The last post we looked into the first four layers of the OSI Model, Physical, Data Link, Network, and Transport. This time we are going to take a look at the last three layers, Session, Presentation and Application. But first, we are going to take a step back into the transport layer and study it's relationship with the next layer.


Transport Layer

As mentioned in the last post, each layers are inter-related to the previous and next layer. After client identifies the server through the network layer, it would establish a connection (for TCP) and (or, for UDP) starts to send the packets to the designated ports. The ports mentioned here is sort of similar to physical ports in terms of function. Basically different ports would provide different services, most of which have a default port number (as shown below), but could be changed (mostly for security reasons).



The function of the session layer is to establish, manage and terminate the connection of a client and server; basically implemented on services that uses the remote procedure call (RPC). RPC is basically executing a program that is located at a remote server, but running it as if it was done locally. After the client establishes a connection with the server and requests for a particular service, the session layer maintains this connected session between the client and server, and manages the data flow between the two devices. On the server side, this would enable the server to identify the different sessions of different clients from their cookies. The server could also decide to terminate the session if the client has been idle for a period of time.


The presentation layer takes care of how the data transported should be presented. Although it might seem to do much, but this actually does quite a few things. Sometimes we might see some mojibake (garbled text) due to improper decoding of the text. This would not likely happen nowadays due to the broad usage of the unified UTF-8 encoding. Yet, this could happen if a particular webpage is written in a specific encoding that isn't supported by the client.

This layer is also responsible for the standardization and serialization of information. Serialization is basically turning complicated data structures into a flat byte-strings, such as JSON or XML. Since the data serialization process is done here, it would be best that the data is encrypted before serializing. Thus, encryption and decryption could also be done in this layer, although it could also be done in other layers (e.g. IPSec).


The application layer could be thought of as the interface that the user directly communicates with, and it is responsible for displaying information to the user. For example, a Facebook user could communicating with the server through the Facebook website or smartphone application. It would then call an API and sends the request of the user to the server and displays the requested data.

Finally, we've gone through the whole OSI model. Although the OSI model is a theoretical model of how everything is connected and how does data flow from a device to another, it is actually essential for an administrator to manage, maintain and debug errors. By being familiar with the model, one could quickly identify the problem and solve it.