Every time you use the internet, you are using networking. The internet itself isn’t really a giant and mysterious cloud in the sky, you are actually talking to a computer located in a building, somewhere in the world. The best way to really picture the internet is to think of it as a phone system for computers to talk to each other. If you’ve ever wondered how it all works, I’ll explain how your Mac talks to the internet.
The mysteries of networking..
Networking originally had a few different means of operating. Over time, because of the internet, one method became the most dominant – TCP/IP. TCP/IP is an acronym for Transmission Control Protocol / Internet Protocol and was invented by the Department of Defense back in the 1970′s. Two of the advantages of TCP/IP that caused its dominance are it’s massive scalability, and ability to work across different computing platforms.
The 7 Layers of Networking:
Networking is basically broken down into seven parts, called layers. Technically, this is called the OSI model. Each layer builds upon the other, like a building where the first layer is the ground floor and the seventh layer is the top floor.
The Physical Layer:
Our first layer of networking is the physical layer. This basically is your ethernet cable and the ethernet port on your Mac that it plugs into, or the wireless Airport card inside your MacBook.
The beauty of networking’s layer design is that whether wired, wireless, or over some other means, everything else still works the same. Think of the layers as modular pieces that can be swapped around without affecting the rest.
The major function of this layer is to take the digital signals and physically move them to the other computers in the network.
The Data Link Layer:
The next layer up is the Data Link Layer. This is the point in networking where computers begin talking to each other. On the Physical layer, it’s all about the signals. The Data Link layer begins with the messages inside of them.
The Data Link layer is meant for local networks only – it handles devices directly connected to each other. The most popular method of this layer is called Ethernet if your Mac is connected via a wire (called an Ethernet Cable). If you are wireless, the most popular Data Link layer method is known as 802.11.
This layer works great if everyone is connected to each other. However, as you add more and more devices to a local network, the traffic begins to slow down. Think of it like a three lane highway with a zillion cars stuck in traffic. The solution to this problem is to split the traffic into different networks. But what happens when your Mac needs to talk to other devices on other networks, or the Internet?
The Network Layer:
The Network Layer is the next level up and it solves the problem of how to talk to different networks. This layer solely deals with routing one network to another. In TCP/IP, this layer is the IP. To bring traffic from one network to another, TCP/IP relies on IP Addresses.
Think of an IP address as a phone number for your computer. If you are directly connected to the internet through a Static IP, it’s a direct line. That IP Address equals your Mac. If you are inside some sort of internal network, think of it as the main phone number for your office which then routes to your desk as an extension.
The Transport Layer:
Once the TCP/IP messages (called packets) arrive at the destination computer, it needs to know what they are and what to do with them. The easiest way to think of the Transport layer is in terms of TV or radio signals. You have two different bands (TCP and UDP) and each band has different channels, called ports.
Each internet service, like web pages, email, WoW, VPNs, and much more have their own channel or port that they run off of. Some ports are reserved and can’t be used by anything else (80 for Unencrypted WWW pages, for example). Others can be used for anything, like BitTorrent, WoW or any other online service. The reserved ports are 1-1024. The open ports are 1025 up to 65535. Some of these services run on TCP, others on UDP.
Note: TCP and UDP do not share port numbers and they often overlap. For example, TCP port 80 and UDP port 80 are two completely different ports, or channels.
The Session Layer:
The Transport Layer doesn’t care about the differences between TCP and UDP, it just knows they exist and that they are two different methods of TCP/IP communication. The Session Layer, however deals with the differences between them. The Session layer is all about establishing sessions, maintaining them and finishing or closing them.
The Internet and Networking relies on bursts of packets that don’t always arrive at the same time, and may or may not arrive at all. TCP creates a session between the two computers communicating and has controls to account for this. TCP creates a reliable connection – it will reassemble packets in the right order and if its missing one, it will be retransmitted. UDP does not create a session, it just sends packets and whether they get there or not, it doesn’t care.
TCP has its advantages by being reliable but that reliability creates overhead. Without this overhead, UDP is much faster although it’s unreliable. Which one to use is solely dependent on what the Application’s circumstances are.
Most UDP connections are streaming media where a fast connection is necessary and if a few packets are lost here and there, it’s not a big deal. TCP is for when packet loss is unacceptable and can corrupt files, such as in a file transfer.
Other session related protocols such as VPNs and SSH Tunnels are also handled in the Session layer.
The Presentation Layer:
Next up is the Presentation Layer. This layer helps the Application layer present it’s data. Two of the major components that happen at this layer are encryption and compression. When you visit a secure (HTTPS/SSL) website, the encrypted link is created at this layer. Also any compression used to speed up links, such as Citrix’s ICA or Microsoft’s RDP are done at this layer.
Many applications and protocols don’t have specific distinctions between this layer and the Application Layer. TCP/IP itself lumps the Session, Presentation and Application layer all into one layer. A good way to remember it is as a helper layer, assisting the Applications.
The Application Layer:
The last and final layer of networking is the Application layer. This is the actual application running on your machine. It could be Firefox / Safari, iChat, WoW, Email, or anything else that runs over the internet. This layer contains the actual data or message between applications running on two computers.
To make this easier to understand, here is how your Mac visited Interrupt19.com.
Note: This is an extremely simplified example.
Step 1 (Layer 7) – You typed in http://www.interrupt19.com into Firefox or Safari.
Step 2 (Layer 7) – Firefox processed this request and sends it out. (We’re assuming DNS resolution already happened.)
Step 3 (Layer 6) – No compression or encryption necessary but if it was, it would happen here.
Step 4 (Layer 5) – WWW runs on TCP, so the TCP Establishment Handshake begins.
Step 5 (Layer 4) – WWW run over TCP Port 80 and the TCP Handshake is sent on this port.
Step 6 (Layer 3) – Route the TCP Handshake to Interrupt19.com’s IP Address.
Step 7 (Layer 2) – Packet is prepared with your Cable/DSL modem (Gateway) as the destination.
Step 8 (Layer 1) – Packet sent to Cable Modem.
To save time and make this easier to understand, each time the packet arrives at a routing device, it is opened up to see the routing destination, then closed back up and forwarded to the next destination (hop) along the way. Some sites take a large number of hops (15-20), others are closer.
When it finally arrives at the destination, the process is reversed:
Step 9 (Layer 1) – Packet arrives at the Web Server.
Step 10 (Layer 2) – Packet opened up and Server sees that this packet is for it.
Step 11 (Layer 3) – Packet opened up more and sees that this packet is addressed to it.
Step 12 (Layer 4) – Packet opened up further and sees that this is a TCP packet on port 80 (WWW)
Step 13 (Layer 5) – TCP Handshake takes place.
Step 14 (Layer 6) – Packet is not compressed of encrypted, it it were this would be where this is done.
Step 15 (Layer 7) – Packet is opened, server receives the message that you would like it to send www.interrupt19.com to you.
This process repeats over and over and over again the entire time you are on the internet. While it seems like a ton of steps (and it is), they are all completed in milliseconds. You’ll only notice them if something goes wrong and the connection is stuck on one of these steps.
For more information on TCP/IP and how Networking works: Wikipedia – TCP/IP