The OSI model explained

Introduction

Building large systems is a complex task that requires a structure. The internet is one such system, a network that is the biggest on earth. It connects different computers, from small IoT devices to enormous mainframes.

The Open Systems Interconnection (OSI) model is the structure that enables these connections. This article will explain the OSI model and how to use it in practice.

What is the OSI model?

The OSI model is a reference for building software and hardware for digital networks. It divides a network stack's responsibilities into several logical layers, each allowing engineers to focus on a subset of the features expected from such a network. These include sending messages from one node to another over one or more connected networks and converting data formats via encoding, compression, and encryption.

While the OSI model is a complete guide for designing networks, it can sometimes be impractical to implement its structure 100%. For example, the OSI model heavily inspired the protocols that make up the internet, but there isn’t one protocol for each layer.

How does the OSI model work?

The OSI model defines seven layers for a network stack, each responsible for different tasks. This way, an application such as a web browser only needs to implement the top layer and can reuse the features of the underlying layers.

Let’s look at the seven layers, what they do, and how they contribute to network security. We’ll go backward through the layers, as you’re probably more familiar with applications than network hardware.

7. The application layer

This supplies applications with high-level software interfaces and protocols for network interactions. Email and file transfers, websites, and video streaming are examples of such interactions. Protocols used on the application layer are HTTP, FTP, SSH, and DNS.

Security implications

The application layer protocols use cryptographic algorithms to protect sensitive data via encryption and digital signatures to prove data authenticity.

6. The presentation layer

The presentation layer converts application-specific formats into network-specific formats and vice versa. Examples of such format conversions are:

• Encoding: If the network only supports a specific set of symbols, encoding into a particular format might be necessary.
• Compression: If the network has traffic limitations, compression can reduce latency or save bandwidth.
• Encryption: If the network allows anyone to add nodes, encryption enables private communication.

Security implications

Most popular high-level protocols, including HTTP and SSH, cover both the application and presentation layers. Examples of methods used for conversion are RSA for encryption, UTF-8 for encoding, and Brotli for compression.

5. The session layer

This layer manages connections between applications, ensuring they don’t have to reauthenticate each message they send over the network.

Security implications

Some media streaming and remote procedure call protocols operate on this layer, such as RPC, PPTP, and ASP. With session tokens, the session layer can contribute to network security by isolating sessions from each other.

4. The transport layer

The transport layer simulates persistent end-to-end connections between devices, controlling network congestion and multiplexing. As the lower layers operate on a single message level, the transport layer groups related messages while ensuring no one device floods the network.

TCP is a popular protocol for this layer.

Security implications

While the name transport layer security (TLS) implies that TLS works on the transport layer, it’s implemented on top of, and not within, the transport layer. However, from an application point of view, it is part of the transport layer.

3. The network layer

This is where packages are routed and forwarded from one network to another. This is crucial for large architectures split into multiple smaller networks that communicate via bridges—an approach that prevents the communication from devices in one location from affecting device communication somewhere else..

Popular protocols on the network layer are IPv4/IPv6, IPsec, and ICMP.

Security implications

Bridges can improve network security by preventing attackers from accessing private parts of the network

2. The data link layer

For connecting two nodes in a network, there is the data link layer. These nodes don’t have to be a transfer's source or destination; they could just be intermediate hops in one network. This layer also corrects transmission errors. This layer uses media access control (MAC) addresses to identify the network interfaces of the connected machines.

Wi-Fi, USB, and Ethernet services for frame handling are examples of data link layer implementations.

Security implications

Network switches can filter MAC addresses to prevent malicious hardware from accessing the network.

1. The physical layer

This serves as the OSI model’s bedrock. It defines the physical specifications of the network hardware, which, in turn, is responsible for converting a device's internal media to a network's external media (i.e., by encoding and modulating signals.) For example, it can read data from memory and convert it to electromagnetic waves with a Wi-Fi antenna.

Security implications

The physical layer can improve the network's security by preventing malicious devices from being added to the network, such as cable locks, port seals, or alarms.

How is data transmitted through the OSI layers?

Now that you understand the layers, let’s look at a practical example. Figure 1 illustrates how a website would be transferred through the OSI model.

Fig. 1: OSI model website transfer

The web server application generates an HTTP response, which the lower layers split into TCP packages and then into network frames that are transferred out of the node.

In the example above, the server and client nodes are not in the same network, so bridge nodes must route the packages between networks. These nodes don’t need to reassemble the complete data but can handle it at the transport layer, where TCP resides.

When the frames arrive at the client node, they will be converted back into a complete HTTP response that a web browser can handle.

Each network can use different media for the physical transfer and does not have to consider the media of the other networks for a successful transfer. Network-specific media will be handled by the physical layers of each node connected to it.

What are the practical applications of the OSI model today?

Companies can use the OSI model as a reference or guide when replacing parts of an existing network stack or even when designing one from scratch.

The internet is a popular example of an existing network. While the transport or network layer (e.g., TCP, UDP, IP) isn’t replaceable, the application, presentation, and session layers are different in most applications. The data link and physical layers are not the same for all connected nodes either: Some use DSL, while others use LTE, and there are many more.

An example of a stand-alone network is Bluetooth, which connects peripheral devices (e.g., headphones) to host devices (e.g., smartphones) without connecting the peripheral devices directly to the internet. This allows Bluetooth to use protocols and hardware different from the protocols and hardware being used by the internet.

Using the OSI model in modern networking environments

Today's implementations follow the OSI model loosely, not enforcing the strict separation of layers to allow for more flexibility, simplicity, and performance. The downside is that they provide less structure and standardization for developers, which can make changes harder.

In practice, multiple layers are usually merged into one. For example, HTTP and FTP cover the session, application, and presentation layers. Hardware implementations, such as Wi-Fi or Ethernet, cover the data link and physical layers.

Troubleshooting network issues with the OSI model

The OSI model helps with debugging, as you can go through each layer—from 1 to 7 or vice versa, depending on the circumstances—to find network issues in your connection.

If you can’t connect to the internet, it might be a good idea to start with the physical layer and check if network cables are plugged in before you check if your device has the right IP.

If you can’t reach your application server but you can reach other servers on the internet, going from the other direction makes more sense, as the only difference between your server and the others are the application, presentation, or session layers.

If we take the example of the website transfer again, the debugging process could look like this:

1. Checking the physical and data link layer:

• Is the cable plugged in? Do You have a Wi-Fi connection?
• Are the correct drivers installed?

2. Checking the network layer:

• Are the IP configurations correct? (e.g., own address, target address, gateways, networks, subnets)

3. Checking the transport layer:

• Does your firewall or router block TCP or UDP connections or specific ports?

4. Checking the session, presentation, and application layers:

• Are your SSL certificates correct?
• Does your HTTP client cache results?
• Are you using the correct HTTP endpoints, methods, headers, cookies, query parameters, and content type?

What frameworks and tools can you use for OSI model implementation?

Selecting the right framework for implementing the OSI model will depend on what you are looking to build.

Building internet-based solutions

You can only control the application, presentation, and session layers for internet-based solutions. Popular frameworks for these three layers are Django, .NET, and Express.js.

Otherwise, internet-based services require TCP, UDP, and IP, which cover the transportation and network layers.

Building local solutions

You can control all layers if you want to build local solutions that are not directly connected to the internet. Bluetooth is an example of a solution that is only concerned with connecting nodes to one computer but not giving them direct access to the internet.

Depending on the layers you’re interested in, you have countless options. However, it is crucial to first fully grasp the OSI model to know exactly what you need.

Summary

The OSI model is a solid theoretical reference for network design. While no implementation follows it 100%, it is a good guide for starting.

In practice, many layers are usually merged into one service. Still, when you need to refactor a system, consider splitting them up or combining them into different groups to improve security or performance.