Reference notes.
The OSI (Open Systems Interconnection) model is a conceptual framework for understanding network communication in seven layers.
The Seven Layers
| Layer | Name | Function | Protocols/Examples |
|---|---|---|---|
| 7 | Application | User interface, application services | HTTP, FTP, SMTP, DNS |
| 6 | Presentation | Data formatting, encryption, compression | TLS, JPEG, ASCII |
| 5 | Session | Session management, authentication | NetBIOS, RPC |
| 4 | Transport | End-to-end delivery, flow control | TCP, UDP |
| 3 | Network | Logical addressing, routing | IP, ICMP, OSPF |
| 2 | Data Link | Physical addressing, framing | Ethernet, 802.1Q, ARP |
| 1 | Physical | Bits on the wire | Cables, hubs, radio |
Mnemonic: “Please Do Not Throw Sausage Pizza Away” (Layers 1-7)
TCP/IP Model Comparison
The TCP/IP model is more practical and commonly referenced:
| TCP/IP Layer | OSI Equivalent |
|---|---|
| Application | Application, Presentation, Session (5-7) |
| Transport | Transport (4) |
| Internet | Network (3) |
| Network Access | Data Link, Physical (1-2) |
Which Layer Do Tools Operate At?
- Layer 1-2:
ethtool,ip link, cable testers - Layer 3:
ping,traceroute,ip route - Layer 4:
netstat,ss,tcpdump - Layer 7:
curl,wget,dig - Multi-layer: Wireshark (all layers)
QUIC and HTTP/3
QUIC is a notable modern protocol that doesn’t fit neatly into the OSI model. It runs over UDP (Layer 4) but implements its own reliable transport, encryption (TLS 1.3), and multiplexing — effectively combining Layers 4-6. HTTP/3 is the application layer protocol built on QUIC.
This is a good example of how real-world protocols don’t always map cleanly to the OSI model.
Why It Matters
- Troubleshooting: isolate where problems occur
- Security: understand where to apply controls (e.g., Firewalls at L3/L4, WAF at L7)
- Architecture: know which layer your application operates at