if you work for any amount of time in information technology you'll certainly hear someone refer to a layer of the osi model this stands for the open systems interconnection reference model and it's a way to describe the way that traffic is moving from one part of the network to another as the name implies the osi model is a model it's a guideline it's a very broad way to describe the way that data moves across the network and it allows us to communicate with other it professionals in a way that we both can understand exactly what we're talking about if you do any type of research into the osi model you may see references to the osi protocol suite the osi protocols themselves didn't catch on and in fact today we use primarily tcpip but the osi model which was built around those osi protocols continues to be used as a reference when we talk to other it professionals the osi model consists of these seven layers you can see them represented here on the left side of the screen and at each layer of the model is a set of protocols and these protocols may be very different depending on the type of traffic going over your network you'll use this osi model for the rest of your career it's a common language that we can use within it to help describe how data is progressing from the very beginning of the traffic flow to the very end one common way to memorize these different layers of the osi model is to start at the top with the application layer through the presentation session transport network data link and physical layers one common way to remember the different layers of the osi model is to remember the mnemonic all people seem to need data processing and those initials for each one of those words correspond to application presentation session transport network data link and physical let's start our talk about the osi model at the very bottom this is layer one or the physical layer of the osi model and although we're talking about the physical part of the network a lot of what happens at this layer one is really about the signaling or the signal that's going over the network connections for layer one we're talking about the cables that you're using the fiber runs or just the ability to get signal from one part of the network to the other if someone tells us that we're having a physical layer problem then we'll want to look at the cabling that we're using make sure that all of our punch down connections and connectors are working the way they should we may want to run loopback tests we may want to check or replace the cables that we're using or perhaps even swap the adapter cards to make sure that we can resolve these layer 1 problems the next layer of the osi model is layer 2 or the data link layer this is the layer that is a foundational layer for the protocols that we will then begin to stack on top of layer 2. you'll find that layer 2 is sometimes referred to as the data link control or dlc layer and there will be a series of protocols that run as dlc protocols a good example of this is on ethernet networks where we use the media access control addresses or mac addresses we sometimes refer to those as layer 2 addresses because they correlate back to the data link control protocols and since switches make their forwarding decisions based on these mac addresses we sometimes will refer to layer 2 as the switching layer this image describes communication at layer 2. you can see the mac address of this network interface card and the mac address of this network interface card and any communication between those two that is using that mac address we can refer to as a layer 2 communication if we move up one layer in the osi model where layer three or the network layer sometimes you'll hear this referred to as the routing layer because this is the layer associated with ip addresses ip addresses are obviously very common on our networks and any device that is making forwarding decisions based on these ip addresses is communicating at layer 3. this is also the layer where frames will be fragmented or broken into smaller pieces in order to move those between different types of networks so if you move between an ethernet network off to a wan network and then back to ethernet you may find that the data is being fragmented and that fragmentation is occurring at layer 3. layer 4 of the osi model is the transport layer sometimes you'll hear this referred to as the post office layer because this is the layer that describes how data is being delivered and where it is being delivered into a system the protocols used at layer 4 are protocols such as tcp that is the transmission control protocol and udp which is the user datagram protocol this layer is used when you're accessing a web page but the web page itself is so large that you can't send all of the data across the network in one single frame instead you have to split it up into separate frames and send those individual pieces across the network where they are put back together on the other side layer 5 of the osi model or the session layer is designed to start and stop communication between one endpoint and another this is where you would use control protocols or tunneling protocols in order to begin the communication of data between one device and another for example one device may ask in a browser can we talk and it's communicating that information to google which will then set up a session and begin transferring information osi layer 6 is the presentation layer and just before we're able to view information on our screen the presentation layer needs to take this data and put it into a form that we can understand anything dealing with the encoding of characters or encryption of application data will occur at layer 6. this layer is often combined with the application layer at layer 7 because the functionality is so closely associated with our ability to use these applications layer 7 of the osi model is the application layer and this is the layer that we get to see as humans using a computer we go to a browser screen and start a browser session and this information that we're seeing on the screen is the layer 7 application data if you're transferring a file with ftp or performing a name resolution with dns or simply using a browser with http or https you're using an application layer protocol let's now take these very broad concepts with the osi model and try to associate them back to practical real world examples let's look first at layer 1 or the physical layer if you're holding a cable or you're looking at an analysis of signal going across the network then you're working at the physical layer of the osi model if you're working with switch forwarding or you're examining the mac address of a device then you're working at layer 2 or the data link layer moving up to layer 3 or the network layer we're now working with ip addresses so if you're working with routers that make forwarding decisions based on ip address then you're operating at layer 3. layer 4 or the transport layer deals with udp and tcp protocols and the port numbers associated with tcp and udp layer 5 or the session layer is our control layer we're tunneling information or setting up communication between one device and another layer six of the osi model or the presentation layer is commonly associated with encryption if we're communicating to a web browser over an https or encrypted communication then we're working at osi layer 6. and lastly the web browser that we're viewing and the information that's on our screen is able to be shown to us thanks to osi layer 7 or the application layer another practical view of the osi model can be seen in a packet capture application in this case i'm using wireshark to capture data going across the network and there are three windows that you can see in this wireshark communication the view at the top is the summary view each line that's within that summary view is showing us one frame that's going across the network at the bottom of the screen is a hexadecimal and ascii representation of that data but where we want to focus is the middle window which is the detailed window in this detail window we can see each part of this communication broken out into the separate osi layers for a single frame for example we'll look at this frame number 88 that's currently selected frame 88 shows us that it's using 2005 bytes on the wire and that is describing the traffic that is being received at layer 1 or the physical layer just underneath that is a line of information showing this is an ethernet 2 frame it shows a source mac address and a destination mac address which means that it's referring to layer 2 or the data link layer to see layer 3 information we go to the next line which is showing us internet protocol or ip and we know if there are ip addresses such as the ones listed here then we must be working at layer 3 or the network layer the next line underneath the layer 3 information is the layer 4 information in this case it's the tcp protocol using a port number of 18429 as the source and the destination port is the https protocol using port 443 all of those tcp communications are occurring at layer 4 or the transport layer not uncommonly you'll often see layers 5 6 and 7 grouped together and in fact in wireshark we see it grouped together here as well you can see there is the secure sockets layer which is the final line in this detailed view and that particular secure sockets layer details the session presentation and application layer traffic traversing the network each time you use an application or send traffic over the network you can describe this communication in the context of the osi model let's take for example an application like google mail we'll log into google mail at mail.google.com and as we are using that application on our screen we're using osi layer 7 or the application layer if we're sending information back and forth to our browser everything being communicated to this mail server at google is being encrypted and it's being encrypted thanks to the presentation layer at layer 6 which is using ssl encryption layer 5 is the session layer which is linking together everything above at the presentation and application layer to all of the traffic below that will be traversing the network and just below that layer 5 is the layer 4 transport information we know that this communication is probably going to use tcp 443 which means that we'll be using the transport layer to send that tcp data there's of course ip addresses that are used between your workstation and the google email server and all of that communication is occurring thanks to the ip encapsulation associated with layer 3 or the network layer all of that tcp and ip traffic is being encapsulated within ethernet frames and those ethernet frames are being sent over the network thanks to layer 2 or the data link layer and lastly the physical signals to be able to send these frames from one device to another are occurring at layer 1 or the physical layer by separating the network communication into this well-known series of layers you're able to communicate with other it professionals when you're troubleshooting examining applications or trying to get an understanding of how applications may be working over your network you