Which layer is responsible to ensure that the best logical path has been selected to transmit the data from source A to destination B?

According to the OSI layer concept, routing, or best path selection, takes place on Layer 3 and is based on the logical address. In this post, we want to discuss some of the points in that statement.

What is Layer 3?

To make the design and troubleshooting easier and group all the vendors into a common platform to achieve compatibility and interoperability, the concept of network models was created. OSI model was one of those models, and it’s composed of seven layers, each of them playing a strict role in the data delivery process. The Layer 3, or Network Layer, is responsible for finding the right path for the data packet to reach its destination based on Logical Addresses (means addresses not really present on the network node).

But why we do need those Logical Addresses?

Despite the existence of physical addresses (like MAC addresses) on each of the network nodes, we still need to configure Logical Addresses even if we know that the delivery of the message is still based on that physical address. Logically you have to wonder why I do need to set an IP address for my host if frames are delivered to it based on its MAC address? Simply, the reason why you configure the IP addresses is efficient routing by constructing a database of entries that represent the node addresses in a summarized way (one network ID representative multiple nodes).

Yes, routing starts on your own PC with an Anding process that takes place to determine whether the communicating device is local or remote and defines the MAC address it will use to deliver the frame. You can view your PC routing table by issuing the command ROUTE PRINT on your command prompt.

Why do we need routing?

Simply, because each device is only aware of the connecting networks, so it needs to discover the remote ones. And routers are those dedicated devices that play the role of handling packets sent by network nodes to fellow nodes. To succeed in this handling process, the routers have to be aware of all the distant addresses, and this is done by constructing a forwarding database called a Routing Table. That table contains the Network IDs, the path where the router can reach them (Exit Interface, Next Hop), and the cost or distance of those routes ( Metrics).

How do we achieve routing?

The achievement of the routing process is guaranteed by the existence of all the possible networks in the routing database. You may wonder how the router can learn about all these networks! In STATIC ROUTING, it’s the administrator’s job to let the routers know about remote networks by entering them manually into the routing database. Obviously, this can only be done when we only have limited entries. Otherwise, in the case of a huge network, DYNAMIC ROUTING PROTOCOLS are used. Each of those protocols calculates the network path distance (Metric) in its own way. Some use the number of routers to cross (like RIP), some use the speed of the links to cross (like OSPF), and some use the speed and delay of the links to cross (like EIGRP).

How do we determine the best path?

In the process of constructing the routing database, the router may face the issue of selection when multiple paths are proposed to it by several fellow routers. In that case, the router asks two important questions: What’s the most trusted source? And what’s the lowest distance? Obviously, and based on what we discussed earlier on how routing protocols calculate path distance, the router uses this trust preference order:

• ITSELF (connected routes)
• The Administrator (Static routes)
• EIGRP
• OSPF
• RIP routes (there are more than three dynamic routing protocols and so the preference list is much longer)

This trust preference order is called Administrative Distance.

What if the router has several possible paths to the same destination from the same routing source? Here the second question, what's the lowest distance route, acts as a tie breaker, and a distance preference order is used based on a Metric value.

Now the final case is what if the packet received by the router matches several entries in the same database? Here a third question has to be asked: What’s the most specific entry? This is determined by the using the entry with longest prefix or matching bits.

But what if the packet matches multiple entries with the same matching bits? The router load balances the packets to the possible forwarders. Meaning that if the routers receives, let’s say, twenty packets and has four different matching paths, it will divide the load (the packets) to make the routing process faster and more efficient which results in a better network performance.

What Is the OSI Model

The Open Systems Interconnection (OSI) model describes seven layers that computer systems use to communicate over a network. It was the first standard model for network communications, adopted by all major computer and telecommunication companies in the early 1980s

The modern Internet is not based on OSI, but on the simpler TCP/IP model. However, the OSI 7-layer model is still widely used, as it helps visualize and communicate how networks operate, and helps isolate and troubleshoot networking problems.

OSI was introduced in 1983 by representatives of the major computer and telecom companies, and was adopted by ISO as an international standard in 1984.

OSI Model Explained: The OSI 7 Layers

We’ll describe OSI layers “top down” from the application layer that directly serves the end user, down to the physical layer.

7. Application Layer

The application layer is used by end-user software such as web browsers and email clients. It provides protocols that allow software to send and receive information and present meaningful data to users. A few examples of application layer protocols are the Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Post Office Protocol (POP), Simple Mail Transfer Protocol (SMTP), and Domain Name System (DNS).

6. Presentation Layer

The presentation layer prepares data for the application layer. It defines how two devices should encode, encrypt, and compress data so it is received correctly on the other end. The presentation layer takes any data transmitted by the application layer and prepares it for transmission over the session layer.

5. Session Layer

The session layer creates communication channels, called sessions, between devices. It is responsible for opening sessions, ensuring they remain open and functional while data is being transferred, and closing them when communication ends. The session layer can also set checkpoints during a data transfer—if the session is interrupted, devices can resume data transfer from the last checkpoint.

4. Transport Layer

The transport layer takes data transferred in the session layer and breaks it into “segments” on the transmitting end. It is responsible for reassembling the segments on the receiving end, turning it back into data that can be used by the session layer. The transport layer carries out flow control, sending data at a rate that matches the connection speed of the receiving device, and error control, checking if data was received incorrectly and if not, requesting it again.

3. Network Layer

The network layer has two main functions. One is breaking up segments into network packets, and reassembling the packets on the receiving end. The other is routing packets by discovering the best path across a physical network. The network layer uses network addresses (typically Internet Protocol addresses) to route packets to a destination node.

2. Data Link Layer

The data link layer establishes and terminates a connection between two physically-connected nodes on a network. It breaks up packets into frames and sends them from source to destination. This layer is composed of two parts—Logical Link Control (LLC), which identifies network protocols, performs error checking and synchronizes frames, and Media Access Control (MAC) which uses MAC addresses to connect devices and define permissions to transmit and receive data.

1. Physical Layer

The physical layer is responsible for the physical cable or wireless connection between network nodes. It defines the connector, the electrical cable or wireless technology connecting the devices, and is responsible for transmission of the raw data, which is simply a series of 0s and 1s, while taking care of bit rate control.

Advantages of OSI Model

The OSI model helps users and operators of computer networks:

• Determine the required hardware and software to build their network.
• Understand and communicate the process followed by components communicating across a network. 
• Perform troubleshooting, by identifying which network layer is causing an issue and focusing efforts on that layer.

The OSI model helps network device manufacturers and networking software vendors:

• Create devices and software that can communicate with products from any other vendor, allowing open interoperability
• Define which parts of the network their products should work with.
• Communicate to users at which network layers their product operates – for example, only at the application layer, or across the stack.

OSI vs. TCP/IP Model

The Transfer Control Protocol/Internet Protocol (TCP/IP) is older than the OSI model and was created by the US Department of Defense (DoD). A key difference between the models is that TCP/IP is simpler, collapsing several OSI layers into one:

• OSI layers 5, 6, 7 are combined into one Application Layer in TCP/IP
• OSI layers 1, 2 are combined into one Network Access Layer in TCP/IP – however TCP/IP does not take responsibility for sequencing and acknowledgement functions, leaving these to the underlying transport layer.

Other important differences:

• TCP/IP is a functional model designed to solve specific communication problems, and which is based on specific, standard protocols. OSI is a generic, protocol-independent model intended to describe all forms of network communication.
• In TCP/IP, most applications use all the layers, while in OSI simple applications do not use all seven layers. Only layers 1, 2 and 3 are mandatory to enable any data communication.

Imperva Application Security

Imperva security solutions secure your applications across multiple layers of the OSI model, from the network layer, protected by Imperva DDoS mitigation, to Imperva’s web application firewall (WAF), bot management and API security technology that safeguards the application layer.

To secure applications and networks across the OSI stack, Imperva provides multi-layered protection to make sure websites and applications are available, easily accessible and safe. The Imperva application security solution includes:

• DDoS Protection—maintain uptime in all situations. Prevent any type of DDoS attack, of any size, from preventing access to your website and network infrastructure.
• CDN—enhance website performance and reduce bandwidth costs with a CDN designed for developers. Cache static resources at the edge while accelerating APIs and dynamic websites.
• WAF—cloud-based solution permits legitimate traffic and prevents bad traffic, safeguarding applications at the edge. Gateway WAF keeps applications and APIs inside your network safe.
• Bot protection—analyzes your bot traffic to pinpoint anomalies, identifies bad bot behavior and validates it via challenge mechanisms that do not impact user traffic.
• API security—protects APIs by ensuring only desired traffic can access your API endpoint, as well as detecting and blocking exploits of vulnerabilities.
• Account takeover protection—uses an intent-based detection process to identify and defends against attempts to take over users’ accounts for malicious purposes.
• RASP—keep your applications safe from within against known and zero‑day attacks. Fast and accurate protection with no signature or learning mode.
• Attack analytics—mitigate and respond to real cyber security threats efficiently and accurately with actionable intelligence across all your layers of defense.

Which layer is responsible to ensure that the best logical path has been selected?

Which layer of the OSI model is responsible for logical addressing and best path selection to endpoint networks?

Which of the layer is responsible for source to destination of delivery of data?

Which layer is responsible for the communication between source and destination in OSI model?