OSI Model

From Network Security Wiki
Jump to navigation Jump to search


Brief OSI Model

  • OSI Layer Control information and Functions:


OSI Model
Data unit Layer Function Examples
Data 7. Application This layer supports application and end-user processes.
This layer provides application services for file transfers, e-mail, and other network software services.
HTTP, FTP, SMTP, SSH, TELNET
6. Presentation This layer provides independence from differences in data representation (e.g., encryption) by translating from application to network format, and vice versa.
The presentation layer works to transform data into the form that the application layer can accept.
This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems.
HTML, CSS, GIF
5. Session This layer establishes, manages and terminates connections between applications.
The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end.
It deals with session and connection coordination.
RPC, PAP, SSL, SQL, NetBIOS,
Segments 4. Transport This layer provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control.
It ensures complete data transfer.
TCP, UDP, SCTP
Packet/Datagram 3. Network This layer provides routing technologies and handles logical addressing.
Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing.
IPv4, IPv6, IPsec, AppleTalk, ICMP
Bit/Frame 2. Data link At this layer, data packets are encoded and decoded into bits.
It furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization.
It is divided into two sub layers: Media Access Control (MAC) layer and Logical Link Control (LLC) layer.
The MAC sub layer controls how a computer on the network gains access to the data and permission to transmit it.
The LLC layer controls frame synchronization, flow control and error checking.
PPP, IEEE 802.2, L2TP, MAC
Bit 1. Physical This layer conveys the bit stream - electrical impulse, light or radio signal — through the network at the electrical and mechanical level.
It provides the hardware means of sending and receiving data on a carrier, including defining cables, cards and physical aspects.
DSL, USB, ISDN, RS-232


SuperNetting

  • A network that is formed from the combination of two or more networks (or subnets) with a common Classless Inter-Domain Routing (CIDR) prefix.
  • It must not contain other prefixes of networks that do not lie in the same routing path.
  • Also called Supernetting, Prefix Aggregation, Route Aggregation, or Route Summarization.


Steps for calculating a Supernet
192.168.98.0
192.168.99.0
192.168.100.0
192.168.101.0
192.168.102.0
192.168.105.0


  • Addresses are converted to binary format:
Address First Octet Second Octet Third Octet Fourth Octet
192.168.98.0 11000000 10101000 01100010 00000000
192.168.99.0 11000000 10101000 01100011 00000000
192.168.100.0 11000000 10101000 01100100 00000000
192.168.101.0 11000000 10101000 01100101 00000000
192.168.102.0 11000000 10101000 01100110 00000000
192.168.105.0 11000000 10101000 01101001 00000000
  • Bits at which the common pattern of digits ends are located.
  • The number of common bits is counted.
  • The summary route is found by setting the remaining bits to zero,
  • It is followed by a slash and then the number of common bits.
First Octet Second Octet Third Octet Fourth Octet Address Netmask
11000000 10101000 01100000 00000000 192.168.96.0 /20
  • The summarized route is 192.168.96.0/20. The subnet mask is 255.255.240.0.
  • This summarized route also contains networks that were not in the summarized group:
192.168.96.0
192.168.97.0
192.168.103.0
192.168.104.0
192.168.106.0
192.168.107.0
192.168.108.0
192.168.109.0
192.168.110.0
192.168.111.0
  • It must be assured that the missing network prefixes do not exist outside of this route.


Example
  • An ISP is assigned a block of IP addresses by a regional Internet registry (RIR) of 172.1.0.0 to 172.1.255.255.
  • The ISP might then assign subnetworks to each of their downstream clients, e.g:
Customer A will have the range 172.1.1.0 to 172.1.1.255
Customer B would receive the range 172.1.2.0 to 172.1.2.255
Customer C would receive the range 172.1.3.0 to 172.1.3.255, and so on. 
  • Instead of an entry for each of the subnets 172.1.1.x and 172.1.2.x, etc., the ISP could aggregate the entire 172.1.x.x address range and advertise the network 172.1.0.0/16 on the Internet community, which would reduce the number of entries in the global routing table.


Misc

  • OSPF is a layer 4 protocol
Encapsulated in an IP Packet(Protocol no 89)
Uses Acknowledgement
  • RIP is a layer 7 protocol(uses UDP port 512)
  • BGP is a layer 7 protocol (uses Port no 179)
  • A PC can have only 1 Default Gateway configured. Other Interfaces will generally not have any default gateway.


References



blog comments powered by Disqus