OSI Deep Dive - Paiet/Tech-Journal-for-Everything GitHub Wiki

Open System Interconnect (OSI) Model - Seven-layer model defined in 1984 and published as an international standard, ISO/IEC 7498--1

The OSI model divides into 7 distinct layers, each with its own specific tasks geared to supporting data exchange between two endpoints

Encapsulation - used by protocols to add a header (and maybe a footer) to data received by each layer above before handing over to the next layer down. The cumulative data + header becomes the payload handed to the next layer as data moves down the model from layer 7 to layer 1

Deencapsulation - exact opposite of encapsulation

Data sent into the OSI model at Layer 7 is called the data stream. Data is referred to as the data stream from Layer 7 through Layer 5. Layer 4 refers to data as a segment. Layer 3 as a packet. Layer 2 as a frame. Layer 1 as bits.

Layer 7 / Application Layer - When an application or the operating system transmits or receives data over a network, it uses the services from this layer.

Protocols: DHCP/DHCPv6 - Dynamic Host Configuration Protocol/v6 DNS - Domain Name System HTTP - Hypertext Transfer Protocol LDAP - Lightweight Directory Access Protocol SMTP - Simple Mail Transfer Protocol FTP/TFTP - File Transfer Protocol/Trivial FTP telnet LPD - Line Print Daemon POP3 - Post Office Protocol 3 IMAP4 - Internet Message Access Protocol 4 SNMP - Simple Network Management Protocol NNTP - Network News Transport Protocol

Layer 6 / Presentation Layer - provides services to ensure that applications use a common format to represent data.

Format standards: ASCII - American Standard Code for Information Interchange TIFF - Tagged Image File Format JPEG - Joint Photographic Experts Group MPEG - Moving Picture Experts Group MIDI - Musical Instrument Digital Interface

Layer 5 / Session Layer - provides a logical persistent connection between peer hosts. The session layer is responsible for creating, maintaining, and tearing down the session.

Protocols: RPC - Remote Procedure Call Protocol NFS - Network File System

Three modes of operation: a. simplex - one-way communication b. half-duplex - two-way communication, but only one at a time c. full-duplex - two-way simultaneous communication

Layer 4 / Transport Layer - creates an end-to-end transport between peer hosts. Segmentation, sequencing, error checking, flow control, error correction, multiplexing and network service optimization are all part of what the Transport Layer does.

Protocols: * TCP -- Transmission Control Protocol * UDP - User Datagram Protocol SPX - Sequenced Packet Exchange

User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) are important transport layer protocols.

UDP - connectionless (simplex) | IP header protocol field for UDP is 17 (0x11)

UDP header is simple by comparison to the TCP header. It is 8 bytes (64 bits) long, and is divided into 4 sections:

a. source port
b. destination port
c. message length
d. checksum

TCP - connection oriented (full duplex) | TCP three-way handshake

	1. SYN
	2. SYN-ACK
	3. ACK

TCP header is 20 - 60 bytes long.

Both TCP & UDP each have a total of 65,536 ports ( 2^16 ) from 0 - 65,535.

Port ranges:

0 - 1023 = Well Known
1024 - 49,151 = Registered
49,152 - 65,535 = Dynamic (ephemeral)

Port + IP address = socket

TCP Flags:

CWR - Congestion Window Reduced (RFC 3168)
ECE - Exploit Congestion Echo (RFC 3168)
URG - Urgent
ACK - Acknowledgement
PSH - Push
RST - Reset
SYN - Synchronization
FIN - Finish

Layer 3 / Network Layer - adds routing and addressing information and is responsible for traffic control, but NOT guaranteed delivery which is done by Transport Layer.

Protocols: * ICMP -- Internet Control Message Protocol - Things to be aware of: a. IP header protocol field is 1 (0x01) b. The type field in the ICMP header defines purpose; more than 40 defined; know the following: Type 0 - Echo-reply Type 3 - Destination unreachable Type 5 - Redirect Type 8 - Echo-request Type 9 - Router advertisement Type 10 - Router solicitation Type 11 - Time exceeded

RIP - Routing Information Protocol
OSPF - Open Shortest Path First
BGP - Border Gateway Protocol
IGMP - Internet Group Management Protocol - IP header protocol field is 2 (0x02)
* IP - Internet Protocol
IPsec - Internet Protocol Security
NAT - Network Address Translation
SKIP - Simple Key Management for Internet Protocol
IPX - Internetwork Packet Exchange

Hardware: Routers - use destination IP to guide transmission Bridge Routers (Brouters) - route first then bridge if fail

Internet Protocol (IP) IP is the most important network layer protocol. IP has two functions:

Addressing: uses the destination IP address to transmit packets through networks

until the packets' destination is reached. 

Fragmentation: will subdivide a packet if its size is greater than the maximum

the size allowed on a local network.

Routing Protocol types:

Distance Vector - maintain a list of destination networks and metrics

(hops) | RIP & IGRP

Link State - maintain a map of all paths to connected networks to determine

shortest path | OSPF

Layer 2 / Data-Link Layer - prepares the packet that it receives from the network layer to be transmitted as frames on the network. Ensures that the information that it exchanges is error-free. If the data-link layer detects an error in a frame, it will request that its peer resend that frame.

The proper frame type may be: Ethernet (IEEE 802.3) - most common Token Ring (IEEE 802.5) Asynchronous Transfer Mode (ATM) Fiber Distributed Data Interface (FDDI) Copper Distributed Data Interface (CDDI)

Protocols: SLIP -- Serial Line Internet Protocol PPP - Point-to-Point Protocol * ARP - Address Resolution Protocol - IP to MAC L2F - Layer 2 Forwarding L2TP - Layer 2 Tunneling Protocol ISDN - Integrated Services Digital Network PPTP - Point-to-Point Tunneling Protocol

Hardware: Bridges Switches

Media Access Control (MAC) Address - a 6-byte (48-bit) binary address in hexadecimal notation. First 3-bytes (24-bits) of the address are the manufacturer/vendor ID of the device, known as the Organizationally Unique Identifier (OUI). The last 3-bytes (24-bits) are a unique number assigned to each device within the manufacturer range.

Want to find out what company made a device based on MAC address?

https://regauth.standards.ieee.org/standards-ra-web/pub/view.html#registries

EUI what ?? - IEEE has been attempting to move away from the old MAC-48 standard (what we think of as a MAC address) towards the Extended Unique Identifier (EUI-48) standard. As if that is not enough, they also are looking to convert EUI-48 to EUI-64 in preparation of IPv6 adoption globally.

Layer 1 / Physical Layer - physical topologies are defined at this layer. The device drivers that tell the protocol how to use the hardware are at this layer. Electrical specifications, protocols and interface standards are all present:

Synchronous Optical Networking (SONET)
x.21
High-Speed Serial Interface (HSSI)
EIA/TIA-232 & EIA/TIA-449

Network Cards (NICs)
Hubs
Repeaters
Concentrators

TCP/IP Reference Model - U.S. Department of Defense developed the TCP/IP model, which is very similar to the OSI model, but with fewer layers.