OSI model and TCP/IP model in computer networking

1. Introduction: Hi, everyone, and welcome to this training about the OSI model and TCP IP model. My name is Marko Bukowski, and I've been working in IT for many years already. I've been a senior network engineer, I've been DevOps engineer, cloud administrator, and I can tell you that both OSI and TCP IP models are the foundations of computer network communications. Once you understand just one of those models, everything else starts making sense and it's so much easier to learn any other computer networking concept. We will go through all seven layers of OSI model, which are application, presentation, session, transport, network data link and physical layer. We will cover all of them plus one extra layer, layer eight, which is joke, but you will see what I mean, and we will see how they relate to TCP IP layers. Note that you don't need any previous IT knowledge or any IT background. This training is for everyone. All you need is a bit of spare time to learn all those concepts. I won't keep you waiting. Let's just get started. Thanks. 2. What is an OSI model?: Have you ever wondered, how is it possible that I can, let's say, watch YouTube on my TV, on my phone, on my iPad or on my laptop? Let's say, yes. The YouTube server runs probably on Linux, I guess. My phone and TV runs on Android and my iPad iPad OS, and the laptop is running on Windows. How can each of those devices reach the YouTube server? Over computer network. This is all possible today thanks to something called OSI model or Open Systems Interconnect model. And to really understand OSI model, we would have to go back to, let's say, 1970s when there was no such thing as the Internet. I mean, there were some computers already, but they were big standalone devices that were not meant to connect to anything else except of power grid. Here we have, let's say, two universities and each university purchased one of those huge devices called a computer. After a while, those universities realized that they work on very similar project and they thought, Hey, wouldn't it be cool if we could connect those computers together, yes, we could then combine our knowledge, our research. The thing was, these computers didn't have any network cards, and there was no such thing as Ethernet cable or fiber cable or any other cable that we would use today. There was yet another problem because one of those computers was from one manufacturer maybe, let's say, IBM, and the other one was from completely other vendor. And those vendors already worked back then on the ways to connect two devices together. But they only had in mind their own devices. So if both universities have the same computer, then maybe there would be some way to connect them. But if one of these computers were from any other company, that would simply be not possible. So there was quite a mess really, and those companies started to compete with each other. Rather than working on one common solution. Eventually, the international organization for standardization, ISO, in 1984, they introduced the OSI model, open systems interconnect model. And their concept was very simple. Start creating some common standards that every manufacturer can follow, so it doesn't matter if these devices are from the same or from different companies, from different manufacturers. If they follow the same standard, they will work together with each other. Note that OSI is called a model, not a standard. That's because you can't have just one standard that would include everything related to computer networking. Networking includes way too many parts, so they had to split it into some manageable chunks. So they invented that OSI model, and they divided that model into seven so called layers. And each of these layers can include many different standards, different protocols. That protocol simply means a set of rules, let's say, and then you have a standard written for example, on short distance, you might want to connect computers using copper cable, but on longer distance, maybe you choose fiber cable or maybe you prefer to connect these devices wirelessly. Each of those types of connections will need to have their own standard, their own protocol. Now let's talk about those layers. We've got seven layers here. They are called application, presentation, session, transport, network, data link, and physical layer. Physical layer is the layer where you will find all those standards regarding those cables we were talking about what voltage to use in a copper cable, what frequency to use for wireless transmission, what strength the light should be in the fiber cable, et cetera. But I think it will make more sense if we start our journey at layer seven and we go down rather than going from layer one up. 3. Layer 7 - Application Layer: So layer seven is called an application layer. That name might be a bit confusing, though, because we're not talking about applications like Photoshop or Microsoft Office. Remember that OSI model B is about internetworking, so we focus only on the part responsible for sending and receiving data over computer network. Let's say you watch YouTube on your laptop. Do you do that? You might use maybe Chrome or Firefox browser and you paste that www.youtube.com. That youtube.com is simply saying that you want to be connected to youtube.com server. But to fetch any data from that server, your browser will use a protocol called HTTP. It stands for hypertext transfer protocol and that protocol or that standard is actually standard that belongs to Layer seven of the OSI model. HTTP is an application layer protocol that can be used by your browser to request data from that remote server, from that YouTube server, for example. HTTP will use so called G method to request some data from that remote server, and the server will use HTTP post method to send that data back to you. In this example, it's the browser running on your laptop exactly. I'm saying you, but I mean that browser. Watching YouTube is not only thing you do on your laptop, do you? Maybe you want to send an email to somebody, and you can also use browser for that or maybe you have dedicated application for sending and receiving emails. But to deal with those emails, we have yet another protocol in application layer, and it's called SMTP, Simple Mail Transfer protocol. And that's application layer protocol that is responsible for sending those emails back and forth. And maybe another example, maybe you have WhatsAp on your phone and you want to talk to another person using that WhatsAp application. Your Whats we'll use something called XMPP, which stands for extensible messaging and presence protocol, and guess what? It's simply another application layer protocol that is used for communication between two devices that have WhatsAp installed. When I talk about the application, I'm not talking about the WhatsAp itself, but what WhatsAp uses to actually have that data transferred. The application layer protocol for that will be that XMPP. Simply, every time you use some application on your device that needs to connect to the Internet or to some other computer network. Your device will use one of those protocols that are defined in that application layer. By the way, those protocols, they are officially written as standards called RFCs. You can easily Google them. For example, Google HDP RFC and you will see the official documents with RFC number. I TTP has actually multiple documents available because sometimes these documents are updated, sometimes they are slightly changed. But these documents is simply something that has to be followed by manufacturers. So whatever they produce is compatible with other devices, but it's also very useful for us, users. We can read that documentation if we want to understand what really happens in the background. You can see here, for example, in the RFC 2616. I table of content, you will see HTTP versions, basic rules, overall operations, and loads and loads of very useful stuff that will let you learn everything you want to know about HTTP exactly. If you want to learn about SMTP, you simply Google SMTP RFC. 4. Layer 6 - Presentation Layer: Okay, but let's go one layer down. Here we have layer six presentation layer is about how the data on the wire is presented so both sides can simply understand it. Let me show you what I mean. Let's take that HTTP protocol we talked about. But maybe we are not on YouTube now. Maybe we want to log on to our bank to check our bank statements, yes. We definitely want that connection to be secure, don't we? Because even if somebody somehow would manage to intercept all the data that was sent over that wire, they would simply not be able to see any sensitive details of our account. That's how it works nowadays, and this is done using data encryption. And there are many ways that data can be actually encrypted, but HTTP uses one called TLS, Transport Layer Security. That TLS is a cryptographic protocol that encrypts all the data that is sent back and forth over that wire. You sometimes might hear people referring to TLS as SSL. The SSL was a secure socket layer, and it was an old encryption mechanism that was used years ago. But even though we've been using only TLS for very long time, most people would still call it SSL, even though it really is TLS, transport layer security. So both those devices, my laptop and server I'm connecting to at the bank, they have to first agree on set of rules they want to use to encrypt that traffic because the goal is that what one device encrypts, the other one should be able to decrypt. And that is done using so called TLS handshake. That TLS handshake is the process where the devices decide what encryption method they will use, so the data is presented the way that other side can understand and decrypt. This presentation layer simply includes protocols that are responsible for how data is being presented. This protocols job is to assure that every aspect of that connection can be understood by both parties. The server at my bank send the data which is presented in the way that my laptop understands, and my laptop can decrypt that conversation so I can securely check how much money I have in bank account, let's say. 5. Layer 5 - Session Layer: Next one down is layer five, session layer. Let's say we have our laptop and we connect to maybe a server at work, and we want to download a text file or a word document, maybe. The session layer will understand that we requested some document to be downloaded, and when the download process starts, the session layer will monitor. And once the download process has completed and nothing else is needed, the job of session layer is done, and that session is closed. Or maybe another example, maybe you want to access a website. Maybe it's bibc.com. Please note that you might have more than one session at a time. You might have one session created get the skeleton of the website only, then another session, the only job for that session will be to provide this image, for example, and maybe another session will provide this image or that video, you know. Another part, but this part is on the same website still. So if you access a website and part of this website is missing is not displayed properly, that means one of the sessions broke and could not be re established for some reason. So if you watch something or if you download something, session layer will open that new session for you, then it makes sure that you get entire document that you requested or entire video, and only then once all the data has been successfully delivered, that session is then gracefully closed. And that's really all about the session layer. 6. Layer 4 - Transport Layer: One down layer four, the transport layer. Transport layer is very interesting one and more than one thing happens at that layer. What you saw in that session layer, that's not entire story. The fact is that text document or that picture that is being sent, it is not being sent as one big file. This file has to be split into smaller chunks called segments, and that's the first thing that happens at layer four, how the file is split, it depends mainly on what application is running at application layer. Let me explain. If we download the file, we want to make sure that we receive entire document. So we need a transport protocol that will make sure that we get whole document exactly as it is stored on the remote server. So the protocol layer for that is called TCP, transmission control protocol. What transmission control protocol does, it will split that file into smaller chunks. They're called segments, as I it will attach something called a TCP header in front of each of those segments. Within that TCP header, it will include a little label where it will number each of those segments. Because our data was split into four segments, then each segment will have its own little label. Maybe it's simply label one, two, three, and four. The TCP then sends a little message to the other side saying, Hi, mate, I'm going to send you some data. Are you ready to receive it? It will wait until that other side sends the acknowledgment saying, yes, mats, I'm ready to to receive it, send it over. So the server then starts sending those fragments, those segments over it. It will send the first segment, and it will wait for the response that this segment was successfully received on the other side. Once it gets this conformation, it will send segment number two. But what additionally can happen this was a very large file, let's say, and TCP had to split it into 10,000 segments, not four but 10,000. TCP could also ask, Bro, can I send more than one segment before waiting for your acknowledgment? If that other server thinks it's fine, then it might respond with the message, yes, sure. You can send me ten at a time. We will just make sure that bunch of ten was received before you send even more. That feature of TCP is called flow control. The network cards simply negotiate how fast this communication can happen before something goes wrong. But even when something goes wrong, they are able to recover that information. If we go back to example with just four segments, one file split into four segments, and let's say the first segment was delivered successfully, second segment was delivered successfully as well, and maybe they renegotiated that they should maybe send two segments at the same time. This time, server sends two remaining segments, number three and number four. The receiving server only received segment one, two, and four, looks like number three is missing. What it will do, it will simply send that information to the source and it will ask sort looks like number three is missing. Can you please send it again? The server that has the file, the entire file, that server will resend only that missing segment, segment number three. Once that segment is delivered, the TCP will send a confirmation. It will say, yes, my cheers looks like I have all I need to reassemble those segments into a file. Then the TCP connection is closed, the session is closed the operation is completed. You might think, well, that's cool. I guess that's the only protocol we need. Yes. The fact is that TCP is not always the best choice. As you can imagine, there is quite a lot of conversation between those network devices going back and forth and making sure every single segment is delivered as expected. Sometimes you might have a situation where losing some data doesn't really matter. What really matters for you is that your data is delivered as fast as it is possible. For example, imagine talking to somebody on WhatsApp or Messenger, or maybe you have a conference call on teams, yes. In this scenario, if somebody talks to you and a little blip happens, yes, maybe somebody else I don't know, there was a little hiccup and the video froze for a second. Maybe even part of word that person was saying got missing somehow, but that's not something you would want to recover and replay later on. You would simply carry on with your conversation, and that's why we have yet another protocol, transport protocol called UDP, user datagram protocol. It's very simple protocol, but it's very fast. UDP splits the data into a very small chunks, and it doesn't care if it's delivered or not, each. Sometimes we call it spray and pray because it will simply send it out and it will just hope it's delivered. But even if it's not, it doesn't care about it. It will not try to recover anything because the main goal is to get the data out as soon as it is possible, so you get that data on the other side nearly real time because that's what you want. If you want to talk to somebody, you don't want to have any delay. All right. That's TCP and UDP. And I would say they consist of 99% of network traffic. But there are some exceptions though. OSPF routing protocol is one of those exceptions. For example, OSPF will send data with no layer four information at all. It uses its own solution that is written directly to the data portion, and then the data goes straight down to layer three without any transport layer information. But that is not very common, you know. So usually when you hear about layer four, transport layer, most of the time, it's about TCP or UDP. 7. Layer 3 - Network Layer: Step down, we've got layer Triden. It's a network layer, and it's my favorite one, and I think it's the most interesting layer in OSI model. Network layer is about end to end connectivity. What it means is when you want to connect to let's say that youtube.com, you type youtube.com in your browser and the landing page of YouTube is displayed. But for your computer, that name youtube.com doesn't mean anything. Your computer needs what is called IP address and both you and the youtube.com will have globally unique IP address and that communication is established between those two IP addresses. You can check what is your IP address by just Googling. What is my IP? If you want to find out what is the IP address of youtube.com, you can, for example, open terminal type NS lookup youtube.com, and the IP address of YouTube server will show. This way, both parties will know where to send the traffic. I mean, based on this information, they will know where the traffic is coming from and where it has to be sent to back and forth. So another header will be attached here to that segment, and it will include this information, which is both source and destination IP address. But to get from one end to another, this traffic will have to pass multiple devices called Routers and routers are network devices that will know where to forward the traffic further and further until it reaches its destination. This traffic, your traffic might have to pass multiple Internet service providers and those Internet service providers will run internally something called dynamic routing protocol. That dynamic routing protocol is like a language these devices can speak so they can exchange the information about available networks and how to reach. Every single device on the path will have the knowledge of how to reach both ends of that communication. They will know where to pass that traffic that goes towards YouTube and they will also know how to return that traffic back to you. I will not dwell too much because it's very complicated topic. But if you are interested and want to Google some more information, then you should know that inside ISP, you will usually find multiple dynamic routing protocol. Can have, for example, OSPF and IBGP, which is open shortest path first and internal border gateway protocol. That is used to exchange routing information internally within that ISP. Then you will also have EBGP, external border gateway protocol, which is used to exchange routing information between two different ISPs. Going back to OSI model, inside that layer three, network layer, you will find protocols and standards that relate to that end to end connectivity. Those routing protocols like OSPF or BGP, or IP addresses that we mentioned as well. Anything to do with that end to end addressing and packet delivery, these standards can be found here in layer three. 8. Layer 2 - Data Link Layer: So what about layer two then? The data link layer. What's that about? Layer two is about hop by hop connectivity. Layer three was end to end and layer two, hop by hop. Notice that in previous example, we had source and destination IP addresses, yes, and that IP addresses do not change. They will stay the same on the entire path. They have to reach destination and then the traffic has to go back to the source so they can't change. The routers know how to pass information based on those IP addresses. But they also need to know how to reach each of those routers that are directly connected to them. That is where layer two header. So yes, another header added to our data. This header will be for that hop by hop communication. The truth here is that the topology inside Internet service provider doesn't usually look exactly like on this picture. Those routers are not directly connected to each other, but instead, they are usually connected to a device called a switch, and that switch is simply a connection box for all other devices. And now the thing is, this router knows how to forward the traffic to that router. Based on the destination IP address, it knows it has to be there, it has to be forwarded there, but at the same time, this router is now connected to maybe five or ten other routers via this switch. So to make sure that it goes to the correct router, it needs to add that information to that layer two header. And this header is called Ethernet header. That Ethernet header will also have source and destination address, but this time, the source will be the local interface connected to this router and the destination will be configured with layer two address of the neighboring router interface. These layer two addresses are called MAC addresses, and every single device will have unique MAC address for every single interface it might have. The switch also that connects those device we'll know where to forward the traffic based on that layer to information. It will have something called MAC address table and it will use that table to send the traffic back and forth between those routers. Just to clarify, if this router's interface has Mac address, let's say AAA. I mean, MAC address is much longer, but we will simplify it here and let's just say it's A. Maybe let's say the interface on the other router on that other side has MAC address of B B B. So this specific interface on that device has MAC address BBB then in that ethernet Haddle, this router will configure source MAC. AAA, its own, yes. I will put the information where this packet is coming from, and the destination will be Mac address of BBB, because that's the MAC address of interface this data should land on. So this traffic goes through the switch. The switch knows what port to use to reach that BBB, and once the traffic reaches that interface, this router will then rewrite that layer two information. So let's say the other interface has MAC address of CCC and it goes to interface with Mac address of DDD. So that will be the new information written to layer two header. And this information will be rewritten at every hob Layer three b. It will add new layer two information. That what happens 99% of the time at layer two. But the Ethernet is not only layer two technology. Occasionally, those routers can actually be connected via serial interface without switch in between, and then the protocol used will be PPP, which stands for point to point protocol. That protocol will not have any MAC addresses because there is simply no need for them. There is only one interface at each end and that one interface can only lead to one device on the other side. The PPP header is much simpler and there is not much info that needs to be attached there. The data in clay is simply the layer where we will find all standards related to that hop by hop communication. Layer three, end to end, layer two, hop by hop. 9. Layer 1 - Physical Layer: So now layer one, the physical layer. And we mentioned physical layer at the very beginning, but that will be the quick one anyways. Physical layer is about what shape of the connector should be chosen, for example, that ethernet cable we all know. This shape of it has to be very specific, and the ethernet cable has to have eight wires inside, and those wires have to be color coded, specific. All of that is in physical layer. The standards are in physical layer, like what voltage has to be used there or how strong the light impulse should be in the fiber cable. All of that will have its own standard, and that standard will be part of layer one, physical layer in OSI model. 10. OSI's secret Layer 8 : Last thing I want to mention about OSI model is sometimes, especially when you work as a network engineer, you might hear somebody saying, Oh, it's a layer eight issue. And you might be like, What's layer eight if we only have seven layers in OSI model? Yes? Well, this is when you know that problem is not related to any underlying technology, the problem is the user doing something silly. And in fact, layer eight issue is probably the most common issue you have to deal with as a network engineer. 11. OSI Model vs TCP IP Model: We talk about OSI model, we also have to mention something called TCP IP model. This is something very interesting, not from technical, but rather historical point of view. The fact TCP IP model and OSI model were two separate models. They were two competitors simply. The TCP IP model won that battle, and it is something we use today, the TCPIP model. OSI model was the old model that lost the battle. You might get angry now thinking, Mark, why the hell are you talking about OSI model for such a long time and not about TCP IP? The thing is, even though the TCPIP model won the battle, and in fact, we only use TCP IP model nowadays, the layering presentation was supposed to be streamlined in the TCPIP model. We have less layers. Different authors have interpreted this TCP IP model differently and they even disagreed at one point about how many layers the TCP IP model should include. Some said it should have four layers, some said it should have five layers, et cetera. For network engineers, it was simply silly thing and they simply carried on using OSI model representation and it is still till now, most popular model because you can kind of translate the layers from OSI model to TCP IP model. Nowadays, if somebody talks about layer four, let's say, or layer seven, they will only mean layers in OSI model. They do not refer to TCP IP model. So this is kind of strange situation. We work with TCPIP model, but we use OSI model to represent the layers of the TCPIP model. I know, a bit confusing. 12. Further learning: Okay, that was a long journey, but I hope it helped you understand this subject. Remember, if you are interested in technology and want to learn about IT, about DeWops, cloud and other IT related stuff, then please remember to join our Automation Avenue platform where you will find hours and hours of very useful materials, videos, quizzes, et cetera. That's all I wanted to say today. Thank you for watching and see you next time, Mark.