CCNA Study Guide

This tutorial explains OSI Reference Model in detail with examples including its protocols and functions in easy language.

Layers model is a theoretical approach that describe how data is going to be transmit over the network. There are several layer models available, among those following three models are the most popular and highly tested in CCNA Exam.

  1. OSI Reference model
  2. TCP / IP Reference model
  3. Cisco three layer model

This tutorial is the second part of our article "OSI Layers model". You can read first part of this article here.

OSI Model Advantages and Basic Purpose Explained

In this introductory part I explained why OSI Layers model was created. Later I explained the advantages of OSI Layers model, purpose of OSI Layers model and basic services provided by layers model.

OSI Model Seven Layers

OSI Layers model has seven layers; Application, Presentation, Session, Transport, Network, data link and physical.

Application Layer

Application layer provides platform to send and receive data over the network. All applications and utilities that communicate with network fall in this layer. For examples

Browsers :- Mozilla Firefox, Internet Explorer, Google Chrome etc

Email clients: - Outlook Express, Mozilla Thunderbird etc.

FTP clients :- Filezilla, sFTP, vsFTP

Application layer protocols that we should know for exam are following:

SNMP (Simple Network Management Protocol) — Used to control the connected networking devices.

TFTP (Trivial File Transfer Protocol) — Used to transfer the files rapidly.

DNS (Domain Naming System) — Used to translate the name with IP address and vice versa.

DHCP (Dynamic Host Configuration Protocol) — Used to assign IP address and DNS information automatically to hosts.

Telnet— used to connect remote devices.

HTTP (Hypertext Transfer Protocol) — Used to browse web pages.

FTP (File Transfer Protocol) — Used to reliably sends/retrieves files.

SMTP (Simple Mail Transfer Protocol) — Used to sends email.

POP3 (Post Office Protocol v.3) — Used to retrieves email.

NTP (Network Time Protocol) — Used to synchronizes clocks.

Presentation layer

Presentation layer prepares the data. It takes data from application layer and marks it with formatting code such as .doc, .jpg, .txt, .avi etc. These file extensions make it easy to realize that particular file is formatted with particular type of application. With formatting presentation layer also deals with compression and encapsulation. It compresses (on sending computer) and decompresses (on receiving computer) the data file. This layer can also encapsulate the data, but it’s uncommon as this can be done by lower layers more effectively.

The Session Layer

Session layer deals with connections. It establishes, manages, and terminates sessions between two communicating nodes. This layer provides its services to the presentation layer. Session layer also synchronizes dialogue between the presentation layers of the two hosts and manages their data exchange. For example, web servers may have many users communicating with server at a given time. Therefore, keeping track of which user communicates on which path is important and session layer handle this responsibility accurately.

Transport Layer

So far CCNA exam is concern; this is the most important layer to study. I suggest you to pay extra attentions on this layer, as it is heavily tested in exam.

Transport layer provides following services: -

  • It sets up and maintains the connection between two devices.
  • It multiplexes connections that allow multiple applications to simultaneously send and receive data.
  • According to requirement data transmission method can be connection oriented or connection less.
  • For unreliable data delivery connection less method is used.
  • Connection less method uses UDP protocol.
  • For reliable data delivery connection oriented method is used.
  • Connection oriented method uses TCP protocol.
  • When Implemented a reliable connection, sequence numbers and acknowledgments (ACKs) are used.
  • Reliable connection controls flow through the uses of windowing or acknowledgements.

For exam purpose remember five main functions of transport layer.

  1. Segmentation
  2. Connection management
  3. Reliable and unreliable data delivery
  4. Flow control
  5. Connection multiplexing

Let’s understand these functions in more depth

Segmentation

Segmentation is the process of breaking large data file into smaller files that can be accommodated by network. To understand this process thinks about a 700 MB movie that you want to download from internet. You have 2MBPS internet connection. How will you download a 700MB movie on 2MBPS internet connection?

In this case segmentation process is used. On server transport layer breaks 700MB movie in smaller size of segments (less than your internet connection speed). Assume that 700Mb movie is divided in 700 segments. Each segment has file size of 1Mb that your PC can easily download at current connection speed. Now your PC will download 700 small files instead of one large file. So next time when you see download progress bar in browser, think it about segment receiver progress bar. Once your browser receives all segments from server, it will pop up a message indicating download is completed. Transport layer at your PC will merge all segments back in a single 700Mb movie file. End user will never know how a 700Mb movie makes its way through the 2Mbps connection line.

Connection management

Transport layer setup, maintain and tear down connections for session layer. Actual mechanic of connection is controlled by transport layer. Transport layer use two protocols for connection management UDP and TCP.

UDP

UDP is a connection less protocol. Connection-less transmission is said to be unreliable. Now, don't get worried about the term "unreliable" this doesn't mean that the data isn't going to get its destination; its only means that it isn't guaranteed to get its destination. Think of your options when you are sending a postcard, put it in the mailbox, and chances are good that it will get where it's supposed to go but there is no guarantee. There is always a chance of missing in the way. On the other hand, it's cheap.

TCP

TCP is a connection oriented protocol. Connection-oriented transmission is said to be reliable. Think TCP as registry AD facility available in Indian post office. For this level of service, you have to buy extra ticket and put a bunch of extra labels on it to track where it is going and where it has been. You get a receipt when it is delivered. In this method you have a guaranteed delivery. All of this costs you more—but it is reliable!

Reliability

Reliability means guaranteed data delivery. To insure delivery of each single segment, connection oriented method is used. In this approach before sending any segments three way handshake process is done.

Three way handshake process

tcp three way handshake process
  1. PC1 sends a SYN single to PC2 indicating that it wants to establish a reliable session.
  2. P2 replies with ACK/SYN signal where ACK is the acknowledgment of PC1’s SYN signal and SYN indicates that PC2 is ready to establish a reliable session.
  3. PC1 replies with ACK signal indicating that is has received SYN signal and session is now fully established.

Once connection is established data transmission will be initiated. To provide maximum reliability it includes following functions:-

  • Detect lost packets and resend them
  • Detect packets that arrived out of order and reorder them
  • Recognize duplicate packets and drop extra packets
  • Avoid congestion by implementing flow control

Flow control

The transport layer implements two flow control methods:

  • Ready/not ready signals
  • Windowing

Ready / not ready signals method

In this method sender sends data according to its buffer size. Receiver receives data in its buffer. When receivers buffer get filled, it send a not ready signal to sender, so sender can stop transmitting more segments. Receivers send ready signal when it becomes ready to receive next segments. This method has two problems.

  • First, the receiver may respond to the sender with a not ready signal only when its buffer fills up. While this message is on its way to the sender, the sender is still sending segments to the receiver, which the receiver will have to drop because its buffer space is full.
  • The second problem with the uses of this method is that once the receiver is ready to receive more segments, it must first send a ready signal to the sender, which must be received before sender can send more segments.

Windowing

In windowing a window size is defined between sender and receiver. Sender host will wait for an acknowledgement signal after sending the segments equal to the window size. If any packet lost in the way, receiver will respond with acknowledgement for lost packet. Sender will send lost packet again. Window size is automatically set during the three step handshake process. It can be adjust anytime throughout the lifetime of connection.

Connection Multiplexing/Application Mapping

Connection multiplexing feature allows multiple applications to connect at a time. For example a server performs a number of functions like email, FTP, DNS, Web service, file service, data service etc. Suppose server has a single IP address, how will it perform all these different functions for all the hosts that want to connect with it? To make this possible transport layer assigns a unique set of numbers for each connection. These numbers are called port or socket numbers. These port numbers allow multiple applications to send and receive data simultaneously.

Port numbers are divided into following ranges by the IANA

Port number Descriptions
0–1023 Well-Known—For common TCP/IP functions and applications
1024–49151 Registered—For applications built by companies
49152–65535 Dynamic/Private—For dynamic connections or unregistered applications

Common TCP and UDP Port Numbers

TCP UDP
FTP 20, 21 DNS 53
Telnet 23 DHCP 67,68
SMTP 25 TFTP 69
DNS 53 NTP 123
HTTP 80 SNMP 161
POP 110
NNTP 119
HTTPS 443

Network Layer

Network layer is responsible for providing logical address known as IP address. Router works on this layer. Main functions of this layer are following:-

  • Define IP address
  • Find routes based on IP address to reach its destination
  • Connect different data link type together like as Token Ring, Serial, FDDI, Ethernet etc.

IP address

IP address a 32 bit long software address which made from two components:

Network component: - Defines network segment of device.

Host component :- Defines the specific device on a particular network segment

Subnet mask is used to distinguish between network component and host component.

IP addresses are divided in five classes.

  • Class A addresses range from 1-126.
  • Class B addresses range from 128-191.
  • Class C addresses range from 192-223.
  • Class D addresses range from 224-239.
  • Class E addresses range from 240-254.

Following addresses have special purpose: -

0 [Zero] is reserved and represents all IP addresses;

127 is a reserved address and it is used for testing, like a loop back on an interface:

255 is a reserved address and it is used for broadcasting purposes.

IP packet

Network layer receive segment from transport layer and wrap it with IP header that is known as datagram.

Datagram

Datagram is just another name of packet. Network layer use datagram to transfer information between nodes.

Two types of packets are used at the Network layer: data and route updates.

Data packets

Data packets are used to transport the user data across the network. Protocols used by data packets are known as routed protocol. For example IP and IPv6

Route update packets

These packets are used to update the route information within internetwork. Routers use these packets. Protocols that send route update packets are called routing protocols; for example RIP, RIPv2, EIGRP, and OSPF

Data link layer

Main functions of data link layer are

  • Defining the Media Access Control (MAC) or hardware addresses
  • Defining the physical or hardware topology for connections
  • Defining how the network layer protocol is encapsulated in the data link layer frame
  • Providing both connectionless and connection-oriented services
  • Defines hardware (MAC) addresses as well as the communication process that occurs within a media.

MAC Address

MAC address is a 48 bit long layer two address. It is also known as hardware address. This address is burnt with device by manufacturing company.

The first six hexadecimal digits of a MAC address represent its manufacture company.

MAC addresses only need to be unique in a broadcast domain.

You can have the same MAC address in different broadcast domains.

Frame

Data link layer receive packet from network layer and wrap it with layer two Header that is known as frame. There are two specifications of Ethernet frame.

  1. Ethernet II
  2. 802

Key points to remember:-

  • Ethernet II does not have any sub layers, while IEEE 802.2/3 has two: LLC and MAC.
  • Ethernet II has a type field instead of a length field (used in 802.3).
  • 802.2 use a SAP or SNAP field to differentiate between encapsulated layer-3 payloads.
  • With a SNAP frame, the SAP fields are set to 0xAA and the type field is used to indicate the layer-3 protocol.
  • 802.2 SAP frame is eight bits in length and only the first six bits are used for identifying upper-layer protocols, which allows up to 64 protocols.
  • 802.2 SNAP frame supports up to 65,536 protocols.

Physical Layer

Physical layer deals with communication media. This layer receive frame from data link layer and convert them in bits. It loads these bits on actual communication media. Depending on media type these bit values are converted in single. Some use audio tones, while others utilize state transitions—changes in voltage from high to low and low to high.

Protocol data unit

Piece of data passed between layers collectively known as PDU (protocol data unit). Layers have different terms to describe it like (segment in transport layer, packet in network layer, frame at data link layer, and signal at physical layer.)

PDU include data file and a consistent body of information attached onto data at each successive layer. This information is called header and footer. It includes instructions on how to restore the file to its original state when it receives to the target system.

As a PDU passes through the layers, a header (and footer only on data link layer) is added to the packet with information to the peer layer on the destination system for reconstructing the data on its way back up through the layers of the destination network.

Data Exchange Process

In data exchange process, participating computers work in reverse mode. Layers on receiving computer perform the same task in reverse mode.

The receiving device takes delivery of, handles, and translates the data from the sending device at a particular layer. For example on sending computer presentation layer compress the data, same presentation layer on receiving computer decompress the data.

On sending computer

  • Sending application access the application layer.
  • Application provides data to the presentation layer.
  • Presentation layer format the data as per network requirement and forward it's to session layer.
  • Session layer initiate the connection and forward the data to the transport layer.
  • Transport layer broke down the large data file in smaller segments and add a header with control information, which are bits designated to describe how to determine whether the data is complete, uncorrupted, in the correct sequence, and so forth.
  • Segments are forwarded to the network layer. Network layer add its header, with logical address and convert it in packet. Network layer forwards packet to data link layer.
  • Data link layer attach its header and footer to the packet and convert it in frame.
  • Frames are forwarded to the physical layers that convert them in signals. These signals are loaded in media.

On receiving computer

  • Physical layer receive signals from media and convert them in frames. Frames are forwarded to the data link layer.
  • Data link layer check the frame. All tampered frame are dropped here. If frame is correct, data link layer strip down its header and footer from frame and hand over packet to network layer.
  • Network layer check the packet with its own implementations. If it's found everything fine with packet, it strips down its header from packet and hand over segment to transport layer.
  • Transport layer again do the same job. It verifies the segments with its own protocol rules. Only the verified segments are processed. Transport layer remove its header from verified segments and reassemble the segments in data. Data is handed over the session layer.
  • Session layer keep track of open connection and forwarded the receiving data to presentation layer.
  • Presentation form the data in such a way that application layer use it.
  • Application layer on receiving computer find the appropriate application from the computer and open data within particular application.

In nutshell

At the sending device, each layer breaks the data down into smaller packets and adds its own header.

At the receiving device, each layer strips off the header and builds the data packets into larger packets.

Each protocol layer is blind to the headers of any other protocol layer and cannot process them.

TCP/IP Reference Model

TCP/IP protocol model is another popular layer model that describes network standards. For CCNA exam you should be aware about this model as well. This model has same names of layers as OSI reference model has. Don't be confuse with same name, layers at both model have different functionality in each model.

Let's see how TCP/IP model is different from OSI reference model

Application layer:

TCP/IP model combine the functionality of application layer, presentation layer and session layer from OSI model in single application layer. In TCP/IP model application layer do all tasks those are performed by upper layers in OSI model. Application layer deals with high level protocols, including data presentation, compression and dialog control.

Transport layer:

In TCP/IP model transport layer provides quality of services. TCP protocol is used for reliable data delivery. Flow control and error correction methods are used for guaranteed data delivery.

Internet layer:

In TCP/IP model Internet layer provide all the functionality that network layer provides in OSI model. Internet layer is responsible for finding the correct path for datagram [packet].

Network access layer:

Name of this layer may confuse you as OSI model has a layer of same name. In TCP/IP model network access layer deals with LAN and WAN protocols and all the functionality provided by physical and data link layer in OSI model.

Cisco's three-layer hierarchical model

Cisco's three layer hierarchical model is a set of networking specification provided by Cisco. This model describe which cisco device works on which layers.

Core Layer

High-speed layer-2 switching infrastructure works in this layer.

Distribution Layer

Distribution layer stands between access and core layers. Router and layer 3 switch works in this layer.

Access Layer

This layer provides user's initial access to the network via switches or hubs.

That’s all for this article. In next article I will explain another CCNA topic.

Share this Share This Article with Friends

Stay updateStay Update With US

More Articles For YouYou May Also Like