Invest in yourself, Learn Today and Lead Tomorrow! Special Learner Discount - Get 20% OFF Use Coupon: LEARN20 Now!
+011 4734 4723info@vskills.in

OSI Model Layers

The seven layers of the OSI model each play a distinct and crucial role in enabling network communication. Understanding the function of each layer is fundamental for interpreting the network traffic captured by Wireshark.

1. Physical Layer:

  • Function: Transmits raw bit streams over a physical medium (e.g., copper cable, fiber optic, radio waves).
  • Focus: Physical characteristics of the transmission medium, signal encoding, bit timing, voltage levels, connectors, and physical topologies.
  • Protocols/Technologies: Ethernet physical layer specifications (e.g., 10BASE-T, 100BASE-TX), fiber optic standards, radio frequency (RF) specifications, RS-232.
  • Wireshark Relevance: Wireshark doesn’t directly analyze the physical layer but relies on the underlying hardware and drivers to capture the bit streams that are then processed by higher layers.

2. Data Link Layer:

  • Function: Provides reliable data transfer between two directly connected nodes over the physical layer. It handles framing, physical addressing (MAC addresses), error detection, and basic flow control within the local network segment.
  • Sublayers:
    • Media Access Control (MAC): Controls how multiple devices share a single physical medium.
    • Logical Link Control (LLC): Provides a logical interface to the network layer.
  • Protocols/Technologies: Ethernet (802.3), Wi-Fi (802.11), Point-to-Point Protocol (PPP), High-Level Data Link Control (HDLC), Frame Relay.
  • Wireshark Relevance: Wireshark dissects Data Link Layer headers (e.g., Ethernet frame headers containing source and destination MAC addresses) and can filter traffic based on MAC addresses.

3. Network Layer:

  • Function: Responsible for routing packets across multiple networks. It handles logical addressing (IP addresses), path determination, and packet forwarding.
  • Key Concepts: IP addressing (IPv4, IPv6), routing protocols (e.g., RIP, OSPF, BGP), logical subnetting.
  • Protocols/Technologies: Internet Protocol (IP), Internet Control Message Protocol (ICMP), Address Resolution Protocol (ARP), IPv6 Neighbor Discovery Protocol (NDP).
  • Wireshark Relevance: Wireshark extensively analyzes Network Layer headers (e.g., IP source and destination addresses, TTL, protocol type) and allows filtering based on IP addresses and protocols.

4. Transport Layer:

  • Function: Provides reliable or unreliable end-to-end data transfer between applications running on different hosts. It handles segmentation, reassembly, flow control, and error recovery.
  • Key Concepts: Port numbers, TCP (connection-oriented, reliable), UDP (connectionless, unreliable), flow control (e.g., windowing), congestion control.
  • Protocols/Technologies: Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Stream Control Transmission Protocol (SCTP).
  • Wireshark Relevance: Wireshark dissects Transport Layer headers (e.g., TCP source and destination ports, sequence and acknowledgment numbers, flags; UDP source and destination ports) and allows filtering based on ports and TCP/UDP characteristics.

5. Session Layer:

  • Function: Manages and controls connections (sessions) between applications. It establishes, maintains, and terminates sessions, and handles synchronization and dialogue control.
  • Key Concepts: Session establishment, session termination, synchronization points, token management.
  • Protocols/Technologies: NetBIOS, SAP, PPTP. (This layer has less prominent protocols in modern TCP/IP-based networks).
  • Wireshark Relevance: While less directly visible in many common protocols, Wireshark can show information related to session establishment and teardown for protocols that utilize this layer’s functions.

6. Presentation Layer:

  • Function: Handles data formatting, encryption, and compression to ensure that data is in a usable format for the application layer and is understood by both communicating systems.
  • Key Concepts: Data encoding (e.g., ASCII, UTF-8), data compression (e.g., JPEG, MPEG), encryption (e.g., SSL/TLS).
  • Protocols/Technologies: SSL/TLS, MIME, ASN.1.
  • Wireshark Relevance: Wireshark can sometimes show information about data encoding and encryption. For encrypted traffic (e.g., HTTPS), Wireshark can decrypt it if the necessary keys are provided.

7. Application Layer:

  • Function: Provides network services directly to end-user applications. It interacts with the user and implements the specific functionality of network applications.
  • Key Concepts: File transfer, email, web browsing, network management.
  • Protocols/Technologies: HTTP, FTP, SMTP, DNS, DHCP, SNMP, SSH.
  • Wireshark Relevance: Wireshark dissects Application Layer protocols in detail, allowing you to analyze the specific commands, data, and responses exchanged by applications (e.g., HTTP requests and responses, DNS queries and replies).

Understanding the responsibilities of each OSI layer is crucial for interpreting the headers and data you see in Wireshark and for diagnosing network communication issues.

Pulkit Dheer
OSI Model Introduction
Frame Encapsulation

Get industry recognized certification – Contact us

keyboard_arrow_up
Open chat
Need help?
Powered by Joinchat
Hello 👋
Can we help you?