3.3 OSI & TCP/IP models & network topologies
Key Takeaways
- The OSI model has seven layers: Physical, Data Link, Network, Transport, Session, Presentation, Application.
- The TCP/IP model has four layers, mapping OSI 5-7 to Application and OSI 1-2 to Network Access.
- Routers operate at Layer 3 (IP), switches at Layer 2 (MAC), and hubs at Layer 1 (bits).
- PDUs are named segment (L4), packet (L3), frame (L2), and bits (L1) as data is encapsulated downward.
- Common topologies are star (central switch), bus (shared backbone), ring (loop), and mesh (redundant links).
Why Models Matter
Network reference models break communication into layers so that each job (cabling, addressing, reliability, applications) can be designed and troubleshot independently. On the exam you must know the OSI seven layers, the TCP/IP four layers, and how they map to each other and to real devices.
The OSI Model
The OSI (Open Systems Interconnection) model has seven layers. Each serves the layer above and relies on the one below:
| # | Layer | Function | Examples |
|---|---|---|---|
| 7 | Application | User-facing network services | HTTP, FTP, DNS |
| 6 | Presentation | Formatting, encryption, compression | TLS, JPEG |
| 5 | Session | Establishes and manages sessions | RPC, NetBIOS |
| 4 | Transport | End-to-end delivery, reliability | TCP, UDP |
| 3 | Network | Logical addressing and routing | IP, routers |
| 2 | Data Link | Physical (MAC) addressing, frames | Ethernet, switches |
| 1 | Physical | Bits on the medium | Cables, hubs |
A common top-down mnemonic is All People Seem To Need Data Processing (layers 7 down to 1); bottom-up it is Please Do Not Throw Sausage Pizza Away (layers 1 up to 7). As data moves down the stack it is encapsulated, meaning each layer adds its own header, and the receiver de-encapsulates it on the way up. The data unit (PDU) is a segment at Layer 4, a packet at Layer 3, a frame at Layer 2, and bits at Layer 1.
The TCP/IP Model
The TCP/IP model is the four-layer model the Internet actually runs on. It maps cleanly onto OSI:
| TCP/IP Layer | OSI layers covered | Examples |
|---|---|---|
| Application | 5-7 (Application, Presentation, Session) | HTTP, DNS, SMTP |
| Transport | 4 | TCP, UDP |
| Internet | 3 | IP, ICMP |
| Network Access (Link) | 1-2 | Ethernet, Wi-Fi |
So TCP/IP collapses OSI's top three layers into one Application layer and its bottom two into one Network Access layer. Matching a device or protocol to its layer is a favorite question: a router works at Layer 3 (it routes by IP address), a switch at Layer 2 (it forwards by MAC address), and a hub at Layer 1 (it blindly repeats bits). A firewall may operate across Layers 3 through 7 depending on its type.
Encapsulation in action
Picture sending a web request. At the Application layer your browser creates an HTTP GET. The Transport layer (TCP) wraps it in a segment and adds source and destination ports. The Network layer (IP) wraps that in a packet and adds source and destination IP addresses. The Data Link layer wraps it in a frame and adds source and destination MAC addresses plus an error-check trailer. The Physical layer then transmits the resulting bits as electrical, light, or radio signals. Each router along the path strips the frame, reads the IP packet to decide the next hop, and builds a new frame; the IP addresses stay the same end to end while the MAC addresses change at every hop.
MAC vs IP addressing
This is why Layer 2 and Layer 3 addresses differ. A MAC address is a 48-bit hardware address burned into a network card (for example 00:1A:2B:3C:4D:5E) and is used only within the local link. An IP address is a logical, routable address used to reach a host across networks. Switches forward by MAC within a LAN, while routers forward by IP between LANs. Confusing the two is a classic trap on aptitude tests, so anchor MAC to Layer 2 and IP to Layer 3.
Network Topologies
A topology describes how devices are arranged, either physically or logically.
- Star - every device connects to a central switch or hub. This is the dominant modern LAN layout: it is easy to add nodes and troubleshoot, and if one cable fails only that node drops, but the central device is a single point of failure.
- Bus - all devices share one backbone cable. It is cheap and simple, but a break in the backbone downs the whole network and heavy traffic causes collisions.
- Ring - each device links to two neighbors, forming a loop; data circulates around it. A single break can halt the ring unless a redundant dual ring is used.
- Mesh - devices interconnect with many direct links (a full mesh connects every node to every other). It is extremely redundant and fault-tolerant, but costly in cabling. It is used for critical backbones and wireless mesh networks.
Worked comparison: star vs full mesh
Suppose you wire an office of 10 PCs. A star needs just 10 cables to one central switch, which is simple to expand and diagnose. A full mesh needs n(n - 1) / 2 = 10 x 9 / 2 = 45 links, which is far more cabling, but it has no single point of failure and offers multiple paths between any two nodes. That trade-off between cost and resilience is exactly what topology questions test. Most real networks adopt a star (or a hierarchical extended star) for its balance of simplicity and reliability, reserving mesh for high-availability cores where downtime is unacceptable.
A router makes forwarding decisions based on IP addresses. At which OSI layer does it primarily operate?
Which network topology connects every device to a single central switch or hub?