Modern distributed systems rely on multiple layers of communication, from physical network transmission to high-level application protocols. Understanding how these layers interact is essential for designing scalable and reliable systems.

The OSI (Open Systems Interconnection) Model provides a conceptual framework that divides network communication into seven distinct layers. Each layer has a specific responsibility, from transmitting raw bits over a network to delivering structured data to applications.

In practice, most real-world systems use simplified models like TCP/IP, but the OSI model remains one of the best ways to understand how data moves through a network stack and where different technologies operate.

In this chapter, we will break down the seven layers of the OSI model, understand the role of each layer, and see how common protocols fit into this layered architecture.

In the early days of networking, every vendor did things differently. IBM had its own networking architecture. So did Honeywell. So did DEC. If you bought hardware from one vendor, you were stuck with them. Their devices couldn't talk to anyone else's.

In 1984, the International Organization for Standardization (ISO) published the OSI model as a universal reference framework. The idea was straightforward: if everyone agrees on what each layer should do, different vendors can build products that actually work together.

The OSI model doesn't specify how to implement networking. It specifies what responsibilities each layer has. Think of it as a contract. Layer 3 promises to handle routing. Layer 4 promises to handle reliable delivery. As long as each layer keeps its promise, the whole system works, no matter who built the hardware or software.

A popular mnemonic to remember the layers from bottom to top: Please Do Not Throw Sausage Pizza Away (Physical, Data Link, Network, Transport, Session, Presentation, Application).

Let's go through each layer, starting from the bottom.

The Physical layer deals with raw bits traveling over a medium. Electrical signals on copper wire. Light pulses through fiber optic cables. Radio waves for WiFi. This layer has no idea what the bits mean. It just moves them from point A to point B.

It's responsible for transmitting binary data (0s and 1s), defining connector types and cable specs, and keeping sender and receiver in sync at the bit level.

The devices here are hubs, repeaters, cables, and Network Interface Cards (NICs). When you plug in an Ethernet cable and see the link light turn on, that's Layer 1 telling you a physical connection exists.

If the Physical layer isn't working, nothing else matters. No amount of software configuration fixes a broken cable.

The Physical layer can move bits, but it has no concept of structure or addressing. The Data Link layer fixes that by organizing bits into frames and introducing MAC addresses, unique hardware identifiers burned into every network interface.

A MAC address looks like 00:1A:2B:3C:4D:5E. It's 48 bits long and uniquely identifies a device on a local network.

Its job is to package bits into frames, use MAC addresses to identify local devices, detect transmission errors using checksums (the Frame Check Sequence at the end of each frame), and control which device gets to use the shared medium at any given time.

The key device at this layer is the switch. A switch reads the destination MAC address in each frame, looks it up in its MAC address table, and forwards the frame only to the correct port. Compare that to a hub (Layer 1), which blindly broadcasts every signal to every port.

The Data Link layer is split into two sublayers:

But Layer 2 only works within a single network. To reach a device on a different network, you need Layer 3.

The Network layer is what lets your laptop in New York talk to a server in Tokyo. It handles routing: figuring out a path across multiple networks to reach the destination.

It assigns logical addresses (IP addresses), routes packets between networks, breaks up packets that are too large for a link (fragmentation), and figures out the best path to the destination.

Routers live at Layer 3. They read the destination IP address in each packet and forward it toward its destination, one hop at a time.

Worth noting the difference between MAC and IP addresses. MAC addresses are permanent, burned into hardware. IP addresses are logical and can change. You need both: MAC addresses handle local delivery within a network (Layer 2), while IP addresses handle routing across networks (Layer 3).

But Layer 3 only gets packets to the right machine. It doesn't know which application on that machine should receive the data.

That's where the Transport layer comes in. It adds ports, numbers that identify which application should handle incoming data. A web server listens on port 443 (HTTPS). An SSH server listens on port 22. The combination of IP address + port is what we call a socket.

Beyond addressing, it handles breaking large chunks of data into smaller segments, managing flow control so a fast sender doesn't overwhelm a slow receiver, and giving you a choice between reliability (TCP) or speed (UDP).

TCP and UDP are the two protocols you'll see here, and choosing between them is one of the most common design decisions in system design.

Before any data flows, TCP establishes a connection using a three-way handshake:

Port numbers are divided into ranges:

The Session layer manages the lifecycle of connections between applications: setting them up, keeping them alive, and tearing them down.

In practice, most modern protocols fold this into the Application layer. But the concept still matters. When you download a large file and the connection drops, session management decides whether you restart from scratch or resume from where you left off. When you're on a video call and your WiFi hiccups for a second, the session layer is what keeps things going.

The Presentation layer is the translator. It converts data between the format applications use and the format the network needs.

Three things happen here. Encryption (TLS/SSL encrypts data before it hits the wire). Compression (gzip or Brotli shrink the data to save bandwidth). And encoding (converting between character sets like ASCII and UTF-8, or data formats like JPEG and JSON).

Like the Session layer, Presentation is usually folded into the Application layer in real implementations. When your browser establishes an HTTPS connection, it's doing Layer 6 encryption as part of a Layer 7 protocol.

This is the layer you interact with most directly. Every time your browser sends an HTTP request, every time you send an email, every time your code makes a DNS query, that's Layer 7 at work.

It's where all the high-level protocols live: HTTP, FTP, SMTP, DNS, SSH. It's also where application-level concerns like authentication happen.

When you send data over a network, it doesn't teleport from your application to the wire. It passes down through each layer, and each layer wraps the data with its own header. This wrapping process is called encapsulation.

Think of it like mailing a letter. You write the letter (your application data). You put it in an envelope and write the address (the Network layer adds an IP header). The postal service puts it in a mail bag with a barcode (the Data Link layer adds a frame header). The truck carries the bag physically (the Physical layer).

Step by step:

On the receiving end, the reverse happens. This is decapsulation. Each layer strips off its header, reads what it needs, and passes the payload up. By the time data reaches Layer 7, all the networking headers are gone and the application gets clean data.

Each layer gives its own name to the data unit it works with:

While the OSI model is a powerful theoretical tool, the TCP/IP model is the one that's actually implemented and used by the Internet. It's a more pragmatic, consolidated model, and has only four layers.

So why bother learning the OSI model at all?

Because it's a better mental model for reasoning about problems. With 7 layers, you can pinpoint where an issue lives. When someone says "this is a Layer 4 issue," everyone knows they mean transport, ports, TCP/UDP. The TCP/IP model's "Application" layer lumps too many things together to be useful for that kind of precision.