSs) , gateways , and more.

The DHCP protocol consists of four basic steps:

Discover : The host sends a broadcast message to the network, called a DHCPDISCOVER, to find a DHCP server that can offer an IP address.
Offer : The DHCP server responds to the host with a message, called a DHCPOFFER, that contains an IP address and other parameters, such as subnet mask, default gateway, DNS server, etc.
Request : The host chooses one of the offers and sends a message, called a DHCPREQUEST, to the DHCP server to request the IP address and parameters.
Acknowledge : The DHCP server confirms the request and sends a message, called a DHCPACK, to the host with the IP address and parameters. The host then configures its network interface with the IP address and parameters.

The DHCP protocol also allows hosts to renew or release their IP addresses, and DHCP servers to inform hosts of changes in configuration.

After the discover message and the offer message , more than one server could reply with an offer message. The offer messages include IP addresses but also other options such as default gateways , leased time , expiration time , etc. The client must make a decision as to which address or which information to take, and reply with a request message to the chosen server. Finally, the selected server will say, “Okay. I acknowledge your request. Here is the information. Now we start a lease time, and you are the owner of the address temporarily.” This is a DHCP acknowledgment message . The client will see the acknowledgement and will start operating.

If you place a router in the middle of the conversation, routers will not forward local broadcasts. So you must configure that router so that requests and replies can travel back and forth across that router. If you are going to configure a router as a DHCP server, then the router must support DHCP and perform all of these calls.

The process of relaying a message from a host to a remote DHCP server is shown below.

Figure 7-5: Relaying a message from a host to a remote DHCP server

DHCP Address Allocation

Providing an IP address to a client is the most important task performed by a host configuration protocol. Together with that, we receive information for the network segment, default gateway, DNS servers, domain name, TFTP servers (important in the IP telephony) and so on. To provide flexibility for configuring addresses on different types of clients, the DHCP standard includes three different address allocation mechanisms:

Manual Allocation : Also known as a reservation , this particular IP address is pre-allocated to a single device by an administrator. DHCP only communicates the IP address to the device. The IP address is mapped to the MAC address of the requesting device.
Automatic Allocation : DHCP automatically assigns an IP address permanently to a device, selecting it from the predefined pool of available addresses.
Dynamic Allocation : DHCP assigns an IP address from a pool of addresses for a limited period of time chosen by the server, or until the client tells the DHCP server that it no longer needs the address (for example, by executing the command “ipconfig /release” under a Windows OS).

In the case where DHCP dynamically assigns IP addresses to hosts, hosts cannot keep addresses indefinitely, as this would eventually cause the server to exhaust its address pool. At the same time, a host cannot be depended upon to give back its address, since it might have crashed, been unplugged from the network, or been turned off. This is why DHCP allows addresses to be leased for some period of time. Once the lease expires, the server is free to return that address to its pool. A host with a leased address clearly needs to renew the lease periodically if in fact it is still connected to the network and functioning correctly.

DHCP illustrates an important aspect of the scaling of network management. While discussions of scaling often focus on keeping the state in network devices from growing too fast, it is important to pay attention to the growth of network management complexity. By allowing network managers to configure a range of IP addresses per network rather than one IP address per host, DHCP improves the manageability of a network.

Note that DHCP may also introduce some more complexity into network management, since it makes the binding between physical hosts and IP addresses much more dynamic. This may make the network manager’s job more difficult if, for example, it becomes necessary to locate a malfunctioning host.

From a security standpoint, someone impersonating a DHCP server can wreak havoc on a network. These rogue DHCP servers can cause traffic to be redirected to initiate MitM attacks or cause DoS attacks. DHCP relies on broadcast Address Resolution Protocol (ARP) messages and does not make use of authentication, meaning that once an attacker is on the same Ethernet segment as the victim machines, all bets are off.

Concepts Corner

What are some security vulnerabilities with DNS and DHCP?

DNS Spoofing (Cache Poisoning) : Attackers insert false DNS records into the cache of a resolver, redirecting users to malicious sites.
DNS Tunneling : This technique is used to exfiltrate data or establish covert communication channels by encoding data within DNS queries and responses.
DDoS Attacks : DNS servers can be overwhelmed by Distributed Denial of Service attacks, causing service disruptions.
DNS Hijacking : Attackers redirect queries to malicious DNS servers, leading to phishing or malware distribution.
DHCP Starvation Attacks : Attackers exhaust the pool of IP addresses by sending numerous DHCP requests, preventing legitimate devices from obtaining an IP address.
Rogue DHCP Servers : Unauthorized DHCP servers can provide incorrect IP configurations, leading to network disruptions or man-in-the-middle attacks.
DHCP Spoofing : Attackers respond to DHCP requests with malicious configurations, redirecting traffic or intercepting communications.

Remote Desktop Protocol (RDP) is build into Windows and is typically used to control a machine remotely. It works over port 3389 via TCP or UDP . While RDP can be quite useful for performing remote administration on a remote machine, it can also be a large security hole if a bad actor gains access. RDP use in ransomware attacks is on the rise as ransomware programs may use RDP to find other machines to attack.

Telnet is an antiquated remote administration tool that gives access to a shell via a cleartext channel. Telnet runs on port 23 and while still occasionally in use, it should largely be phased out. You will still find telnet in embedded applications and legacy systems. You may also see the client being used to inspect other types of traffic. For example, you can use a telnet client to submit HTTP requests or send email via SMTP.

Lightweight Directory Access Protocol (LDAP) is used for accessing and maintaining directory information services . It’s primary use is with Windows Active Directory (AD) , where it can be used to obtain information regarding users and resources from an AD server. Clients can authenticate through the server and obtain privileges to read or read/write certain entries. LDAP did not originally support encryption, until LDAP over SSL (LDAPS) was developed. LDAP uses TCP and UPD over port 389 and LDAPS uses TCP over port 636.

Internet Message Access Protocol (IMAP) and Post Office Protocol 3 (POP3) are two protocols used to retrieve email from a server. IMAP is the more recent protocol, and supports saving mail on the server and folders. POP3 is more primitive, supporting only the retrieval (and subsequent deletion from the server) of emails. Both protocols use cleartext and are now commonly run over TLS . POP3 defaults to TCP port 110 or 995 if using TLS. IMAP defaults to TCP port 143 or 993 if using TLS. In the age of webmail, it is easy to forget about these protocols, but a security specialist must keep them in mind as they may still be used in support of corporate devices.

Simple Mail Transfer Protocol (SMTP) is used for sending/forwarding email . As it states, it is a simple protocol consisting of lines of text. Basic SMTP used TCP on port 25 . SMTP was later expanded to support authentication and finally wrapped in TLS still using TCP on port 587 . SMTP servers accept outgoing mail from (hopefully) authenticated clients, route mail to other SMTP servers based on the Mail Exchange (MX) information in DNS records, and accept mail for their domain from other SMTP servers. Various checks have been implemented in SMTP servers to ensure that messages from domains actually come from those domains. This is largely used to combat spam, which continues to be a problem.

Network Time Protocol (NTP) uses UDP over port 123 t o sync the system time with a time server. NTP servers are layered in stratums , with the lowest stratums being closest to the most accurate sources of time, atomic clocks, GPS, etc. NTP is important as many protocols, including several key exchanges, require system clocks to be in sync. System clocks are also used to check when certificates expire and used in logs to indicate when something happened. Without an accurate, synchronized system clock, many things will fail in surprising ways.

File Transfer Protocol (FTP) is a relatively simple, text-based protocol for sending files between machines. FTP uses TCP on port 21 and traditionally establishes two channels: one for protocol messages , and one binary channel for data. The interesting thing about this setup is that the FTP server would initiate the connection of the data channel from server to client, meaning that in many NAT situations where the client couldn’t be easily reached behind a firewall, it would fail. The solution to this problem was passive FTP , which uses one channel established by the client.

Despite this initial shortcoming, FTP has proven to be incredibly popular and is still used in many corporate environments. You may see FTP being used to transmit bulk data for import to systems or used to update firmware in embedded systems. You can use FTP with a commandline ftp client, a graphical client such as Filezilla or SecureFX, or even in most web browsers with the ftp:// URL scheme.

Unfortunately, FTP does not support authentication systems other than passwords and the passwords are sent in plaintext. As such Secure FTP (SFTP) is recommended. SFTP uses an SSH connection to send and receive files over an encrypted channel. SFTP also supports all SSH authentication methods.

Simple Network Management Protocol (SNMP) is used for gathering information about the workings of a network. It is broken into two groups: clients using UDP port 161 (TLS 10161) and a manager using UDP port 162 (TLS 10162) . The manager collects messages from the clients regarding the operations of the network and uses this information to take actions as necessary. SNMP can be used to pass information about the temperature of a machine, how many current connections, real-time channel capacity utilization, etc. SNMP is currently up to version 3, which is encrypted and requires authentication. This is particularly important because SNMP is a very powerful protocol that could exchange potentially valuable information to an attacker. Access to SNMP should be limited and its usage on a network should be monitored.

Secure Shell (SSH [ is the most widely deployed remote administration tool. SSH provides access to a shell via an encrypted connection. SSH supports many options including SOCKS5 proxies, port forwarding, and the usage of multiple authentication schemes: password, key, hardware device, etc. SSH uses TCP on port 22 .

TLS is mainly used over the TCP protocol. TLS is responsible for the encryption and the authentication of the SDUs exchanged by the application layer protocol, while TCP provides the reliable delivery of this encrypted and authenticated bytestream. TLS is used by many different application layer protocols. The most frequent ones are HTTP (HTTP over TLS is called HTTPS), SMTP RFC 3207 or POP and IMAP RFC 2595 , but proprietary application-layer protocols also use TLS [AM2019] . There are also variants of TLS that operate over SCTP RFC 3436 or UDP RFC 6347 , but these are outside the scope of this chapter.

TLS 1.3 is the most current version, but not all websites support it. TLS 1.2 is still considered safe if best practices are followed and TLS 1.1 or lower is considered depreciated.

A TLS session can be initiated in two different ways. First, the application can use a dedicated TCP port number for application layer protocol x-over-TLS. This is the solution used by many HTTP servers that reserve port 443 for HTTP over TLS. This solution works, but it requires reserving two ports for each application: one where the application-layer protocol is used directly over TCP and another one where the application-layer protocol is used over TLS. Given the limited number of TCP ports that are available, this is not a scalable solution. The table below provides some of the reserved port numbers for application layer protocols on top of TLS.

Application	TCP port	TLS port
POP3	110	995
IMAP	143	993
NNTP	119	563
HTTP	80	443
FTP	21	990

Table 7-2: Application layer protocols and ports

A second approach to initiate a TLS session is to use the standard TCP port number for the application layer protocol and define a special message in this protocol to trigger the start of the TLS session. This extension to SMTP RFC 3207 defines the new STARTTLS command. The client can issue this command to indicate to the server that it wants to start a TLS session as shown in the example below captured during a session on port 25 .

For the remainder of this chapter, we assume that the TLS session starts immediately after the establishment of the TCP connection. This corresponds to the deployments on web servers. We focus our presentation of TLS on this very popular use case. TLS is a complex protocol that supports other features than the one used by web servers. A more detailed presentation of TLS may be found in [KPS2002] and [Ristic2015] .

A TLS session is divided in two phases: the handshake and the data transfer . During the handshake, the client and the server negotiate the security parameters and the keys that will be used to secure the data transfer. During the second phase, all the messages exchanged are encrypted and authenticated with the negotiated algorithms and keys.

The TLS Handshake

TLS uses a handshake process to establish a secure session between the server and the browser . During a session, the server and client exchange messages that contain information such as the supported TLS versions, cipher suites, random numbers, certificates, and keys. The basic process is outlined below.

The browser starts the handshake by sending a message to the server with its preferences and a random number. This random number is called a nonce , which means it is only used once in this communication. A nonce helps to prevent replay attacks, where an attacker could reuse old messages to impersonate the browser or the server.
The server replies with its choices and another random number. The server also sends its certificate , which proves its identity and contains its public key .
The browser checks the validity of the server’s certificate and generates a secret key , which it encrypts with the server’s public key. The browser also sends a message that verifies the integrity of the previous messages. The server decrypts the secret key with its private key , and both parties use it to create more keys for encryption and authentication.
The browser and the server exchange messages to confirm that they have the same keys, and that they are ready to encrypt their communication. This is called the Finished message.
The browser and the server can now exchange application data, such as HTTP requests and responses, using symmetric encryption and authentication with the keys they have generated.

The TLS four-way handshake is illustrated in the figure below.

Figure 7-9: The TLS four-way handshake

Perfect Forward Secrecy

Perfect Forward Secrecy (PFS) is an important property for key exchange protocols. A protocol provides PFS if its design guarantees that the keys used for former sessions will not be compromised even if the private key of the server is compromised. Recent implementations of TLS prefer ECDHE_RSA or ECDHE_ECDSA encryption when Perfect Forward Secrecy is required.

Two important messages will be sent by the client and the server to conclude the handshake and start the data transfer phase.

The client sends the ChangeCipherSpec message followed by the Finished message. The ChangeCipherSpec message indicates that the client has received all the information required to generate the security keys for this TLS session. This message can also appear later in the session to indicate a change in the encryption algorithms that are used. The Finished message is more important. It confirms to the server that the TLS handshake has been performed correctly and that no attacker has been able to modify the data sent by the client or the server. This is the first message that is encrypted with the selected security keys. It contains a hash of all the messages that were exchanged during the handshake. The server also sends a ChangeCipherSpec message followed by a Finished message.

TLS Cipher Suites

A TLS cipher suite is usually represented as an ASCII string that starts with TLS and contains the acronym of the key exchange algorithm , the encryption scheme with the key size and its mode of operation and the authentication algorithm. For example, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 is a TLS cipher suite that uses the DHE_RSA key exchange algorithm with 128 bits AES in GCM mode for encryption and SHA-256 for authentication. The official list of TLS cipher suites is maintained by IANA. The N ULL acronym indicates that no algorithm has been specified. For example, TLS_ECDH_RSA_WITH_NULL_SHA is a cipher suite that does not use any encryption but still uses the ECDH_RSA key exchange and SHA for authentication.

The TLS Record

After the handshake is completed, the client and the server will exchange authenticated and encrypted records. TLS defines different formats for the records depending on the cryptographic algorithms that have been negotiated for the session. A detailed discussion of these different types of records is outside the scope of this introduction. For illustration, we briefly describe one record format.

As other security protocols, TLS uses different keys to encrypt and authenticate records. These keys are derived from the MasterSecret that is either randomly generated by the client after the RSA key exchange or derived from the Diffie Hellman parameters after the DH_RSA key exchange. The exact algorithm used to derive the keys is defined in RFC 5246 .

A TLS record is composed of four different fields :

Type : The most frequent type is application data which corresponds to a record containing encrypted data. The other types are handshake, change_cipher_spec and alert.
Protocol Version : This version is composed of two sub fields : a major and a minor version number.
Length : A TLS record cannot be longer than 16,384 bytes.
TLSPlainText : This contains the encrypted data

TLS supports several methods to encrypt records. The selected method depends on the cryptographic algorithms that have been negotiated for the TLS session. A detailed presentation of the different methods that can be used to produce the TLSPlainText from the user data is outside the scope of this text.

Improving TLS

In 2014, the IETF TLS working group began to develop version 1.3 of the TLS protocol. Their main objectives [Rescorla2015] for this new version were as follows.

Simplify the design by removing unused or unsafe protocol features.
Improve the security of TLS by leveraging the lessons learned from TLS 1.2 and documented attacks.
Improve the privacy of the protocol.
Reduce the latency of TLS.

Since 2014, latency has become an important concern for the performance of web services. With TLS 1.2, the download of a web page requires a minimum of four round-trip-times, one to create the underlying TCP connection, one to exchange the ClientHello/ServerHello , one to exchange the keys and then one to send the HTTP GET and retrieve the response. This can be very long when the server is not near the client. TLS 1.3 aimed at reducing this handshake to one round-trip-time and even zero by placing some of the cryptographic handshake in the TCP handshake.

To simplify both the design and the implementations, TLS 1.3 uses only a small number of cipher suites. Five of them are specified in RFC 8446 and TLS_AES_128_GCM_SHA256 must be supported by all implementations. To ensure privacy, all cipher suites that did not provide Perfect Forward Secrecy have been removed. Compression has also been removed from TLS since several attacks on TLS 1.2 exploited its compression capability RFC 7457 .

By supporting only cipher suites that provide Perfect Forward Secrecy in TLS 1.3 , the IETF aims at protecting the privacy of users against a wide range of attacks. However, this choice has resulted in intense debates in some enterprises. Notably in financial organizations, who have deployed TLS, but wish to be able to decrypt TLS traffic for various security-related activities. These enterprises tried to lobby within the IETF to maintain RSA-based cipher suites that do not provide Perfect Forward Secrecy. Their arguments did not convince the IETF. Eventually, these enterprises moved to ETSI , another standardization body, and convinced the IETF to adopt entreprise TLS , a variant of TLS 1.3 that does not provide Perfect Forward Secrecy [eTLS2018] .

There are many more differences between TLS 1.2 and TLS 1.3. Additional details may be found in their respective specifications, RFC 5246 and RFC 8446 .

The sections above are adapted from Computer Systems Security: Planning for Success by Ryan Tolboom is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License , except where otherwise noted.

Discussion Topics

Now that you’ve worked through the OSI model, practice explaining the process of communication within and across the layers.

Walk through the process of an HTTP request and response cycle, highlighting the key components and their roles.
How does DNS resolve domain names to IP addresses, and why is this process crucial for internet functionality?
Describe the communication process across all seven layers of the OSI model using the example of sending an email from your computer to a friend’s computer. Explain the role of each layer in this process.

Telecommunications and Networking Copyright © by Rita Mitra; Glenn Brown; Melanie Huffman; and Hongyi Zhu is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License , except where otherwise noted.

Share This Book

Computer Networks Questions & Answers – Reference Models – 2

This set of Computer Networks Multiple Choice Questions & Answers (MCQs) focuses on “Reference Models – 2”.

Sanfoundry Global Education & Learning Series – Computer Networks.

To practice all areas of Computer Networks, here is complete set of 1000+ Multiple Choice Questions and Answers .

Apply for Computer Science Internship
Practice MCA MCQs
Check Computer Network Books
Practice Computer Science MCQs
Check Computer Science Books

Fundamentals of Communications and Networking, 3rd Edition by Michael G. Solomon, David Kim

Get full access to Fundamentals of Communications and Networking, 3rd Edition and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

O SI LAYER 1 (PHYSICAL LAYER) THROUGH LAYER 4 (TRANSPORT LAYER) provide the foundation for sending and receiving data between network nodes. But that’s only part of what you need to support rich networked communications. It’s kind of like driving from one city to another. To get there and back, you’ll need to have roads and bridges to drive on. You need to know the laws governing each state or county along the way, and you need to understand the signs that tell you things like speed limit and highway number. All of these things make up the infrastructure ...

Get Fundamentals of Communications and Networking, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

15.1.4 Check Your Understanding – Application, Session, Presentation Answers

1. This layer of the OSI model is concerned with the protocols that exchange data between programs running on hosts.

application

Explanation: The application layer of the OSI model is the layer that is closest to the end user. It provides an interface between application protocols exchanging data between hosts.

2. MKV, GIF, and JPG standards are associated with which OSI layer?

presentation

Explanation: The presentation layer is concerned with formatting and presenting data in a format that is compatible with the destination device. Examples of presentation layer standards are MKV, GIF, JPG, MOV, and PNG.

3. These three OSI layers define the same functions as the TCP/IP model application layer.

Explanation: The upper three OSI layers; application, presentation, and session, define the application layer functions of the TCP/IP model.

4. Which two are protocols that belong in the OSI application layer?

Explanation: The application layer of the OSI model provides an interface between applications protocols exchanging data between hosts. Protocols at the application layer include DNS, HTTP, SMTP, FTP, and IMAP.

5. This is a function of the OSI session layer.

compress and decompress data
provide an interface between applications
format data for the application layer
exchange of information to initiate dialog between peers

Explanation: The session layer of the OSI model creates and maintains the dialogs, or sessions, between two communicating hosts.

Engineering Mathematics
Discrete Mathematics
Operating System
Computer Networks
Digital Logic and Design
C Programming
Data Structures
Theory of Computation
Compiler Design
Computer Org and Architecture

Application Layer in OSI Model

The Application Layer of OSI (Open System Interconnection) model, is the top layer in this model and takes care of network communication. The application layer provides the functionality to send and receive data from users. It acts as the interface between the user and the application. The application provides services like file transmission, mail service, and many more.

In this article we will explore the application layer in the OSI model, application layer functions, the working of the application layer, and services provided by the application layer.

Table of Content

What is Application Layer in OSI Model?

Functions of Application Layer

Working of application layer in osi model, features provided by application layer protocols.

Services Provided by Application Layer Protocols

Application Layer Protocols

What is an application layer in osi model.

Application Layer is the topmost layer in the Open System Interconnection (OSI) model . This layer provides several ways for manipulating the data (information) which actually enables any type of user to access network with ease. This layer also makes a request to its bottom layer, which is presentation layer for receiving various types of information from it.

The Application Layer interface directly interacts with application and provides common web application services. This layer is basically highest level of open system, which provides services directly for application process.

The Application Layer, as discussed above, being topmost layer in OSI model, performs several kinds of functions which are requirement in any kind of application or communication process. Following are list of functions which are performed by Application Layer of OSI Model:

Application Layer provides a facility by which users can forward several emails and it also provides a storage facility.
This layer allows users to access, retrieve and manage files in a remote computer.
It allows users to log on as a remote host.
This layer provides access to global information about various services.
This layer provides services which include: e-mail, transferring files, distributing results to the user, directory services, network resources and so on.
It provides protocols that allow software to send and receive information and present meaningful data to users.
It handles issues such as network transparency, resource allocation and so on.
This layer serves as a window for users and application processes to access network services.
Application Layer is basically not a function, but it performs application layer functions.
The application layer is actually an abstraction layer that specifies the shared protocols and interface methods used by hosts in a communication network.
Application Layer helps us to identify communication partners, and synchronizing communication.
This layer allows users to interact with other software applications.
In this layer, data is in visual form, which makes users truly understand data rather than remembering or visualize the data in the binary format (0’s or 1’s).
This application layer basically interacts with Operating System (OS) and thus further preserves the data in a suitable manner.
This layer also receives and preserves data from it’s previous layer, which is Presentation Layer (which carries in itself the syntax and semantics of the information transmitted).
The protocols which are used in this application layer depend upon what information users wish to send or receive.
This application layer, in general, performs host initialization followed by remote login to hosts.

The application layer in the OSI model generally acts only like the interface which is responsible for communicating with host-based and user applications. This is in contrast with TCP/IP protocol, wherein the layers below the application layer, which is Session Layer and Presentation layer, are clubbed together and form a simple single layer which is responsible for performing the functions, which includes controlling the dialogues between computers, establishing as well as maintaining as well as ending a particular session, providing data compression and data encryption and so on.

Working of Application Layer

At first, client sends a command to server and when server receives that command, it allocates port number to client.
Thereafter, the client sends an initiation connection request to server and when server receives request, it gives acknowledgement (ACK) to client through client has successfully established a connection with the server.
Therefore, now client has access to server through which it may either ask server to send any types of files or other documents or it may upload some files or documents on server itself.

To ensure smooth communication, application layer protocols are implemented the same on source host and destination host. The following are some of the features which are provided by Application layer protocols-

The Application Layer protocol defines process for both parties which are involved in communication.
These protocols define the type of message being sent or received from any side (either source host or destination host).
These protocols also define basic syntax of the message being forwarded or retrieved.
These protocols define the way to send a message and the expected response.
These protocols also define interaction with the next level.

Services Provided by Application Layer

The services provided by application layer in OSI model are:

It provides interface between user and application.
It is used for remote login.
It is used for file transfer.
It is used for mail services and transfers.
It is also used to transfer multimedia files.
It is used for resource sharing.
It is used for data synchronization.
It is used for authentication services.

The application layer provides several protocols which allow any software to easily send and receive information and present meaningful data to its users. The following are some of the application layer protocols .

TELNET: Telnet stands for Telecommunications Network. This protocol is used for managing files over the Internet. It allows the Telnet clients to access the resources of Telnet server. Telnet uses port number 23.
DNS: DNS stands for Domain Name System. The DNS service translates the domain name (selected by user) into the corresponding IP address. For example- If you choose the domain name as www.abcd.com, then DNS must translate it as 192.36.20.8 (random IP address written just for understanding purposes). DNS protocol uses the port number 53.
DHCP: DHCP stands for Dynamic Host Configuration Protocol. It provides IP addresses to hosts. Whenever a host tries to register for an IP address with the DHCP server, DHCP server provides lots of information to the corresponding host. DHCP uses port numbers 67 and 68.
FTP: FTP stands for File Transfer Protocol. This protocol helps to transfer different files from one device to another. FTP promotes sharing of files via remote computer devices with reliable, efficient data transfer. FTP uses port number 20 for data access and port number 21 for data control.
SMTP: SMTP stands for Simple Mail Transfer Protocol. It is used to transfer electronic mail from one user to another user. SMTP is used by end users to send emails with ease. SMTP uses port numbers 25 and 587.
HTTP: HTTP stands for Hyper Text Transfer Protocol. It is the foundation of the World Wide Web (WWW). HTTP works on the client server model. This protocol is used for transmitting hypermedia documents like HTML. This protocol was designed particularly for the communications between the web browsers and web servers, but this protocol can also be used for several other purposes. HTTP is a stateless protocol (network protocol in which a client sends requests to server and server responses back as per the given state), which means the server is not responsible for maintaining the previous client’s requests. HTTP uses port number 80.
NFS: NFS stands for Network File System. This protocol allows remote hosts to mount files over a network and interact with those file systems as though they are mounted locally. NFS uses the port number 2049.
SNMP: SNMP stands for Simple Network Management Protocol. This protocol gathers data by polling the devices from the network to the management station at fixed or random intervals, requiring them to disclose certain information. SNMP uses port numbers 161 (TCP) and 162 (UDP).

From the above discussion we can conclude that application layer is the topmost layer in the OSI Model and acts as an interface between end user software like a web browser (or any other application that needs network communication) to send or receive data over network. By offering support for multiple protocols like SMTP, FTP, SNMP and DHCP the stack helps in effective communication of data. Every one who is at network management and application development should also have the idea about what are basic functions of Application Layer and Protocols.

Frequently Asked Questions on Application Layer in OSI Model – FAQ’s

What is the function of the application layer.

The function of application layer is to provide an interface to send and receive data from user.

Which is an Application Layer Service?

The application layer services are remote login, email services and file transmission.

How does the Application Layer ensure data integrity?

It uses protocols and error-checking mechanisms to detect and correct transmission errors.

Can the Application Layer handle multiple protocols simultaneously?

Yes, it supports concurrent protocols like HTTP, FTP, SMTP, and DNS for seamless network operations.

How does the Application Layer interact with other OSI model layers?

It requests data formatting from the Presentation Layer and relies on lower layers for connection and data transmission.

Please Login to comment...

Similar reads, improve your coding skills with practice.

What kind of Experience do you want to share?

COMMENTS

The OSI Model
The Session Layer initiates, maintains, and terminates connections between two end-user applications. It responds to requests from the presentation layer and issues requests to the transport layer. OSI Layer 6. Layer 6 is the presentation layer. This layer is responsible for data formatting, such as character encoding and conversions, and data ...
Session Layer in OSI model
The Session Layer is the 5th layer in the Open System Interconnection (OSI) model. This layer allows users on different machines to establish active communications sessions between them. It is responsible for establishing, maintaining, synchronizing, terminating sessions between end-user applications. In Session Layer, streams of data are ...
The 7 OSI Networking Layers Explained
Data Link Layer. Network Layer. Transport Layer. Session Layer. Presentation Layer. Application Layer. Summary. The Open Systems Interconnection (OSI) networking model defines a conceptual framework for communications between computer systems. The model is an ISO standard which identifies seven fundamental networking layers, from the physical ...
What is the OSI model? How to explain and remember its 7 layers
The layers (from bottom to top) are: Physical, Data Link, Network, Transport, Session, Presentation, and Application. Foundry. It wasn't always this way. Conceived in the 1970s when computer ...
What is the OSI Model? 7 Network Layers Explained
Each of the seven OSI model layers communicates with layers below and above it. For example, the application layer interacts with software applications, while the presentation layer provides encryption and data compression. Likewise, the session layer creates communications between devices.
The 7 Layers Of The OSI Model Explained With Examples
The model was made to break down each functional layer so that overall design complexity could be lessened. The model was constructed with seven layers for the flow of information. These are: Application Layer. Presentation layer. Session layer. Transport layer. Network layer. Data link layer.
The OSI Model & The 7 Layers Explained
In the OSI reference model, the communications between a computing system are split into seven different abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application. Created at a time when network computing was in its infancy, the OSI was published in 1984 by the International Organization for ...
What is the OSI Model? Understanding the 7 Layers
Application Layer: This single layer maps to the Application, Presentation, and Session layers of the OSI model. Some protocols that operate at this layer include HTTP, SMTP, and DNS. Transport Layer: This layer maps to the Transport layer of the OSI model. TCP and the User Datagram Protocol (UDP) operate at this layer.
OSI model
19. The session layer is meant to store states between two connections, like what we use cookies for when working with web programming. The presentation layer is meant to convert between different formats. This was simpler when the only format that was worried about was character encoding, ie ASCII and EBCDIC.
Session, Presentation, and Application Layers
Session, Presentation, and Application Layers. Recall that there are two popular network models in use: the OSI Reference Model and the TCP/IP Reference Model. In this chapter you'll learn about the top three layers of the OSI model. Those three OSI layers correspond to the Application Layer (top layer) in the TCP/IP model.
OSI Model: Session, Presentation, and Application Layer (#5, #6, and #7)
Layers #5, #6, and #7 of OSI Model. I've introduced the OSI Model, which describes how computers communicate and how computer networks work. Here is the next post in the series explaining each communication step between computers (see Layer 4 here). Layer 5: Session layer. Wikipedia defines a session as this.
Application layer
An application layer is an abstraction layer that ... OSI then explicitly distinguishes the functionality of two additional layers, the session layer and presentation ... common application service element sublayer provides services for the application layer and request services from the session layer. It provides support for common application ...
Ch. 6: The Session, Presentation, and Application Layers
Presentation Layer: OSI Layer 6. - Provides the interface between the Application Layer (above) and Session Layer (below) - Presentation Layer on sending computer is responsible for formatting and coding Application Layer data (high-level data that comes from applications) into a form that's acceptable for transmitting on the network.
Understanding Layer 7
Session Layer: Manages and maintains communication sessions. Presentation Layer: Responsible for data translation, encryption, and compression. Application Layer (Layer 7): The focus of our ...
What is OSI Model
Conclusion. In conclusion, the OSI (Open Systems Interconnection) model is a conceptual framework that standardizes the functions of a telecommunication or computing system into seven distinct layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application.
7. The Application Layer
The Application Layer - Telecommunications and Networking. 7. The Application Layer. Chapter Objectives. 7-1 Explain the role of client-server architectures at the application layer. 7-2 Analyze an HTTP header, request , and response. 7-3 Summarize the security features of the HTTPS , SSH, and TLS 1.3 protocols.
Session, Presentation, and Application Layers
Layers 5- 7: Session, Presentation, and Application Layers. Let's look at the upper layers of the OSI seven layer model now. Those layers are the transport, session, presentation, and application layers. Session Layer - Network File System (NFS) - Structured Query Language (SQL) - Remote-Procedure Call (RPC) - X Window System
Computer Networks Questions & Answers
Explanation: Physical, data link and network layers are network support layers and session, presentation and application layers are user support layers. The transport layer links these layers by segmenting and rearranging the data. It uses protocols like TCP and UDP. 5. Which address is used on the internet for employing the TCP/IP protocols?
CHAPTER 6 The Session, Presentation, and Application Layers
The Session, Presentation, and Application Layers: CHAPTER 6: ... But that's only part of what you need to support rich networked communications. It's kind of like driving from one city to another. To get there and back, you'll need to have roads and bridges to drive on. You need to know the laws governing each state or county along the ...
15.1.4 Check Your Understanding
Explanation: The presentation layer is concerned with formatting and presenting data in a format that is compatible with the destination device. Examples of presentation layer standards are MKV, GIF, JPG, MOV, and PNG. 3. These three OSI layers define the same functions as the TCP/IP model application layer. application.
Functions of Session Layer
Presentation layer lies above the session layer of OSI model. Presentation layer prepares the data for its upper layer. It states about how the devices should encode, encrypt and compress the data. Q.2: Which layers of OSI model are known as software layers or upper layers? Answer: The session layer, presentation layer and application layer are ...
Network Models Practice Quiz Flashcards
Network Models Practice Quiz. In the Internet model, the application layer corresponds to the ________ layer (s) of the OSI model. application and presentation. session, presentation and application. data link and network. network, transport and presentation. application layer. Click the card to flip 👆. session, presentation and application.
Application Layer in OSI Model
The Application Layer of OSI (Open System Interconnection) model, is the top layer in this model and takes care of network communication. The application layer provides the functionality to send and receive data from users. It acts as the interface between the user and the application. The application provides services like file transmission ...

The OSI Model – The 7 Layers of Networking Explained in Plain English

Prerequisites

Learning Objectives

Common Networking Terms

What is the OSI Model?

OSI Layer 1

How to Troubleshoot OSI Layer 1 Problems

OSI Layer 2

How to Troubleshoot OSI Layer 2 Problems

OSI Layer 3

How to Troubleshoot OSI Layer 3 Problems

OSI Layer 4

How to Troubleshoot OSI Layer 4 Problems

OSI Layer 5

How to Troubleshoot OSI Layer 5 Problems

OSI Layer 6

How to Troubleshoot OSI Layer 6 Problems

OSI Layer 7

How to Troubleshoot OSI Layer 7 Problems

Learning Resources

How-To Geek

Microsoft Is About to Kill Paint 3D

1. Physical Layer

2. Data Link Layer

3. Network Layer

4. Transport Layer

5. Session Layer

6. Presentation Layer

7. Application Layer

Our Network

What is the OSI model? How to explain and remember its 7 layers

The 7 layers of the OSI model

Layer 7: Application

Layer 6: Presentation

Layer 5: Session

Layer 4: Transport

Layer 3: Network

Layer 2: Data Link

Layer 1: Physical

Why you need to know the 7 OSI layers

The OSI model remains relevant

How to remember the OSI Model 7 layers: 8 mnemonic tricks

Related content

More from this author

Show me more

What enterprises say the CrowdStrike outage really teaches

NIST finally settles on quantum-safe crypto standards

Has the hype around ‘Internet of Things’ paid off? | Ep. 145

Episode 1: Understanding Cisco’s Converged SDN Transport

Episode 2: Pluggable Optics and the Internet for the Future

How to see how many days passed since the beginning of the Linux epoch

How to use the pv command

How to use the stat command

What is the OSI Model?

OSI Model Explained

What Are the 7 Layers of the OSI Model?

Layer 7 - Application layer

Layer 6 - Presentation layer

Layer 5 - Session layer

Layer 4 - Transport layer

Layer 3 - Network layer

Layer 2 - Data link layer

Layer 1 - Physical layer

How Data Flows through OSI Model Layers

Frequently Asked Questions about OSI Model

What are 7 layers of the OSI model?

Quick Links

Related Topics

The OSI (Open Systems Interconnection) Model

1.1 Application layer

1.2 Presentation layer

1.3 Session layer

1.4 Transport layer

1.5 Network layer

1.6 Data link layer

1.7 Physical layer

You are here

What is the OSI Model?

Protect Your Network Layers with Forcepoint Secure SD-WAN

In This Doc: