Simplifying the Complexity: A Detailed Explanation of Computer Network Layers

Today we will talk about why computer networks are layered? What are the layered models? What are the functions of each layer of the network? I also drew several animated pictures to help you understand. The whole process is full of practical information and easy to understand.

We know that in computer networks, there are generally OSI seven-layer model, TCP/IP four-layer model and TCP/IP five-layer model. These models divide the complex network communication process into different layers. Each layer has its own specific functions and protocols, and they work together to complete network communication. So what are these models and what are the differences between them?

The history of the OSI seven-layer model

In order to enable computer devices with different architectures and various network protocols produced by different computer manufacturers in different countries or regions of the world to communicate with each other (this is a very complicated process).

In 1977, the International Organization for Standardization (ISO) proposed the "Open System Interconnection Reference Model", also known as the famous OSI model, which is a standard model that attempts to interconnect various different computers or devices into a network worldwide, allowing the hardware and software technologies that computers rely on to work together across geographical and political boundaries, allowing two independent systems to communicate through standardized interfaces or protocols based on the current operating layer, to establish computer networks on a larger scale.

The OSI model consists of seven layers, from top to bottom: Application Layer, Presentation Layer, Session Layer, Transport Layer, Network Layer, Data Link Layer, and Physical Layer.

picture

The purpose of layering computer networks is to simplify the complexity of network design and implementation, and to divide the complex communication process into several relatively independent levels. Each layer is responsible for a specific function, encapsulating each type of network communication across software and hardware components, such as data formatting, data transmission control, routing selection, etc., so that higher layers can directly use lower layer technologies without having to worry about the implementation details of the underlying layers.

TCP/IP four-layer model and TCP/IP five-layer model

Let's take a look at what the TCP/IP four-layer model and the TCP/IP five-layer model are. In fact, they are both related to the OSI seven-layer model.

picture

When the OSI model was proposed, the Internet had already become widely popular around the world, and it was impossible to start all over again. It used the TCP/IP protocol family and combined it with the OSI model to theoretically make up for the lack of the network interface layer, and eventually evolved into today's TCP/IP four-layer model, which is used to theoretically describe the working method of the Internet Protocol (IP). It includes four layers: application layer, transport layer, network layer and network interface layer, of which the application layer is a combination of the application layer, presentation layer and session layer of the OSI model, and the network interface layer is a combination of the data link layer and physical layer of the OSI model.

Although the OSI seven-layer model is a theoretical standard, it is complex and impractical, and some functions are repeated in multiple layers. The TCP/IP four-layer model is a more practical model and is now the de facto standard, but the bottom network interface layer does not have specific content, so when we use it for learning or explanation, we generally use the TCP/IP five-layer model. Based on the TCP/IP four-layer model, it redivides the network interface layer into the data link layer and the physical layer, which is closer to the network structure of actual applications.

This article will also use the TCP/IP five-layer model to explain. Many beginners do not understand why these layers are divided in this way. Next, we will string these layers together and see how they work together.

Physical Layer

The physical layer mainly specifies the physical characteristics of the network's transmission medium to transmit electrical signals of 0 and 1, that is, it is responsible for transmitting the original bit stream on the transmission medium. The unit of transmission at the physical layer is bits. For example, two hosts are directly connected through twisted pair cables to transmit signals. However, if more hosts are added to the network and each is directly connected, the number of interfaces and network cables will increase exponentially, and the wiring will become extremely complicated. Therefore, an intermediate device is introduced, and each host only needs to be connected to this intermediate device, such as a bus, hub, etc. Of course, this intermediate device needs to be stable enough, otherwise once it fails, it will affect the entire network.

The physical layer determines the interface characteristics of the transmission medium:

• Mechanical characteristics: some physical properties of the connector used in the interface, such as interface range, interface size, number and arrangement of pins;
• Electrical characteristics: the range of voltages appearing on each line of the interface cable, impedance matching, transmission speed, distance, etc.;
• Functional characteristics: the meaning of a certain level of voltage appearing on a certain line, the purpose of the signal line of the interface component;
• Process characteristics: For the order of occurrence of various possible events of different functions, define the working procedures and timing relationships of each physical line.

The common transmission media used to connect multiple computer devices at the physical layer are: hubs, coaxial cables, twisted pair cables, optical fibers, fiber optic cables, radio waves, etc. These media are strictly not within the physical layer protocol but are below the physical layer protocol.

In addition, different transmission media require the selection of appropriate encoding methods and modulation technologies to convert the original bit stream into corresponding electrical signals to ensure reliable data transmission and anti-interference capabilities.

Data Link Layer

The data link layer mainly solves the problem of reliable transmission of data packets on a network or a link segment. At the physical layer, we physically connect the hosts together. Now we need to solve how to transmit the signal to the corresponding host. At this time, we need to identify each host in the network. This is called the network card (MAC) address, which is the unique identifier of the hardware. Therefore, the data link layer is also called the MAC layer.

MAC address: The hardware address of a device, and also the unique identifier of a computer device in a network. It is a 12-digit hexadecimal number that is determined when the device leaves the factory and cannot be modified. For example, 07:00:20:0A:6C:6D is a MAC address, where the first 6 hexadecimal digits 07:00:20 represent the number of the network hardware manufacturer, namely the Organizational Unique Identifier OUI, which is assigned by IEEE, and the last 6 hexadecimal digits 0A:6C:6D represent the serial number of a product manufactured by the manufacturer, namely the Extended Unique Identifier EUI. This ensures that every Ethernet device in the world has a unique MAC address.

picture

The hub function is relatively simple and crude. It can only broadcast information to all hosts in the entire network. Each host uses the MAC address in the message to confirm whether it is a message sent to itself. This is not only unsafe but also wastes network bandwidth. Therefore, a switch is used at the data link layer to self-learn and maintain a forwarding table to forward frames and record where the message comes from and where it goes, so as to implement host access control.

picture

The data link layer also solves the problem of data packet encapsulation format, encapsulating data packets into frames. It is also responsible for establishing and managing links between nodes and implementing error control through various control protocols.

The data link layer transmission unit is the frame. Each frame consists of a frame header, data, and a frame trailer:

1. The MAC sublayer frame header consists of: destination MAC address (6 bytes), source MAC address (6 bytes), type (2 bytes), total size = 6+6+2 = 14 bytes
2. FCS frame tail: provides an error detection mechanism to verify the integrity of the frame during transmission (4 bytes)
3. Data, which stores the specific contents of the entire data packet, such as files, strings, etc. The length of the data part is at least 46 bytes and at most 1500 bytes; if it exceeds 1500 bytes, it will be split

picture

The data link layer also implements transparent transmission, so you don't have to consider the details of how the physical layer implements bit transmission. This is guaranteed by the physical layer.

Transparent transmission means that no matter what bit combination the data is, it should be able to be transmitted on the link. The differences between different transmission media and communication means should be shielded as much as possible. In layman's terms, the link layer cannot "see" anything that hinders data transmission.

Common protocols include: Ethernet, HDLC, PPP, etc. Common devices include: bridges, switches

Network Layer

The network layer, corresponding to the network layer of the OSI model, provides communication services between hosts and is responsible for routing and addressing (IP addresses) data packets between multiple networks, ensuring that data can be transmitted between different networks; also called the Internet layer or IP layer

At the data link layer, we have achieved network communication in a single network. However, in different geographical locations around the world, there are billions of devices that form heterogeneous networks of varying sizes. To connect them together, switches + MAC addresses are far from enough. The IP Internet Protocol came into being, providing a unified address format that assigns a logical address to each network and each host on the Internet, thereby shielding differences in physical addresses and solving the problem of interconnecting multiple networks.

The Internet Protocol (IP) is one of the core protocols in the TCP/IP protocol stack. It uses IP addresses (logical addresses) to identify networks and hosts in the network, thus realizing the connectionless and unreliable transmission function of network communication. IP addresses can express the concept of subnets in the network (subnet masks).

Taking the common IPv4 protocol as an example, the IP address is 32 bits in total, divided into four segments such as 192.168.0.1. IP addresses must be applied for from the IANA organization, and once allocated, they generally do not change. IPv4 has a total of 4.3 billion addresses. Due to the first-mover advantage of Europe and the United States, the IP address resources allocated are very abundant, while our country is seriously insufficient. As early as 2011, the IPv4 addresses were allocated. Today's solution is to use NAT technology or IPv6 (increase the length of IP addresses).

The transmission unit of the network layer is the packet. Based on the frame of the data link layer, the data packet is further encapsulated into an IP data packet.

The network layer also has a function of routing. Through the routing selection algorithm, it selects the most appropriate path for the data packet, controls the information forwarding between the data link layer and the transport layer, establishes, maintains and terminates network connections, and transmits information from one network device to another.

Commonly used equipment: Routers are mainly used to connect different networks. When the switch can no longer maintain a huge forwarding table, the router will automatically generate a routing table and forward data packets to the next network based on the routing table.

picture

Each port of the router has its own MAC address. The router can assign an IP to multiple hosts, and the hosts have the same external IP. The switch can connect different hosts, and the external IPs can be different. The switch isolates the collision domain, but not the broadcast domain, while the router isolates both the collision domain and the broadcast domain, and will not forward broadcast data, reducing broadcast storms and security vulnerabilities. The router also provides firewall services.

Commonly used protocols: IP (IPv4, IPv6), Address Resolution Protocol ARP, Internet Control Message Protocol ICMP, Internet Group Management Protocol IGMP, etc.

Transport Layer

The transport layer, corresponding to the transport layer of the OSI model, establishes end-to-end connections between hosts, provides data transmission services for communication between processes in the host, and provides end-to-end reliable and transparent data transmission services for the application layer, including full-duplex or half-duplex, flow control and error recovery services, to ensure that data can be fully transmitted to the network layer.

Establish an end-to-end connection between hosts, where the end is the port. After obtaining the IP address through the network layer, the data packet can find the corresponding host through the IP address. However, the host is generally multi-process, and each process is a task. So how to determine which task it is?

Therefore, the concept of port is introduced. When a process needs network communication services, it applies for a port from the operating system and identifies the process through the port number, so that the data packets in the network can distinguish which process in the host is the recipient.

There are two main protocols in the transport layer:

1. TCP transmission control protocol provides connection-oriented, reliable data transmission services. The transmission unit is the segment.
2. UDP User Datagram Protocol, provides connectionless, best-effort delivery (unreliable) data transmission, and the transmission unit is datagram

Why introduce these two protocols at this layer?

This is because at the network layer, the IP protocol cannot distinguish ports. The UDP protocol adds source port and destination port fields based on the IP protocol, so that ports can be distinguished. In addition, the IP protocol is connectionless and unreliable, and data transmission is prone to errors. The TCP protocol is introduced to ensure reliable data transmission through a series of mechanisms such as three-way handshakes and four-way waves.

The transport layer has the functions of multiplexing and de-multiplexing. A host can run multiple processes at the same time, and the application process can use the transport layer to transmit application layer messages:

• Multiplexing means that multiple application layer processes can use the services of the underlying transport layer at the same time.
• Sharing is to deliver the information received by the transport layer to the response process in the application layer above

Application Layer

The application layer is the top layer and is also the one that our users can directly access, such as mobile phones, computers, various home devices, etc. It corresponds to the application layer, presentation layer, and session layer of OSI.

It mainly focuses on providing network services to users and directly faces applications, such as file transfer, email, remote login, etc. It does not need to care about how the data is transmitted, but it needs to convert the data format so that the destination application can understand the content of the data.

Commonly used application layer protocols include: network request protocol HTTP, file transfer protocol FTP, simple mail transfer protocol SMTP, domain name resolution protocol DNS, etc.

The transmission unit of the application layer is the message, which is a further encapsulation of the data packet of the transport layer.

Let's take a look at the application layer of the TCP/IP model, which corresponds to the application layer, presentation layer, and session layer of OSI, and what their respective functions are:

1. Application layer: provides various request services for application programs or user requests. The highest layer of the OSI reference model, which is also the layer closest to the user, provides interfaces for computer users, various applications, and networks, and also directly provides various network services to users.
2. Presentation layer: data encoding, format conversion, data encryption. Provides various encoding and conversion functions for application layer data to ensure that data sent by the application layer of one system can be recognized by the application layer of another system. If necessary, this layer can provide a standard representation format for converting various data formats inside the computer into a standard representation format used in communication. Data compression and encryption are also one of the conversion functions that the presentation layer can provide.
3. Session layer: creates, manages and maintains sessions. It receives data from the transport layer and is responsible for establishing, managing and terminating communication sessions between entities in the presentation layer, supporting data exchange between them. The communication at this layer consists of service requests and responses between applications in different devices.

Finally, I drew a picture to help you quickly review the functions and key information of each layer of the network:

picture

Supplement: How is the data transmitted?

In the above, we introduced the characteristics of each layer of the network. The data units of each layer are relatively vague. Let's sort out the HTTP message transmission process to string them all together and understand how data packets are transmitted in each layer of the network during the data encapsulation and sharing process of the TCP/IP protocol.

This article takes the transmission of an HTTP request as an example, and the transmission process of the request from the HTTP client (such as a browser) and the HTTP server application (such as QQ mailbox, Zhihu) is shown in the following figure:

When data is sent from the client, it is packaged by the corresponding protocol of each layer when passing through each layer (adding the header of the corresponding layer, which contains the protocol identifier). This process is called encapsulation. When it reaches the terminal, it is unpacked layer by layer. This process is called de-packaging.

In addition, in network transmission, network packets must be complete. It is possible to have only the lower layer without the upper layer, but it cannot have only the upper layer without the lower layer. If the foundation is not solid, the building will be unstable.

Understanding these network layer models will give us a more macroscopic understanding of the world of computer networks. In the future, combined with packet capture tools, it will be very helpful for our learning and practice of network.