1. Data Flow
Data flow in computer networks refers to the structured movement, management, and transformation of data packets between devices, ensuring efficient, error-free transmission.
Data flow generally involves preparing data at the source, moving it through network infrastructure (routers/switches),, and reconstructing it at the destination.
Direction of Transfer: Data flow can be categorized by direction:
Simplex: One-way only (e.g., computer to printer).
Half-Duplex: Two-way, but not at the same time (e.g., walkie-talkie).
Full-Duplex: Simultaneous two-way communication (e.g., telephone call).
Encapsulation and Decapsulation
Encapsulation
Encapsulation is the process of adding protocol information (headers and trailers) to data as it moves down the network stack from the sender.
Decapsulation
Decapsulation is the reverse process at the receiver, where each layer removes its corresponding header/trailer to reveal the original data.
2. Network Layers Overview
Layer 1 — Physical Layer
The Physical Layer is responsible for transmitting raw binary data (0s and 1s) over the physical medium.
Transmission Types
Radio transmission — Wi-Fi, Bluetooth (short distance)
Microwave transmission — Cellular networks (4G, 5G)
Fiber optic transmission — High-speed long-distance communication
Fiber Splicing Machine
A fiber optic splicing machine joins two fiber cables permanently using an electric arc, minimizing signal loss.
Layer 2 — Data Link Layer
The Data Link Layer (Layer 2 of the OSI model) handles local network communication and uses MAC addresses for device identification.
The data link layer ensures reliable, node-to-node data transfer across a physical link by organizing raw bits from the physical layer into frames.
Key Aspects of the Data Link Layer:
Sublayers: Comprised of the Logical Link Control (LLC), which handles network protocols and flow control, and the Media Access Control (MAC), which manages hardware addressing and medium access.
Framing: The process of encapsulating packets from the network layer into frames with a header (source/destination MAC) and trailer (error checking) to define boundaries.
Physical Addressing: Utilizes MAC addresses to identify devices on the local area network (LAN).
Error Control: Detects and/or corrects errors caused by physical layer transmission (e.g., using Frame Check Sequence/CRC).
Flow Control: Regulates the amount of data transmitted to prevent a fast sender from overwhelming a slow receiver.
Access Control: Determines which device has control over the physical medium at any given time.
Key Points
Devices: Switches
Address type: MAC address (48-bit hexadecimal)
Frame format: Ethernet header
Scope: Local network (LAN)
Important Note
MAC addresses were designed for delivery, not security.
They can be spoofed.
MAC Address Spoofing
Can a device claim another MAC?
Yes. A device can impersonate another MAC address.
This is called MAC spoofing.
Why switches accept it
Switches operate at Layer 2 and do not authenticate the MAC source.
Layer 2 Security Mechanisms
Port Security
Limits MAC addresses per port
Binds MAC to specific port
Can disable port on violation
802.1X Authentication
Requires device authentication
Uses RADIUS server
Stronger than MAC-based security
DHCP Snooping
Tracks legitimate DHCP assignments
Blocks rogue DHCP servers
Dynamic ARP Inspection (DAI)
Validates ARP packets
Prevents ARP spoofing
Network Access Control (NAC)
Checks device compliance
Enforces policies
Layer 2 Security Conclusion
Layer 2 was designed for efficient communication, not security.
Real security uses multiple layers (defense-in-depth).
Layer 3 — Network Layer
The Network Layer (Layer 3) enables communication between networks using IP addressing and routing.
The network layer of the OSI model manages logical addressing, packet routing, and forwarding to ensure data traverses different, interconnected networks. It converts transport layer segments into packets, determines the best path, and enables end-to-end communication, primarily using the Internet Protocol (IP).
Key aspects of the network layer include:
Routing: Determining the most efficient path for data to travel from source to destination.
Logical Addressing: Using IP addresses to uniquely identify devices across networks, distinct from physical (MAC) addresses.
Packetizing: Encapsulating segments from the transport layer into packets on the sending device and reassembling them at the destination.
Forwarding: Moving packets from a router's input interface to the appropriate output interface.
Protocols: Key protocols include Internet Protocol (IP), Internet Control Message Protocol (ICMP), and Internet Group Message Protocol (IGMP).
Devices:
Routers
Address Type
IP address
Function:
Routing packets between networks (WAN)
IP Address Spoofing (Layer 3)
Similar to MAC spoofing, IP addresses can also be faked.
Scenario A — Same Network Conflict
Two devices use the same IP → IP conflict → network instability.
Scenario B — Fake Source IP
A device sends packets pretending to be another IP → impersonation attack.
This is more dangerous and used in:
DDoS
Session hijacking
Man-in-the-middle attacks
Layer 3 Security Mechanisms
Ingress / Egress Filtering
Drops packets with invalid source IP ranges
Unicast Reverse Path Forwarding (uRPF)
Checks if packet arrived on correct interface
Drops spoofed packets
IPSec
Adds authentication and encryption
Verifies sender identity cryptographically
TTL Monitoring
Detects abnormal hop distance
Firewall Rules
Blocks private IP from public side
Blocks internal IP from external interface
Layer 4 — Transport Layer
The Transport Layer provides communication between applications.
The transport layer (Layer 4 in OSI) enables end-to-end communication between devices, ensuring data is delivered reliably, in order, and without errors. It manages data segmentation, flow control, and error correction, taking data from the session layer and passing it to the network layer via protocols like TCP and UDP.
Key Responsibilities & Functions
Segmentation and Reassembly: Breaks large data packets from the session layer into smaller chunks called segments at the source, and reassembles them at the destination.
Service-Point Addressing (Ports): Uses port numbers to direct data to specific applications (e.g., HTTP, FTP) on a host.
Connection Control: Provides connection-oriented (TCP) service for reliable, guaranteed delivery, or connectionless (UDP) service for faster, best-effort delivery.
Flow Control: Manages data transmission speed between devices to prevent a fast sender from overwhelming a slow receiver.
Error Control: Detects errors and handles retransmissions to ensure data integrity.
Multiplexing and Demultiplexing: Allows multiple applications to share a single network connection simultaneously.
Protocols:
TCP(Transmission Control Protocol): Connection-oriented, reliable, used for web browsing, email, and file transfers.
UDP(User Datagram Protocol): Connectionless, unreliable (best-effort), used for streaming, gaming, and VoIP.
Key Concept
Port numbers identify applications/services.
Layer 5 - Session Layer
Layer 5 is the Session Layer, which manages, maintains, and terminates connections (sessions) between applications on different network devices. It enables dialogues, establishes checkpoints for recovery, and supports data exchange in simplex, half-duplex, or full-duplex modes.
Key Aspects of the Session Layer:
Session Management: Establishes, maintains, and terminates connections between applications.
Dialogue Control: Acts as a controller to manage communication, allowing devices to communicate in full-duplex or half-duplex.
Synchronization & Recovery: Adds checkpoints to data streams; if a failure occurs, only data after the last checkpoint needs retransmission.
Protocols: Common protocols include NetBIOS, RPC (Remote Procedure Call), and PPTP.
Layer 6 - Presentation Layer
The Presentation Layer acts as a "translator" for the network, ensuring that data sent from the application layer of one system can be read by the application layer of another. Its primary roles include:
Data Translation: Converts data between different formats (e.g., EBCDIC to ASCII) so that systems with different character encoding can communicate.
Encryption and Decryption: Secures data by encoding it before transmission and decoding it upon receipt, often using protocols like SSL/TLS (Secure Sockets Layer/Transport Layer Security).
Data Compression: Reduces the size of data to improve transmission speed and efficiency, commonly used for multimedia formats like JPEG, MPEG, and GIF.
Common Protocols and Standards
Text/Data: ASCII, EBCDIC, XML, JSON.
Security: SSL, TLS.
Images: JPEG, PNG, GIF, TIFF.
Video/Audio: MPEG, AVI, MIDI.
Layer 7 - Application Layer
Layer 7, the Application Layer of the OSI model, is the topmost layer that directly interfaces with end-user software applications (like web browsers or email clients) to initiate network communication. It interprets user intent and manages application-level protocols such as HTTP, HTTPS, SMTP, FTP, and DNS, allowing for data exchange, service authentication, and resource sharing.
Key Aspects of Layer 7:
Function: It enables communication by providing services directly to applications, allowing software to send/receive data, rather than being the application itself.
Protocols: Common protocols include HTTP/HTTPS (web browsing), SMTP/IMAP (email), FTP (file transfer), and DNS (name resolution).
Interaction: It acts as the intermediary between network services and software, transforming user requests into network-compatible formats.
Security & Load Balancing: Layer 7 is critical for security, with Web Application Firewalls (WAFs) protecting against application-level attacks (e.g., HTTP floods). It also enables content-based load balancing, where traffic is distributed based on user requests.
Examples: When a user clicks a link, the web browser uses HTTP/HTTPS (Layer 7) to request the page
Top comments (0)