The language of the network: protocols and the OSI and TCP/IP models
Network protocols are the rules that define how data are recognized, directed, packaged, and delivered. The OSI and TCP/IP models organize those protocols into layers — giving network engineers a common language and a structured framework for diagnosing problems anywhere in the stack.
What this topic covers
- › 4.2.A — Common network protocols and their purposes
- › 4.2.B — OSI and TCP/IP models, layers, and PDUs
- › 4.2.C — Using the models to structure network troubleshooting
Why models matter
The OSI model and the TCP/IP model describe how computers communicate on a network and provide a shared vocabulary for discussing devices, protocols, and data. These models help isolate network problems to specific layers — making troubleshooting systematic rather than guesswork.
Common network protocols (4.2.A)
Network protocols serve different functions. They are grouped here by their primary purpose.
Identifying devices and networks
- › MAC addresses + ARP: Identify devices on a local network; ARP maps an IP address to a MAC address
- › IP addresses: Identify local and remote devices across networks
- › DHCP: Automatically assigns IP addresses, subnet masks, gateways, and DNS servers to devices
- › DNS: Translates domain names (e.g., google.com) into IP addresses
Packaging and verifying data
- › ICMP: Reports transmission time and errors; used by ping and traceroute
- › TCP: Connection-oriented; acknowledges every segment and resends missing data; used when accuracy is essential
- › UDP: Connectionless; no acknowledgment or re-sends; used when speed matters more than completeness (streaming, gaming)
Interacting with content and services
File transfers
FTP and SFTP — transfer files between devices. SFTP uses SSH for encryption.
Web browsing
HTTP — unencrypted web pages. HTTPS — encrypted web pages.
SMTP — sends email.
POP3 — downloads and removes email from server.
IMAP — syncs email between server and clients.
OSI and TCP/IP models (4.2.B)
Both models describe how data are formatted, transmitted, and interpreted as they travel from one device to another. A protocol data unit (PDU) is the unit of data at each layer — it changes as data are encapsulated with additional information at each step.
| OSI Layer | OSI PDU | TCP/IP Layer | Key protocols / devices |
|---|---|---|---|
| 7 — Application | Data | Application | DNS, HTTP/HTTPS, SMTP, POP3, IMAP, FTP, SFTP |
| 6 — Presentation | Data | Data formatting, encryption, compression | |
| 5 — Session | Data | Session management, authentication | |
| 4 — Transport | Segments | Transport | TCP, UDP; gateways, firewalls |
| 3 — Network | Packets | Internet | IP, ICMP; routers, Layer-3 switches |
| 2 — Data Link | Frames | Network Access | Ethernet, ARP, MAC; NICs, Layer-2 switches |
| 1 — Physical | Bits | Cables, connectors, WAPs, repeaters |
OSI Layers 5–7 (Session, Presentation, Application) are often collectively called the "upper layers" and all map to the single TCP/IP Application layer. In practice, most protocol analysis focuses on Layers 1–4.
Using the models for troubleshooting (4.2.C)
The layered structure of the OSI and TCP/IP models helps technicians isolate the source of a problem. Instead of checking everything at once, a technician uses the appropriate starting layer based on the symptoms and then works systematically up or down the stack.
Bottom-up
Start at the physical layer — check cables, ports, power, and wireless signal — then move upward through the stack. Best when the problem is widespread and the physical layer is suspect.
Top-down
Start at the application layer — check software settings, browser errors, or application logs — then move downward. Best when the physical layer is clearly working and the symptom is application-specific.
Middle-out
Begin at the network or transport layer — check IP configuration, gateway, or firewall rules — then move up or down from there. Best when the symptom specifically suggests a routing or configuration issue.