This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
To facilitate the transfer of data between computerised systems and ensure functionality between different vendor technologies the International Organisation for Standardisation / International Electrotechnical Commission (IOS/IET) produced the Open Systems Interconnection (OSI) Model.
Open systems provide shared acknowledgment and support the relevant standards irrespective of vendor technology.
The OSI model is designed over 7 layers. The individual layers have their own function and provide services to upper layers. Each layer depends on the layer below to deliver networked data communications.
The OSI layers are designed to give a structure to troubleshooting faults, meaning errors on a network can be more easily found and rectified.
The model shown below is also used as a teaching tool. (ISO/IEC Standards, 7498-1, 1994)
Data flows from the source device (node) beginning at Layer 7 down through each layer and across the Local Area Network (LAN) or Wide Area Network (WAN) utilising appropriate layers along the way.
When reaching the Destination device (node) the data flows back up through layers 1 to 7.
Configuration of the layers
The seven layers can be grouped into three categories to explain their roles when transferring data between two nodes.
Layers 1, 2 and 3 (transport/lower layers) can be regarded as network support layers dealing with physically moving data from node to node. These layers deal with tasks that define electrical specifications, physical addressing, physical connections, transport reliability and timings.
Layer 4 is the link between the lower and upper layers ensuring the upper layers can understand what is transmitted by the lower layers. It's usually grouped with the lower layers in the OSI model.
Layers 5, 6 and 7 (application/upper layers) are regarded as user support layers, facilitating operation between various types of software.
Upper layers are software based; lower layers are software/hardware based except the physical layer which is almost exclusively hardware.
Overview of Layers
Physical layer (1)
Defines the physical characteristics of hardware and timings between nodes, transmission rate, type of encoding to be used and type of connection (simplex etc.).
Data layer (2)
Split into two sub layers Logical Link Control (LLC) and Media Access Control (MAC).
LLC sub layer supplies the operating system with a link to hardware device drivers giving the OS a communication route.
MAC frames outgoing data received from LLC with the correct protocol for transmission and sends data at the correct times. Incoming data is unpacked from transmission format, verified then passed to the LLC sub layer.
Network Layer (3)
Responsible for source to destination delivery by adding routing, addressing, information/error messages and security protocols.
Transport Layer (4)
Ensures data is segmented/reassembled and delivered from one process to another error free (service-point addressing or port addressing).
Errors are usually corrected by retransmission of packets.
It also performs connection control between the source and destination transport layers this can be connection (TCP) or connectionless (UDP) orientated.
Connectionless treats each packet as separate whereas with connection orientated the transport layer at source establishes a connection to the destination transport layer first then delivers the packets. Once all packets are delivered the connection is ended.
Session Layer (5)
It creates, administers, synchronises and ends communications between connected systems.
Presentation Layer (6)
Compression and encryption may take place here but may take place at lower layers also. This layer at the sender end changes string text, number etc. from the sender format into a common format then at the receiving end it changes the common format into the a format the receiver understands.
Application Layer (7)
Provides user interfaces and access to network services such as email, file management, transfer and access (FTAM) and Directory services(x500) for accessing distributed databases.
OSI and Internet protocol suite relationship
The OSI model is used as a teaching tool in reality the Internet protocol suite (TCP/IP) combines many of the layers.
Layers of this protocol stack contain independent protocols that are serviced by lower layers.
Below is a diagram of how the OSI model and the TCP/IP protocol suite relate to each other.
Below shows TCP/IP layers with commonly used protocols
OSI model protocols and the layers they operate at.
OSI layer 7 and TCP/IP layer 4.
DHCP RFC 2131/2132
Dynamic Host Configuration Protocol (DHCP) is based on bootstrap protocol (BOOTP). DHCP is an Internet Engineering Task Force (IETF) standard defined in RFC's 2131/2132.
It's a client/server protocol, the server holds a pool of IP addresses and automatically issues nodes with IP addresses, default gateway, subnet mask and configurable parameters such as lease duration, before the lease expires the node requests a new address, usually the same one.
DHCP STEPS: - DORA (discover, offer, request, acknowledge)
The four steps are: -
The DHCP configured client broadcasts a discover message to find the DHCP server.
Server responds with an offer of IP address.
Client requests the IP address offered.
Server acknowledges the client has accepted the offer.
When the client boots a DHCP discover message is broadcast on user data protocol (UDP) source port 68 to destination port 67.
If the server is on a different subnet the network administrator can set the local router to relay the message to the server.
Details of discover broadcast message next.
Ethernet II shows the mac address of client and the broadcast address. IPv4 shows no IP and destination 255.255.255.255(broadcast). UDP shows source port as BOOTP 68 and server destination as 67.
Bootstrap protocol details mac address, message type discover, requested IP address, host name and the parameter request lists all requested information.
Below is a wireshark DHCP discover capture of a home client.
Next shows a DHCP offer from the DHCP server.
Ethernet II shows the destination as broadcast address or mac address of client and the source server mac address.
IPv4 shows source IP of server and destination 255.255.255.255(broadcast). UDP shows source port as BOOTP 67 server now and client destination as 68.
Bootstrap protocol details it's a reply, DHCP message type is offer, client IP address offer, subnet mask, default gateway, domain name and domain name server (DNS).
Below is a wireshark offer capture of a home client.
The next two images are the request message from the client and the acknowledge message from the server. The various fields spoken about previously are shown confirming all details.
Of particular interest the bootstrap of acknowledge message shows all confirmed details.
HTTP RFC 2068 / RFC 2616
HTTP is used to retrieve data on the World Wide Web (WWW) in a client/server relationship. Uses a single TCP connection on ports 80 or 8080 and data between end points is interpreted into a readable format by the client/server browser. It has some functionality at Layer 6 also.
Below is an image being retrieved by a Client from a Server
(Forouzan & Fegan, 2007)
Simple Mail Transfer Protocol (SMTP), Post Office Protocol V3 (POP3) and Internet Mail Access Protocol v4 (IMAP4)
These three protocols work together to deliver mail. Mail is delivered in three stages.
SMTP pushes mail from client to client's mail server.
SMTP pushes mail from client's mail server to receiver's mail server.
POPv3 or IMAPv4 pulls the mail from their server.
SMTP defines commands like MAIL FROM (sender) and RCPT TO (receiver) and defines responses like code 354 start mail input or 220 services ready to be sent back and forth between clients and servers. SMTP works on port 25.
POP3 is a basic protocol that the client uses by opening port 110 and pulling mail from the server.
IMAPv4 is more complex and powerful than POP3 adding the ability to search keywords in emails before downloading to the client for example. (Forouzan & Fegan, 2007)
OSI layer 6 and TCP/IP layer 4.
This layer deals with encryption and compression. It also deals with changing bit streams into a format understandable to the application layer, encryption for security and compression to move large video files like AVI. Http has some functionality at this Layer.
OSI layer 3 and TCP/IP layer 2
Internet Protocol Version 4 address (IP v4)
IPv4 (RFC791) is a connectionless protocol over packet switched link layer networks. It is a best effort delivery not concerning itself with integrity, duplication or sequencing of packets. Upper layer protocols like TCP deal with this.
IPv4 uses 32-bit addresses limiting the address space to 232, this means as addresses were allocated to users the addresses were running out.
To delay this classful networks, classless inter domain routing (CIDR) and network address translation (NAT) were introduced. Due to the limitations of IPv4 a new address scheme called IPv6 was developed and used commercially since 2006.
For the purposes of this report only IPv4 will be discussed.
Every node is identified by a unique manually or dynamically (DHCP) issued IPv4 address. An IP address consists of a network ID and a host (node) ID.
If DHCP is not available then a fall back Automatic Private IP Address (APIPA) is used. APIPA allows a host to choose one of the 65,534 addresses available in the Class B network address of 169.254.0.0/16. The host sends an ARP request to see if another device in the network is using that address, if not the host uses the address.
Even though the device uses this made-up address, it continues to send out DHCP Discover broadcasts to locate a DHCP server on the network as soon as the DHCP server becomes available.
While waiting for a valid DHCP-delivered address, the device that is using an APIPA address can communicate with any other device on the network that is using an APIPA address.
If two or more devices are connected to a switch and the devices are using APIPA, therefore, all of them can communicate at least with each other, but not with any other devices on the network that are using proper addresses for that network segment.
The network ID (address) maps systems on the same physical network and must be exclusive to that network.
The host ID maps to a client, router or printer for example. This address must be exclusive in the physical network.
An IP address comprises of four 8-bit segments (octets) of base2 binary code separated by a period to form a 32-bit address. The octets are converted into an easily readable base10 decimal number ranging from 0-255 known as dotted decimal. An example of IPv4 address is shown below.
32-bit address: - 11000000101010000000011100011001, segmented octets 11000000 10101000 00000111 00011001, octets in dotted decimal: - 192.168.7.25
Network address means the entire network. Lowest address in a range is reserved for this e.g. 192.168.1.0. Host portion of address has 0 for each host bit.
Broadcast address used for transmitting to hosts. Highest address in range, all host bits are 1s e.g. 192.168.1.255.
Host addresses as stated earlier assigned to end devices are any value between the network and broadcast address.
Unicast is from one host to one host forwarded through internetwork, broadcast (not routable) from one host to all hosts in the network and routers are the boundary for a broadcast domain, multicast from one host to a selected group of hosts (not routable). Source address is always a Unicast address.
Early in IPv4 the addresses were separated into five classes A, B, C, D and E known as classful networking.
Class A's are issued to very large networks 255.0.0.0, class B to medium networks 255.255.0.0, class C for small networks 255.255.255.0, class D for multicast and class E is for experimental.
Classless Inter-Domain Routing (CIDR) is based on variable-length subnet masking (VLSM), allowing networks to be portioned into more appropriate sized super nets and subnets.
E.g. 192.168.7.0 with a subnet mask of 255.255.255.0 or CIDR notation =/24 can use VLSM to subnet the network.
If 2 subnets are required one with 120 IP hosts and one with 48 IP hosts then split the network as follows : -
27 = 128 IP's - 2 for network and broadcast = 126 useable IP's for the 120 hosts giving a useable address range of 192.168.7.1/25 to 192.168.7.126/25
Now the next address is 192.168.7.128 to get a further 48 IP's split as follows: -
26 = 64 IP's - 2 = 62 useable IP's for 48 hosts giving a useable range of 192.168.7.129 /26 to 192.168.7.190 /26.
Finally Network Address Translation (NAT) translates private addresses to public addresses meaning hosts with private addresses can access the Internet, implemented at the edge of the private network and it allows hosts to use a public address temporarily but care is needed as it can slow down the network.
OSI layer 2 and TCP/IP layer 1.
IEEE 802.11i and WPA2 (Wi-Fi Protected Access)
IEEE 802.11i is an improvement on the wireless security standard Wired Equivalent Policy (WEP), an early less secure wireless security standard. It was replaced by Wi-Fi Protected Access (WPA).
When combined, IEEE 802.11i and WPA 2 form a complete wireless security protocol that includes the Advanced Encryption Standard (AES).
AES uses a symmetric key algorithm meaning the same key is used to encrypt and decrypt data.
There are two modes of WPA2, WPA2 personal and WPA2 enterprise.
WPA2 personal uses a password to protect the network and WPA2 Enterprise uses a RADIUS server for verifying the user.
WPA2 authentication ensures only users who have verification access the network.
WPA2 ensures that equipment complies with the IEEE 802.11i standard. (Roshan & Leary, 2003)
(Roshan & Leary, 2003)
OSI layer 1 and TCP/IP layer 1
Twisted pair telephone cable supporting 10 Megabits per second (Mbps) transmission using baseband transmission methods. This uses separate twisted pair for sending and receiving data. Data is sent on pins one and two and received on pins 3 and 6. Two voltages are sent by the transmitter +2.5V or -2.5V. (Helmig, 2003)
Remote Authentication Dial-In User Service (RADIUS)
RADIUS is switching protocol in Client/Server architecture.
It performs: (AAA)
Authentication: authenticates if the user can access the network server.
Authorization: authorizes the user services.
Accounting: traces network services the user accesses.
RADIUS prevents the network from unauthorized access and is used in the network environments requiring high security and remote user access and is part of the Network Access Server (NAS).
If the user wants to access the network the RADIUS client will transmit user AAA request to the RADIUS server.
RADIUS server has a user database of information of user authentication and network services access. When receiving user's request from NAS, RADIUS server performs a user database query and update, returns the configuration information to the NAS. The NAS controls supplicant and corresponding connections, while RADIUS protocol transmits configuration and accounting information between NAS and RADIUS.
NAS and RADIUS exchange the information with UDP packets. Both sides encrypt the packets with keys before exchanging configuration information (like password etc.) to avoid being hacked.
The diagram below shows message exchanges between components.
Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)
CSMA/CA is a listen before talk (LBT) process. The wireless client senses the medium for a carrier signal and waits till the channel is free then transmits. Wired Ethernet is able to sense a collision on the medium. Two stations transmitting at the same time increase the signal level on the wire, indicating to the transmitting stations that a collision has occurred (CSMA/CD, collision detection). 802.11 wireless stations don't have this. The 802.11 access mechanism must try to avoid collisions.