Osi model

1 [email protected]

Network Bulls (A unit of Network BullStudy Pvt. Ltd. Email- [email protected] , http://www.networkbulls.com

OSI Reference Model

OSI means Open System Interconnect model. Developed by the International Organization for Standardization in 1974. It

consists of seven layers. Each layer has a different but specific processing function.

The Application layer

The Application layer, Layer seven, is the top layer of both the OSI and TCP/IP models. Provides the user interface

between the applications we use to communicate and the underlying network.

Application layer protocols are used to exchange data between programs running on the source and destination hosts.

There are many Application layer protocols and new protocols are always being developed.

Functionality of the TCP/IP application layer protocols fit roughly into the framework of the top three layers of the:

OSI model: Application, Presentation and Session layers.

Most early TCP/IP application layer protocols were developed before the emergence of:

Personal computers, graphical user interfaces and multimedia objects.

These protocols implement very little of the functionality that is specified in the OSI model Presentation and Session

layers.

Common OSI and TCP/IP Protocols

1. Domain Name Service Protocol (DNS) is used to resolve Internet names to IP addresses.

2. Hypertext Transfer Protocol (HTTP) is used to transfer files that make up the Web pages of the World Wide Web.

3. Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail messages and attachments.

4. Telnet, a terminal emulation protocol, is used to provide remote access to servers and networking devices.

5. File Transfer Protocol (FTP) is used for interactive file transfer between systems.

The Presentation layer

The Presentation layer has three primary functions:

1. Coding and conversion of Application layer data to ensure that data from the source device can be interpreted by

destination device.

2. Compression of the data in a manner that can be decompressed by the destination device.

3. Encryption of the data for transmission and the decryption of data upon receipt by the destination.

Compression and Coding formats:

Graphics Interchange Format (GIF)

Joint Photographic Experts Group (JPEG)

Tagged Image File Format (TIFF).

The Session Layer

Create and maintain dialogs between source and destination applications.

Handles the exchange of information to:

Initiate dialogs

Keep them active

Restart sessions that are disrupted or idle for a long period of time

Most applications, like web browsers or e-mail clients, incorporate functionality of the OSI layers 5, 6 and 7.

mailto:[email protected]


2 [email protected]


Transport Layer

Both TCP and UDP use ports (or sockets) numbers to pass information to the upper layers

What are the two protocols at the transport layer?

TCP – Transmission Control Protocol

UDP – User Datagram Protocol

0 15 16 31

16-bit Source Port Number

16-bit Destination Port Number

32-bit Sequence Number

32 bit Acknowledgement Number

4-bit Header

Length

6-bit

(Reserved)

U

R

G

A

C

K

P

S

H

R

S

T

S

Y

N

F

I

N

16-bit Window Size

16-bit TCP Checksum

16-bit Urgent Pointer

Options (if any)

Data (if any)



3 [email protected]


source port -- the number of the calling port

destination port -- the number of the called port

sequence number -- the number used to ensure correct sequencing of the arriving data

acknowledgment number -- the next expected TCP octet

HLEN -- the number of 32-bit words in the header

reserved -- set to 0

code bits -- the control functions (e.g. setup and termination of a session)

window -- the number of octets that the sender is willing to accept

checksum -- the calculated checksum of the header and data fields

urgent pointer -- indicates the end of the urgent data

option -- one currently defined: maximum TCP segment size

data -- upper-layer protocol data

TCP provides:

Reliable delivery

Error checking

Flow control

Congestion control

Ordered delivery

Connection establishment

TCP: Connection Establishment- Three-way Handshake

For a connection to be established, the two end stations must synchronize on each other's TCP initial sequence

numbers (ISNs).

Sequence numbers:

Track the order of packets

Ensure that no packets are lost in transmission.

The initial sequence number is the starting number used when a TCP connection is established.

Exchanging beginning sequence numbers during the connection sequence ensures that lost data can be recovered

Step 1:

The three-way handshake happens before any data, HTTP Request (GET), is sent by the client.

A TCP client begins the three-way handshake by sending a segment with the SYN (Synchronize Sequence

Number) control flag set, indicating an initial value in the sequence number field in the header.



4 [email protected]


The sequence number is the Initial Sequence Number (ISN), is randomly chosen and is used to begin tracking the

flow of data from the client to the server for this session.

Step 2:

The TCP server needs to acknowledge the receipt of the SYN segment.

Server sends a segment back to the client with:

ACK flag set indicating that the Acknowledgment number is significant.

The value of the acknowledgment number field is equal to the client initial sequence number plus

1.

This is called an expectation acknowledgement – the next byte this host expects to receive (more

soon).

SYN flag is set with its own random ISN for the Sequence number

Step 3:

TCP client responds with a segment containing an ACK that is the response to the TCP SYN sent by the server.

The value in the acknowledgment number field contains one more than the initial sequence number received

from the server.

The client can now send application data encapsulated in TCP segment.

HTTP Request (GET)

TCP: Connection Termination: -

1. When the client has no more data to send in the stream, it sends a segment with the FIN flag set.

2. The server sends an ACK to acknowledge the receipt of the FIN to terminate the session from client to server.

3. The server sends a FIN to the client, to terminate the server to client session.

4. The client responds with an ACK to acknowledge the FIN from the server.

Flow Control and Reliability

Reliability

Guaranteed delivery - making sure all the data was received. If missing data, determining which bytes need to be

retransmitted.

Flow Control

Each host has a receive buffer for the TCP connection. Flow control makes sure these buffers do not receive more data

than the connection can handle.



5 [email protected]


The receiving host's TCP layer reports a window size to the sending host's TCP layer. This window size specifies the

number of bytes, starting with the acknowledgment number, that the receiving host's TCP layer is currently prepared to

receive. Window size is included in every TCP segment sent from client or server starting with three-way handshake. TCP

is a full duplex service; client and server specify their own window sizes

Sequence Number and Acknowledgements



6 [email protected]


TCP Window Size

TCP provides full-duplex service, which means data can be flowing in each direction, independent of the other direction.

Receiver sends acceptable window size to sender during each segment transmission (flow control)

If too much data being sent, acceptable window size is reduced

If more data can be handled, acceptable window size is increased



7 [email protected]


Reliable Data Transfer



8 [email protected]


Note: -

Determining TCP MTU



9 [email protected]


Typically, an end system uses the "outgoing interface MTU" minus 40 as its reported MSS.

For example, an TCP over IP over Ethernet MSS value is 1460 (1500 - 40 = 1460).

When a host (usually a PC) initiates a TCP session with a server, it negotiates the TCP segment size by using the

maximum segment size (MSS) option field in the TCP SYN packet. (Curriculum say IP segment).

The value of the MSS Field is determined by the maximum transmission unit (MTU) configuration on the host.

The default Ethernet MTU value for a PC is 1500 bytes. (curriculum says MSS)

Notice: - TCP is a connection-oriented service between the hosts, whereas UDP is a connectionless service.

The Internet Assigned Numbers Authority (IANA) assigns port numbers.

Well Known Ports (Numbers 0 to 1023), reserved for common services and applications

Registered Ports (Numbers 1024 to 49151) Assigned to user processes or applications.

Dynamic or Private Ports (Numbers 49152 to 65535). Usually assigned dynamically to client applications when initiating a

connection.

What do you notice looking at the UDP protocol?

UDP does not maintain connection state as does TCP.

Destination and Source Ports

Length and Checksum (used for error checking)

RFC 768

Connectionless transport

No “handshaking” (no connection establishment) as with TCP (coming)

Unreliable delivery

No error checking

No flow control

No congestion control

No ordered delivery

o source port -- the number of the calling port

o destination port -- the number of the called port

o UDP length -- the length of the UDP header

0 15 16 31

16-bit Source Port Number

16-bit Destination Port Number

16-bit UDP Length

16-bit UDP Checksum

Data (if any)



10 [email protected]


o checksum -- the calculated checksum of the header and data fields

o data -- upper-layer protocol data

o No connection state

UDP does not maintain connection state as does TCP.

Small packet header overhead

TCP header has 20 bytes of overhead.

UDP header has only 8 bytes of overhead





Network Layer

The Network layer (Layer 3) provides services to exchange the data over the network between identified end

devices.

Layer 3 uses four basic processes:

Addressing

Encapsulation

Routing

Decapsulation

The Internet Protocol (IPv4 and IPv6) is the most widely-used Layer 3 data carrying protocol and will be the focus of this

course.

IP Header





IP Destination Address

32-bit binary value that represents the packet destination Network layer host address.

IP Source Address

32-bit binary value that represents the packet source Network layer host address.

IP’s TTL – Time To Live field

Sending hosts generates the value for TTL.

Common operating system TTL values are:

UNIX: 255

Linux: 64 or 255 depending upon vendor and version

Microsoft Windows 95: 32

Microsoft Vista: 128

Decremented by each router.

If the router decrements the TTL field to 0, it will then drop the packet.

What is the advantage to decrementing the TTL by each router and dropping the packet if it is 0?

So IP packets cannot travel around the Internet forever, from router to router.

IP’s Protocol Field

Protocol field enables the Network layer to pass the data to the appropriate upper-layer protocol.

Example values are:

01 ICMP

06 TCP

17 UDP

IP’s ToS Field

Type-of-Service is used to determine the priority of each packet.

Enables Quality-of-Service (QoS) mechanism for high priority traffic.

What types of traffic might a network administrator need to give priority to? Traffic that cannot accept any

delays.

VoIP

Streaming video





IP Fragmentation

Determining TCP MTU

The default Ethernet MTU value for a PC is 1500 bytes.

Typical Maximum Segment Size of a TCP segment is 1460 bytes.

Version - Contains the IP version number (4)

Header Length (IHL) - Specifies the size of the packet header.

Packet Length - This field gives the entire packet size, including header and data, in bytes.

Identification - This field is primarily used for uniquely identifying fragments of an original IP packet

Header Checksum - The checksum field is used for error checking the packet header.

Options - There is provision for additional fields in the IPv4 header to provide other services but these are rarely used.

Data Link Layer: -

The Data Link layer provides a means for exchanging data over a common local media.

The Data Link layer performs two basic services:

1. Allows the upper layers to access the media using techniques such as framing

2. Controls how data is placed onto the media and is received from the media.





The Data Link layer prepares a packet for transport across the local media by encapsulating it with a header and a

trailer to create a frame.

The Data Link layer frame includes:

Data – Layer 3 (IP Packet or other Layer 3 information)

Header - Control information, such addressing

Trailer - Control information, such as error detection





Typical field types may include:

Start and stop indicator fields

Addressing fields

Type field - The type of PDU contained in the frame

Quality - control fields

Data field -The frame payload (Network layer packet)

Data Link frame header fields may include:

Start Frame field - Indicates the beginning of the frame

Source and Destination address fields - Indicates the source and destination nodes on the media

Priority/Quality of Service field - Indicates a particular type of communication service for processing

Type field - Indicates the upper layer service contained in the frame

Logical connection control field - Used to establish a logical connection between nodes

Physical link control field - Used to establish the media link

Flow control field - Used to start and stop traffic over the media

Congestion control field - Indicates congestion in the media

Data Link layer

Connects the Network Layer with the Physical Layer

Network Layer and above is software (IP, TCP, HTTP, etc.)

Physical layer is implemented in hardware (converting bits to a transmission signal)

Data Link layer is implemented in both:

Software

Hardware

Data Link Layer prepares Network Layer packets for transmission across some form of media, be it copper, fiber,

or the atmosphere.





Data Link Sublayers: -

Data Link layer has two sublayers (sometimes):

Logical Link Control (LLC) – Software processes that provide services to the Network layer protocols.

Frame information that identifies the Network layer protocol.

Multiple Layer 3 protocols, (IP and IPX) can use the same network interface and media.

Media Access Control (MAC) - Media access processes performed by the hardware.

Provides Data Link layer addressing and framing of the data according to the protocol in use.

Data Link Standards

TCP/IP standards are defined by Internet Engineering Task Force (IETF).

Data Link layer protocols are defined by:

ISO - International Organization for Standardization

IEEE - Institute of Electrical and Electronics Engineers

ITU - International Telecommunication Union

ANSI - American National Standards Institute

Serial vs multi-access

Point-to-Point networks

Only two nodes

/30 subnets are common

Protocols: PPP, HDLC, Frame Relay

Multi-access networks (LANs)

Multiple nodes

Subnets mask range depends upon the number of hosts (nodes)

Protocols: Ethernet, 802.11 (wireless), Frame Relay Multipoint





Duplex Transmissions

Simplex Transmission: One way and one way only.

One way street

Half-duplex Transmission: Either way, but only one way at a time.

Two way street, but only one way at a time (land slide).

Ethernet hubs use half-duplex

Full-duplex Transmission: Both ways at the same time.

Two way street

Ethernet switches use full-duplex

Most serial links are full-duplex

Framing- The Trailer

The signals on the media could be subject to:

Interference

Distortion

Loss

This would change the bit values that those signals represent.

The trailer is used to determine if the frame arrived without error.

Error detection.

The Frame Check Sequence (FCS) field is used to determine if errors occurred in the transmission and reception

of the frame.

Cyclic Redundancy Check

Cyclic redundancy check (CRC) is commonly used.

Sending node includes a logical summary of the bits in the frame.

Receiving node calculates its own logical summary, or CRC.

Compares the two CRC values.

Equal – Accepts the frame

Different – Discards the frame

Physical Layer is responsible for electrical, mechanical or procedural checks. Data will be converted in Binary that is 0’s &

1’s. Data will be in the form of electrical pulses if it is Coaxial or Twisted Pair cable and in the form of Light if it is Fiber

Optic Cable. Devices working at Physical Layer are Hubs, Repeaters, Cables, and Modems etc.



Osi model

Education

port sequence number

source port number

sequence number field

starting number

number of octets

lost data

tcp connection

connection sequence