Network Fundamentals
The OSI Model
In its simplest form a network consists of two devices that can send and receive data between them. In this post, we will focus on how a network actually works, starting with how a packet travels between two machines in the same network and to a different machine in another network. Once you understand the model that standard networks use to communicate with one another, you will be able to diagnose most of your network hiccups and problems. In order to understand the way a network actually functions in detail, you need to pay attention to the concepts introduced in this chapter.
The same old story starts with two machines trying to communicate. Both machines have to use a shared language, which is known as Transmission Control Protocol/Internet Protocol (“TCP/IP”). The TCP/IP protocol is the only way that machines can communicate. Without TCP/IP running on the network, there is no communication! It’s that simple. However, as we know, when two machines communicate, a packet will be sent from Machine A to Machine B over the TCP/IP. The packet has a life cycle that follows a certain structure or model. This model is known as Open System Interconnection Reference Model (“OSI model”), which is the standard model for networks around the world. This model helps you understand how two machines communicate and helps with network troubleshooting. Understanding the OSI model is the key to understanding networks and how packets travel from one machine to another. We will spend a bit of time explaining the OSI model, since as an engineer, it is very important for you to fully understand it before we proceed to another topic.
THE OSI MODEL
When two devices on the network communicate, they follow a set of rules and procedures, which define the protocol. Those rules and procedures vary depending on many factors, so it is necessary to formulate themes into a model. Models are created to help break down the networking rules and regulations to smaller, easy to understand pieces. There are a lot of models that are available but the most popular one is the OSI (Open System Interconnection) model. Understating this model will help you understand how devices communicate on the network.
To fully understand the OSI model, we need to define the seven layers that form the model. Each layer has its own function and is responsible for a portion of the packet that will be sent through the OSI model.
LAYER 7: APPLICATION LAYER
The application layer resides at the very top of the OSI model and is the only layer with which a user can interact. The function of this layer is to communicate with the software applications that control the connection. The other layers of the OSI model do their jobs behind the scenes. The only exception to that rule is the last layer (the physical layer) where you can touch the communication carrier (i.e., cable).
LAYER 6: PRESENTATION LAYER
When you submit a request to a networked application through the application layer, that request will be passed down to the presentation layer without modification where it is decoded into a form that will be understood by the other layers of the OSI Model. This means that when data comes from the session layer up to the presentation layer, it must be decoded before being passed on to the application layer.
LAYER 5: SESSION LAYER
When two machines communicate, the information related to the communication is stored in a session layer. A session determines when the communication was established, the way it is managed, and the when it is terminated. This layer logs all of the sessions that are made between two machines, determines how the connection was made and is responsible for closing the session. A good example of the operation of this layer is when a connection is established to your email server over a web browser to read your email. Once the connection is idle for a while, the email server will terminate the connection.
LAYER 4: TRANSPORT LAYER
This layer sits in the middle of the OSI Model to provide the lower and upper layers of the model with a mechanism for reliable data transfer. The transport layer ensures data reliability and integrity, including flow control, segmentation/de-segmentation and so forth. Think of the transport layer as the layer that ensures that data being sent or received from point A to point B is error free. Since the transport layer ensures data reliability and integrity, some firewalls and proxy applications function at this layer.
LAYER 3: NETWORK LAYER
When you hear the phase “network layer” or “Layer 3,” make sure to associate it with IP. This layer uses the IP to route information between networks that use different addressing
IDs. When you connect to your network from a local machine it will connect to that network without using the Layer 3 if the machine has the same Network ID as the rest of the machines on that network. However, if the machine you’re using has a different Network ID than the rest of the network machines, you will need a Layer 3 device to route the information. That device is called a router.
LAYER 2: DATA LINK LAYER
This layer provides the physical devices on the network with identifying addresses. A good example of the data link layer is the Media Access Control (“MAC”) address of a network device. Network hardware vendors use MACs to identify hardware. No two people in the US can have the same Social Security number and similarly, no two MAC addresses in the world are identical. Every company that produces network hardware assigns a unique physical address to that device. This unique physical address helps Layer 2 devices identify the hardware devices connected to them.
A good example of a Layer 2 device is a switch. We all use switches in our networks. When a device connects to a switch, the switch logs that device’s MAC address into its MAC table and associates the address with the port to which that device is connected. For example, think of a 24-port switch with two devices; the first device, Machine A has a MAC address of 00-21-AA-AA-AA-AA and the second device Machine B, has a MAC address of
00-21-BB-BB-BB-BB. If we connect Machine A on Port #1, the switch will log that Port #1 has a device with the MAC address: 00-21-AA-AA-AA-AA. The same thing is applicable to the Machine B when we connect it to Port #2. The switch will log that Port #2 has a device with the MAC address: 00-21-BB-BB-BB-BB connected to it. All this information is logged into what is known as a MAC Table which is a table that the switch saves permanently. We will talk later about how switches operate and how to configure them.
With Layer 2, the switch will know where to send the packet when another machine generates a request to forward traffic to the MAC address 00-21-BB-BB-BB-BB. The switch will look up in its MAC table and forward the traffic to Port #2 where Machine B is connected.
LAYER 1: PHYSICAL LAYER
The physical layer is represented by a physical carrier e.g. a network cable or hardware that works on the physical layer like a hub. This layer is responsible for initiating a connection between two devices and converting signals from digital to analog and vice versa.
| Layer | Function |
| 7: Application | Processes software application requests. Handled by the operating system that is running the software application. |
| 6: Presentation | Decodes and encodes data to represent it in an acceptable form for other OSI layers. Also encrypts data that is transmitted between two machines. |
| 5: Session | Establishes, manages, and terminates the sessions between two devices. |
| 4: Transport | Ensures transferred data reliability and data integrity between two devices. |
| 3: Network | Assigns the path (i.e., route) to a machine that requests a destination that isn’t local on the network the machine belongs to. Associate this layer with routers. |
| 2: Data Link | Provides a physical method of identifying devices that are trying to communicate based on the MAC address (i.e., physical address). Associate this layer with switches and bridges. |
| 1: Physical | The communication physical carrier between two devices. Associate this layer with physical cables, media carriers, and hubs. |
Table 1-1: Seven layers of the OSI model
THE CONCEPT OF DATA FLOW IN THE OSI MODEL
Note that the operating system usually handles Layers 7 to 5, which means that we as network engineers won’t have to spend much time configuring them. Instead, we will focus on Layers 4 through 1. Here are some concepts that are integral to understanding the OSI model.
To understand how data travels within the OSI model, we need to explain how data travels from one layer to another. Note that in the OSI model, each layer is capable of connecting directly to one layer above or below. Data is carried over services which are provided by protocols. Each layer of the OSI model has its own set of corresponding protocols that are unique and are a property of that layer, meaning that if a protocol belongs to one layer; it won’t be found in another layer. When data travels over the OSI model, each layer will add a signature to the data. The signature includes the header and footer of that layer before passing to the next layer. This operation is known as data encapsulation which allows protocols to communicate throughout the OSI model. Once the data encapsulation has added the footer and header of all layers to the data traveling throughout the OSI model, the data will be called a packet. Once the packet is sent from the originating computer, the receive computer will strip down the header and the footer as it passes to each layer of the OSI model.
PORT AND PORT FORWARDING
Machine A is a Windows 7 Machine that wants to establish a web connection to Machine B, which hosts the website NemyEnterprises.com. In order for Machine A to deliver the request to the appropriate service on Machine B, the packet sent by Machine A will include the source and destination ports of both machines. Ports are virtual software components that are associated with services and each port can supply a service. Machine B receives the packet sent by Machine A on Port 80 which will tell the machine B that the request is meant for the web server. Of course, Port 80 on Machine B can receive many requests at a time, meaning that many connections can be established to the web server on Machine B.
When a computer receives a packet, it will scan the destination port to determine which service has been requested and send the packet over to the appropriate services presented by that port, meaning that one computer will be able to host a web server over Port 80, a SMTP (Simple Mail Transfer Protocol) server over Port 25 and a FTP (File Transfer Protocol) server over Port 21, all at the same time. This is a very good thing since it will allow us to distribute many services over one computer so we are not limited to one service per computer.
PORTS OPERATE AT THE TRANSPORT LAYER OF THE OSI MODEL
Services are assigned unique port numbers so that servers can easily identify each service. This is how you can have a single server that runs many services, because each service has a unique port that it listens to. Listening to a port means that any traffic that comes to that port will be forwarded to the associated service.
Computer services are assigned unique ports on which to receive traffic. This port identifies the type of service that the computer is providing. When that port receives a packet, it will reply back with the associated services.
Web service is associated with the Port 80, so if you have a web server running on your network, the packet will take your request to the web server over Port 80. This is important to know because when you want to open a service on your machines to others, you need to know the default port number that is associated with that service as well as the carrier of that port.
| Port Number | Service |
| 80 | Hyper Text Transfer Protocol (“HTTP”): Used to access web services over the internet. This protocol listens to traffic coming over TCP on Port 80. An example is most internet websites that use the HTTP protocol (e.g., http://cfitiger.com |
| 443 | Hyper Text Transfer Protocol Secure (“HTTPS”): When you go to online banking or when you’re shopping online and checking out, this protocol is used because it encrypts traffic between you and the server and prevents others from sniffing that traffic and getting your password or other sensitive information you’re submitting, like a credit card or social security number, etc. An example of this is https://classified.cfitiger.com |
| 25 | Simple Mail transfer Protocol (“SMTP”): Used to access an email service from another machine. When you send an email from your email account to another email residing on another server, your email carrier SMTP carries the traffic over TCP on Port 25 of the destination email server so it can receive the email. |
| 21 | File Transfer Protocol (“FTP”): Used to access files over the internet. When you connect to an FTP site, your web browser carries the traffic over TCP on Port 21 to the destination FTP server to inform it that this machine is requesting an FTP connection over the default Port 21 over TCP. |
Table 2. Common Port Numbers and Their Affiliated Services
Port forwarding is the operation where the destination server receives a request to route the traffic to a certain port. When we start building servers we will use port forwarding to open services to the outside world, allowing users to reach our servers and request services that they want through a client program.
Port forwarding where a single server provides three services
Note that the client can initiate three connections to each service on that server. The server can direct traffic based on the port number from which the client is requesting the service.
When we configure our firewall, we will see how port forwarding lets us control who can access different servers. Port forwarding service needs the following components to complete its cycle:
- Source IP Address
- Destination IP Address
- Services Protocol
- Port Number
Source and destination IP addresses will be discussed later when we talk about IP addressing but for now we need to discuss service protocols that are used in our network communications.