How a single bit travels from one computer to the next is a complex concept. In 1984, the open systems interconnection (OSI) model was published as a framework for network communication. The model breaks down computer network communication into seven layers. All of the layers work together to create a digital message. The message is built as it moves down the protocol stack. However, it is not sent to another network until it reaches the physical layer.
The model helps IT, computer science, and cybersecurity professionals understand how a single bit travels from one computer to the next by breaking the system into these layers.
From physical devices to user interfaces (UI), this model explains the communication role of each layer in overall computer networking. This article will start by introducing the Physical Layer (Layer 1).
The physical layer is where data moves across network interfaces as digital signals. Additionally, this is where the transmitting and receiving of network communication occurs. Starting with the Application Layer the message moves down the OSI model, and it eventually reaches the Physical Layer for transmission. When the message is received by the physical layer, the message will then move up the OSI layers until it reaches the final application layer.
Electrical signals received (or transmitted) to the physical layer are linked and translated to digital logic in the data-Link layer. Computer devices may be networked at the Data-Link layer, but only as a Local Area Network (LAN). Connecting a LAN to another LAN occurs at Layer 3.
Within Layer 2, the Protocol Data Unit (PDU) known as a frame consists of a header, footer, and data. Understanding how a frame is structured is important for network traffic analysis.
Additionally, within Layer 2, physical addresses are assigned and are also known as MAC addresses and/or hardware addresses in networking. MAC addresses are unique to each device on a local network. They are 48-bits in length and are assigned in hexadecimal characters.
Some other things to note about Layer 2 is that there are a few protocols that reside in it that we should know about:
Additionally, Layer 2 is split into two sublayers:
When we think of the internet, we are thinking of interconnected networks. Interconnecting networks refer to a Local Area Network (LAN) connection to neighboring or remote networks. Layer 3 of the OSI model, the network layer, is where internetworking takes place and is where logical addresses are assigned to networked devices. A primary function of this layer is to route network packets from one LAN to another. Routing requires IP addresses and logical mapping of other networks across the internet to properly deliver messages. Another important function of Layer 3 is its ability to fragment and reassemble large communication. When Layer 3 passes a message down to Layer 2 for transmission, message length limits may be encountered in some cases.
Additionally, Layer 3 is the layer where the protocols used to route communication between networks reside. A few common network protocols are:
Within Layer 3, the Protocol Data Unit (PDU) is the packet. Packets encapsulate data intended for transmission with header and footer data.
The IPv4 protocol encapsulates data with IPv4 header information necessary for delivery. For example, the 32-bit packet format contains the source address, the destination address, protocol, time-to-live (TTL), etc. in the IPv4 header data.
The transport layer, Layer 4, is responsible for being the go-between the abstract layers of the OSI model (Layers 7-5) and the concrete communication layers (Layers 3-1).
Depending on the type of application, the transportation of that application’s communication will need to be handled in a specific way. For example, basic web browsing communication uses Hypertext Transfer Protocol (HTTP). HTTP communicates via a specific connection service type and port. The transport layer is responsible for delivering/receiving the HTTP communication and maintaining the connection throughout the HTTP communication.
The Protocol Data Unit (PDU) at Layer 4 is known as a data segment. Segmentation is the process of dividing raw data into smaller pieces. Once the raw data is packaged from the higher application layers it is segmented at the transport layer before being passed to the Network Layer.
The transport layer protocols are divided into two categories depending on their connection service type:
This connection type establishes a logical connection between two devices prior to beginning communication across a network. Connection-oriented protocols typically maintain service connection by following a set of rules that initiate, negotiate, manage, and terminate the communication. The Transport Layer protocols will also retransmit any data that is received without acknowledgment. The most common Connection-Oriented protocol is the Transmission Control Protocol (TCP) and its process to manage a connection between two devices is called the Three-Way Handshake. In TCP communication, the communicating devices typically share a client/server relationship where a client initiates communication with a service. The handshake involves the process of sending special TCP messages to synchronize a state of negotiated connection in communication.
In connectionless communication, the protocol does not establish a connection between client and server. Instead, once a request is made to the server, the server sends all data without initiation, negotiation, or management of connection. Connectionless protocols also do not attempt to correct any interruptions in data transmission. Once the server sends the data, the server is not concerned if the client receives it.
When TCP or UDP are used to establish communication, the communication is assigned a port as the Layer 4 address. A port is a logical assignment given to processes and their respective application protocols on a computing system. A few important facts to memorize about ports are:
The session layer starts, manages, and terminates sessions between end-user application processes. Sessions are considered the persistent connection between devices. A session is application-focused; sessions are not concerned with layers 1-4. Instead, the session layer controls dialog between two networked devices. It is considered to facilitate host-to-host communication. Sessions dialog may be controlled through synchronization checkpoints, and through management of communication modes. There are two modes of communication permitted at Layer 5:
The session layer resembles a phone conversation. For example, when a person picks up a phone and calls someone else a session is created. Once the communication on the call is completed, the session is terminated by hanging up the phone. In computing, software applications are making the phone call and establishing a session.
Two common Layer 5 protocols still used today are:
The presentation layer is primarily responsible for presenting data so that the recipient will understand the data. Data formatting and encoding protocols apply at Layer 6 to ensure data is legible and presented properly in the application receiving it. Data compression is also a function of Layer 6. If necessary, data may be compressed to improve data throughput over network communication.
Some common Layer 6 protocols are ASCII, JPEG, GIF, MPEG, and PNG.
Another main function of the presentation layer is the encryption and decryption of data sent across a network. Most encryption communication protocols straddle multiple layers of the OSI model, but the actual encryption function is Layer 6.
Two of the most common secure communication protocols are:
The topmost layer of the OSI model is the application layer. On computer systems, applications display information to the user via the UI.
Note: Software applications running on a computer are NOT considered to reside in the application layer. Instead, they leverage application layer services and protocols that enable network communication.
For example, the user can craft messages and access the network from the application layer. A web browser application allows a user to access a web page. The user may input information and receive information through the web browser. However, the application layer protocol HTTP performs the network communication function. The web browser and HTTP work closely together, and the distinction between the two may be subtle. Yet, HTTP is the web browsing protocol for all web browser applications. In contrast, no single web browser software exclusively utilizes HTTP.
HTTP is one of many common application layer protocols. Below are a few additional protocols to know. It is also good practice to memorize the associated port assigned to the protocols:
| Protocol | Port Number(s) | Description |
|---|---|---|
| Domain Name System (DNS) | 53 | Translates internet names to their globally registered IP addresses. For example, “google.com” is registered in global DNS as IP address 8.8.8.8. |
| Hypertext Transfer Protocol Secure (HTTPS) | 443 | Sends data to and from web browsers and web servers, but securely with the Secure Socket Layer (SSL) protocol. |
| File Transfer Protocol FTP | 20, 21 | Transfers files from a client to a server and vice versa. |
| Secure Shell (SSH) | 22 | Connects to computers remotely and in a secure, encrypted way. |
| Simple Mail Transfer Protocol (SMTP) | 25 | Sends and receives email. |
| Dynamic Host Configuration Protocol (DHCP) | 67 | Automatically assigns IP addresses to devices on a network. |
| Internet Relay Chat (IRC) | 194 | Used in a client/server method. IRC clients communicate through an IRC server. |
| Post Office Protocol 3 (POP3) | 110 (unsecured), 995 (secured) | Used for email where the client receives mail by downloading it locally to a computer from a server mailbox. |
The OSI model breaks down computer network communication into seven layers. All of the layers work together to create a digital message. Understanding the OSI model will help you communicate with other network technologists. Computer networking may seem complex, but, with a bit of study, you can gain this knowledge to become an effective Cybersecurity Analyst.
The Codecademy Team, composed of experienced educators and tech experts, is dedicated to making tech skills accessible to all. We empower learners worldwide with expert-reviewed content that develops and enhances the technical skills needed to advance and succeed in their careers.