Ever wonder how data travels throughout cyberspace? Information could be accessed within clicks; messages are sent and received within seconds. We all know that the internet is the playground of cyberspace, yet we seldom think of the backbone behind every network connection, the OSI Model. Note that even though there are seven different layers in the OSI model, they are interrelated to it's former and latter.

osi

Physical

The physical layer defines the physical components that connects the network together. For starters, this would include network cables such as Cat5e, Cat6 or Cat7 and the ports. These cables consists of 4 twisted pairs (8-pins), and it's pinout order is based on the T568A/B standard. In the normal scenario, only 4 pins are used for data transmission; the other 4 serves as a shield that prevents interference, or could be used as a second cable. Ethernet is the standard of communication for these physical cables for communicating with the Data Link layer.

tia-568b

For wireless networks (a.k.a WLAN or Wi-Fi), the 802.11 standard is responsible for sending these bits "through the air". The most common 802.11 standard used these days is the 802.11n and 802.11ac; the former (n) providing longer range supporting 2.4GHz and 5Ghz, and the latter (ac) providing higher speed up to 1Gbps.

Every network device relies on a Network Interface Card (NIC) or network adapters to communicate with one another. This is vital as they provide an assigned MAC address that allows the destination of a frame to be transported. A MAC address (a.k.a physical address) is basically a unique key assigned to the NIC by the manufacturer. It consists of 48-bits, divided into six sections and written in hexadecimal form, e.g. 00:80:EA:48:D9:4D. At layer 2, MAC addresses are used to identify the destination for the frame to be sent.

Switches are the most common device working in the layer-2. Switches basically identifies the physical address of each device to the corresponding physical port through a MAC address table. Once the switch receives a frame from a particular, it would then forward the packet to the port where the corresponding MAC address belongs. These switches are known as Layer-2 switches. There are Layer-3 switches that support IP routing and VLAN confugurations. More on than on layer-3.

The Address Resolution Protocol (ARP) is the most common form of communication between layer 2 and layer 3. The main use of ARP is to identify the MAC address of the designated device. The source of the data would send out a broadcast ARP packet asking for the MAC address corresponding to the IP address of the recipient. After a device replies to have a corresponding IP, the source would then send out the packet and forward it to the device with the IP address.

Network

Speaking of Internet Protocols (IP), we are now in the layer 3 of the OSI model. The network layer of the OSI model basically allows communication between multiple networks (compared to layer 2, which only considers LAN communication). This is where IP addresses (a.k.a logical addresses) comes in to play. IP addresses are used to identify if the packet belongs to the local area network, if it doesn't it would be sent to the default gateway to identify it's destination network. IP addresses could be thought of as the local address that the post office use to identify which building should receive the parcel, if you want to send a post from Malacca to Kaohsiung, the local mail in Malacca would first send it to the headquarters in KL; they would then identify that this parcel is bound for Taiwan and probably send it to Taipei, and then redirected to Kaohsiung; in the network world, this is known as routing (basically what routers do). In this case, MAC addresses are more like the longitude and latitude coordinates of the map.

There are two types of IPs, IPv4 and IPv6. IPv4 consists of 32 binary bits and are divided into four octets (8-bits each, e.g. 10000000.11000111.01111101.11111111), ranging from 0 - 255 after converting them to decimal form (e.g. 128.199.125.255). The IP address consist of the Network ID (128.199.125), representing the subnet this IP belongs to; and the Host ID (110), representing the device hosting this address. A subnet basically represents the range/size of the network that the host is in, and it is usually represented with a \ followed with the bit-length of the network. In this case, this IP resides in a \18 network, so the range of this network would be from 128.199.125.0-128.199.127.255, and it could host up to 2^14 (16384) devices. But, not all of the addresses could be used for hosting devices. There are some addresses reserved for networking and routing purposes. The first address (a.k.a subnet address, in this case 128.199.125.0), is reserved for the router to identify the network range of the network. The last address (a.k.a broadcast, in this case 128.199.127.255), is reserved for sending broadcast packets when the router is finding for the host of a particular address. Another important address would be the default gateway. The default gateway could be viewed as the airport in our international parcel example above. When the host couldn't find the destinated host for the packet, it would send it to the default gateway, a router, and it would be routed to the designated host.

Transport

The main function of the transport layer is basically forwarding data of different protocols to the assigned port. There are two protocols in the transport layer, Transport Layer Protocol (TCP) and User Datagram Protocol (UDP).

TCP UDP
Connection-oriented Connectionless
Resends corrupted packets (error check) Non-guaranteed (best effort)
Ordered, heavyweight, slower Unordered, lightweight, faster
Unicast Unicast, multicast, broadcast
HTTP, FTP, SSH DHCP, DNS, SNMP

The one thing that differs the most from the two is that TCP is connection based, which means that it would perform a three-way handshake to ensure that the server/client is alive and establish a network. The client would first send a SYN packet, infering whether if the server is open for connections, the server would then reply the client with a SYN/ACK packet acknowledging the prompted request, the client finally replies with an ACK packet establishing the connection. This provides a more secure connection compared to UDP, which discards any corrupted packages and does not request for the host to resend it; but would slow down transportation of data.