The OSI Model

Understanding the 7 Layers of Network Communication

7 Application Data
6 Presentation Data
5 Session Data
4 Transport Segment
3 Network Packet
2 Data Link Frame
1 Physical Bits

CompTIA Network+ N10-009 Objective 1.1

What is the OSI Model?

Definition

The Open Systems Interconnection (OSI) model is a conceptual framework that describes how data travels across a network.

Created by the International Organization for Standardization (ISO) in 1984, it divides network communication into 7 distinct layers.

Key Point: The OSI model is a reference model, not a protocol. It helps us understand and troubleshoot networks by breaking down complex communication into manageable pieces.

Why 7 Layers?

  • Modularity: Each layer has a specific job
  • Interoperability: Different vendors can work together
  • Troubleshooting: Isolate problems to specific layers
  • Standardization: Common language for networking

Real-World Analogy

Think of the OSI model like sending a letter through the postal system. Each step (writing, envelope, address, sorting, delivery) is handled by a different department, but they all work together to deliver your message.

How to Remember the 7 Layers

From Layer 7 (Top) to Layer 1 (Bottom)

AAll
PPeople
SSeem
TTo
NNeed
DData
PProcessing

"All People Seem To Need Data Processing"

From Layer 1 (Bottom) to Layer 7 (Top)

PPlease
DDo
NNot
TThrow
SSausage
PPizza
AAway

"Please Do Not Throw Sausage Pizza Away"

Exam Tip: You WILL be tested on layer order. Pick one mnemonic and practice until it's automatic!

Alternative Mnemonics

Choose the one that sticks with you best!

Top-Down (L7 to L1)

Classic:
"All People Seem To Need Data Processing"
Tech-Themed:
"A Penguin Said That Nobody Drinks Pepsi"
Sassy:
"All Pros Search Top Notch Donut Places"

Bottom-Up (L1 to L7)

Classic:
"Please Do Not Throw Sausage Pizza Away"
Edgy:
"Pew! Dead Ninja Turtles Smell Pretty Awful"
Skeptical:
"People Don't Need Those Stupid Packets Anyway"
Pro Tip: The first letter of each word matches the first letter of each layer: Application, Presentation, Session, Transport, Network, Data Link, Physical

Layer 7: Application Layer

PDU (Protocol Data Unit): Each OSI layer wraps data with its own header, creating a unit specific to that layer. Layers 7-5 call it Data, Layer 4 calls it a Segment, Layer 3 a Packet, Layer 2 a Frame, and Layer 1 transmits Bits.
7 Application Data

What It Does

The Application layer is the interface between network services and the user. It's where humans interact with the network.

Common Misconception: The Application layer is NOT your apps (Chrome, Outlook). It's the protocols those apps use to communicate!

Common Protocols

ProtocolPortPurpose
HTTP/HTTPS80/443Web browsing
FTP20/21File transfer
SMTP25Sending email
POP3/IMAP110/143Receiving email
DNS53Name resolution
SSH22Secure remote access
Telnet23Remote access (insecure)

Postal Analogy

Layer 7 is like writing the letter - it's the actual content of your message, written in a language (protocol) that the recipient understands.

Layer 6: Presentation Layer

6 Presentation Data

What It Does

The Presentation layer is the "translator" of the network. It handles:

  • Data formatting (ASCII, EBCDIC, Unicode)
  • Encryption/Decryption (SSL/TLS)
  • Compression (reducing data size)

Key Functions

Translation: Converts data between formats so different systems can understand each other (like English to Spanish)
Encryption: SSL/TLS operates here - that padlock icon in your browser means Layer 6 is protecting your data!
Compression: Reduces file sizes for faster transmission (like ZIP files)

Examples at Layer 6

  • JPEG, GIF, PNG - Image formatting
  • MPEG, AVI - Video formatting
  • SSL/TLS - Encryption
  • ASCII, UTF-8 - Character encoding

Layer 5: Session Layer

5 Session Data

What It Does

The Session layer manages conversations between applications. It:

  • Establishes connections (start the conversation)
  • Maintains connections (keep it going)
  • Terminates connections (end gracefully)

Session Types

Simplex: One-way communication only (like a radio broadcast)
Half-Duplex: Two-way, but one at a time (like a walkie-talkie)
Full-Duplex: Two-way, simultaneous (like a phone call)

Real-World Analogy

Layer 5 is like a phone call manager. It dials the number (establish), keeps the line open while you talk (maintain), and hangs up when done (terminate). It also handles checkpoints - if a large file transfer fails at 50%, you can resume from there instead of starting over!

Common Protocols

NetBIOS - Windows networking sessions | RPC - Remote Procedure Call | SQL Sessions - Database connections

Layer 4: Transport Layer

4 Transport Segment

What It Does

The Transport layer provides end-to-end delivery of data. Think of it as the delivery guarantee service!

  • Segmentation: Breaks large data into smaller segments
  • Flow Control: Prevents overwhelming the receiver
  • Error Recovery: Detects and retransmits lost segments
  • Port Numbers: Identifies specific applications

TCP vs UDP

TCPUDP
Connection-orientedConnectionless
Reliable deliveryBest-effort delivery
Error checkingNo error recovery
Slower (overhead)Faster (lightweight)
Web, Email, FTPDNS, Streaming, VoIP

PDU: Segment

At Layer 4, data is called a Segment. Each segment contains a header with source/destination port numbers (e.g., port 80 for HTTP, port 443 for HTTPS).

Layer 3: Network Layer

3 Network Packet

What It Does

The Network layer handles logical addressing and routing - finding the best path for data to travel across networks.

  • IP Addressing: Logical addresses (IPv4/IPv6)
  • Routing: Path determination
  • Packet Forwarding: Moving data hop-by-hop

Key Devices

Router
Layer 3 Switch
Key Point: Routers operate at Layer 3. They use IP addresses to make forwarding decisions and can connect different networks (like your home network to the Internet).

PDU: Packet

At Layer 3, data is called a Packet. The packet header contains source and destination IP addresses - the logical addresses that allow data to travel across the Internet.

Protocols: IP (IPv4/IPv6), ICMP (ping), OSPF, EIGRP, BGP

Layer 2: Data Link Layer

2 Data Link Frame

What It Does

The Data Link layer provides node-to-node delivery on the same network segment (LAN). It handles:

  • MAC Addressing: Physical/hardware addresses
  • Framing: Packaging data for local delivery
  • Error Detection: CRC/FCS checking
  • Access Control: Who can transmit when?

Two Sub-Layers

LLC (Logical Link Control): Interfaces with Layer 3, handles multiplexing
MAC (Media Access Control): Handles physical addressing and media access (CSMA/CD, CSMA/CA)

Key Devices

Switch
Bridge
NIC

PDU: Frame

At Layer 2, data is called a Frame. Contains source and destination MAC addresses - the 48-bit physical addresses burned into network cards (e.g., 00:1A:2B:3C:4D:5E).

Layer 1: Physical Layer

1 Physical Bits

What It Does

The Physical layer deals with the actual transmission of raw bits over a physical medium. It's all about:

  • Electrical signals (copper cables)
  • Light pulses (fiber optic)
  • Radio waves (wireless)
  • Physical connectors (RJ-45, fiber connectors)

Key Components

Cables
Repeaters
Hubs
Layer 1 Issues: If you can physically see or touch the problem (loose cable, broken connector, signal degradation), it's a Layer 1 issue!

PDU: Bits

At Layer 1, data is just Bits - 1s and 0s represented as electrical voltages, light pulses, or radio frequencies. Layer 1 doesn't understand addresses, protocols, or data - just raw binary!

Standards: Ethernet (IEEE 802.3), WiFi (IEEE 802.11), RS-232, DSL, SONET

Encapsulation: How Data Travels Down

When you send data, each layer adds its own header (and sometimes trailer) to the data. This process is called encapsulation.

Data

Layer 4 adds TCP/UDP header

TCP | Data

Layer 3 adds IP header

IP | TCP | Data

Layer 2 adds MAC header & trailer

MAC | IP | TCP | Data | FCS

Layer 1 converts to bits

10110100 10101010 11001100 01010101...

Postal Analogy

Encapsulation is like preparing a package:
Write the letter (Application data) -- Put it in an envelope, add recipient name (Transport - port numbers)
Add street address (Network - IP addresses) -- Put in mailbox for local carrier (Data Link - MAC addresses)
Carrier physically delivers it (Physical - the actual transport)

De-encapsulation: How Data Travels Up

When data arrives at its destination, each layer removes its header (and trailer) before passing data up. This is de-encapsulation.

10110100 10101010 11001100 01010101...

Layer 1 receives bits, passes to Layer 2

MAC | IP | TCP | Data | FCS

Layer 2 checks MAC, removes header/trailer

IP | TCP | Data

Layer 3 checks IP, removes header

TCP | Data

Layer 4 checks port, removes header

Data

Layer-by-Layer Processing

  • Layer 2: "Is this MAC address mine?" -- Yes: pass up | No: discard
  • Layer 3: "Is this IP address mine?" -- Yes: pass up | No: route it
  • Layer 4: "Which application needs this?" (Check port number)
  • Layers 5-7: Process the actual data for the user

Protocol Data Units (PDUs) Summary

Each layer has a specific name for the data unit it handles:

7 Application PDU: Data User interacts here
6 Presentation PDU: Data Formatting/Encryption
5 Session PDU: Data Session management
4 Transport PDU: Segment Port numbers
3 Network PDU: Packet IP addresses
2 Data Link PDU: Frame MAC addresses
1 Physical PDU: Bits Electrical/Light/Radio
Exam Tip: Memorize these PDU names! A common question is "At which layer is data called a frame?" Answer: Layer 2 (Data Link).

Network Devices by Layer

Different network devices operate at different layers of the OSI model:

Layer 1 Devices

Hub: Broadcasts to all ports (dumb device)
Repeater: Regenerates signals
Cables/Connectors: Physical medium

Layer 2 Devices

Switch: Forwards based on MAC address
Bridge: Connects two network segments
NIC: Network Interface Card
WAP: Wireless Access Point

Layer 3 Devices

Router: Forwards based on IP address
Layer 3 Switch: Switch with routing capability
Firewall: Often operates at L3-L7

Layer 4-7 Devices

Load Balancer: Distributes traffic (L4-L7)
Proxy Server: Intermediary for requests (L7)
Next-Gen Firewall: Deep packet inspection (L7)

Key Insight

Higher-layer devices can understand all layers below them. A router (L3) can read MAC addresses (L2) and bits (L1), but a hub (L1) has no concept of IP or MAC addresses!

OSI Model vs TCP/IP Model

The TCP/IP model is the practical implementation used on the Internet. It has only 4 layers:

OSI Model (7 Layers)

7Application
6Presentation
5Session
4Transport
3Network
2Data Link
1Physical

TCP/IP Model (4 Layers)

4Application(OSI 5-7)
3Transport(OSI 4)
2Internet(OSI 3)
1Network Access(OSI 1-2)
Why Two Models?
OSI: Theoretical reference model (great for learning and troubleshooting)
TCP/IP: Practical model used on the Internet (what actually runs)

The DOD Model (TCP/IP Origins)

The TCP/IP model is also called the DOD Model because it was developed by the U.S. Department of Defense for ARPANET (the Internet's predecessor).

Alternative Layer Names

TCP/IP DOD Name OSI Equiv.
Application Process/Application L5-L7
Transport Host-to-Host L4
Internet Internet L3
Network Access Network Interface L1-L2

Key Protocols by Layer

Application: HTTP, HTTPS, FTP, SMTP, DNS, DHCP, SSH, Telnet
Transport: TCP (reliable), UDP (fast)
Internet: IP, ICMP, ARP, IGMP
Network Access: Ethernet, Wi-Fi, PPP, Frame Relay
Exam Alert: CompTIA exams may use either "TCP/IP" or "DOD" model names. Know both!
"Host-to-Host" = Transport Layer | "Network Interface" = Network Access Layer

Troubleshooting with the OSI Model

The OSI model is incredibly useful for systematic troubleshooting. Start at Layer 1 and work up!

Bottom-Up Approach

Layer 1: Is the cable plugged in? Link light on?
Layer 2: Can you see MAC addresses? Switch port active?
Layer 3: Do you have an IP address? Can you ping the gateway?
Layer 4: Is the service port open? Firewall blocking?
Layers 5-7: Application configured correctly?

Troubleshooting Commands

# Layer 1 - Physical check
Check cable connections and link lights

# Layer 2 - MAC/ARP check
arp -a
show mac address-table

# Layer 3 - IP/Routing check
ping 192.168.1.1
traceroute google.com

# Layer 4 - Port check
netstat -an | grep LISTEN
telnet server.com 80

Troubleshooting Tip

When someone says "the network is down," don't panic! Start at Layer 1: "Is the cable plugged in?" You'd be surprised how often that's the answer!

Same-Layer Communication

Each layer on the sending device communicates with the same layer on the receiving device. This is called peer-to-peer communication.

Sender

L7
L6
L5
L4
L3
L2
L1
-- HTTP/SMTP -- -- SSL/TLS -- -- Session -- -- TCP/UDP -- -- IP -- -- Ethernet -- -- Bits --

Receiver

L7
L6
L5
L4
L3
L2
L1

Key Concept

Layer 3 on your computer "talks" to Layer 3 on the destination. The conversation appears horizontal (peer-to-peer), even though data physically travels down and then up the stack!

Real-World Example: Loading a Website

Let's trace what happens when you type www.google.com in your browser:

Your Computer (Sender)

L7: Browser creates HTTP GET request
L6: Encrypts with TLS (HTTPS)
L5: Establishes session with server
L4: TCP adds port 443, sequence numbers
L3: IP adds your IP + Google's IP (172.217.x.x)
L2: Ethernet adds your MAC + router's MAC
L1: Bits sent as electrical signals

Google Server (Receiver)

L1: Receives electrical signals
L2: Checks MAC, strips frame header
L3: Checks IP, strips packet header
L4: TCP delivers to port 443 (HTTPS)
L5: Maintains session
L6: Decrypts TLS
L7: Web server processes HTTP request

Key Exam Points

Must Know for Network+

Q: What is the PDU at Layer 2?

A: Frame

Q: Which layer uses IP addresses?

A: Layer 3 (Network)

Q: At which layer does a switch operate?

A: Layer 2 (Data Link)

Q: What happens during encapsulation?

A: Headers are added as data moves down the layers

Must Know for CCNA

Q: How does TCP/IP model differ from OSI?

A: TCP/IP has 4 layers; combines OSI L5-7 into Application and L1-2 into Network Access

Q: Which layer handles error recovery?

A: Layer 4 (Transport) - TCP provides reliable delivery

Q: What addresses are used at Layer 2?

A: MAC addresses (48-bit physical addresses)

Final Tip: When in doubt, remember the data flow: Application -- Transport -- Network -- Data Link -- Physical. Data goes DOWN on sender, UP on receiver!

OSI Model Summary

7 Application Data HTTP, HTTPS, FTP, SMTP, DNS, SSH
6 Presentation Data SSL/TLS, JPEG, MPEG, ASCII, Encryption
5 Session Data NetBIOS, RPC, SQL Sessions
4 Transport Segment TCP, UDP | Port Numbers
3 Network Packet IP, ICMP, OSPF | Routers
2 Data Link Frame Ethernet, 802.11 | Switches, MAC
1 Physical Bits Cables, Hubs, Signals

Remember

  • All People Seem To Need Data Processing (L7 to L1)
  • Encapsulation: Headers added going DOWN | De-encapsulation: Headers removed going UP
  • Layer 3 = IP addresses (Routers) | Layer 2 = MAC addresses (Switches)
  • Troubleshoot bottom-up: Start at Layer 1 (is it plugged in?)