Network engineers are nuts, and they know it. In order to keep complicated computer network theory neat, elegant, unified, ... (?) they came up with a theoretical layered model to fit everything in place.
Or rather, two models.
Or rather, all over the place.
But we're stuck with them now, aren't we? Heh. Perhaps the real purpose of the Large Hadron Collider at CERN wasn't to find the Higgs boson, but to find new undiscovered layers in these networking models.

Network engineers are like...

- Hey let's build network hardware. ¹
- OK.
- Does it work?
- No we need to build another layer on top.
- Why?
- Devices need a system of addresses so they can talk to each other.
- So what should we call the layer that implements these "MAC addresses"?
- Let's call it "Layer 2." ²

- So does it work now?
- Well... we need to design another layer on top.
- Why?
- The addresses need to be able to change so we need a different system of address that can do that.
- OK what's a catchy name for this layer that implements these "IP addresses"?
- Let's call it "Layer 2." ³
- Haven't we done Layer 2 already?
- You mean we've done Layer 1 already. MAC addresses are in Layer 1. ⁴
- ???   ⁵

- And what if there's multiple services on one server?
- Easy. Let's add a "port number" to the IP address so the server knows what content the user wants to connect to.
- Different services are through different port numbers?
- Yeah. That's simple enough.

- ...So is this all finished now??
- No we have a problem: the IP address might change.
- Isn't that what we wanted?
- Yeah but then the user won't be able to find the server they want, so we need to build another system of addresses on top that doesn't change... (and also allows different addresses to point to one server; for instance one server might host multiple websites.)
- So we need a new layer?
- I wouldn't call it that.
- What should we call this new Domain Name System?
- Let's call it "DNS."
- Not "Layer 3"?
- Please keep up, we're inside Layer 4 now. ⁶
- So each domain name maps to a different port number on the server? ⁷
- No we decided all websites on the Internet should just use the same port numbers.
- But a different domain name means the user wants a different service at that IP address right? ⁸
- Oh we'll figure that out. We can extend TLS to create a new thing called SNI ⁹ to do that.
- What's TLS?
- "Transport Layer Security."
- What layer number is that?
- It doesn't really fit into a single layer. ¹⁰

Explanatory footnotes...

1. In the OSI model of networking (Open Systems Interconnection - a model from the early 1980s), physical hardware is designated 'layer 1.' Looking at a network at this level, you have hardware transmitting and receiving raw bits without considering any particular meaning behind those bits.
2. The second layer in OSI, also known as the Data Link Layer, includes MAC addresses among other things: each MAC address is like a unique fingerprint for a piece of hardware and allows the network to define where bits of data should be transmitted to.
3. The TCP/IP model that the Internet is based on defines layer numbers differently. In this model Layer 2 is also known as the Internet Layer.
4. In the TCP/IP model, the first two layers from the OSI model are combined into a single "Layer 1", and "Layer 2" implements the equivalent functionality to OSI's "Layer 3." Got that?
5. The best way to understand network protocol layers is to watch the 1967 Casino Royale movie and actually try to follow the plot.
6. Internet domain names are implemented in the top layer (aka application layer) of the TCP/IP model. The domain name service (which allows your browser to look up a domain name and find the corresponding IP address) is basically an application of the internet, like Web and Email are.
7. Network routers and servers are very good at recognising requests coming from different IP addresses and with port numbers attached to those requests, and sending traffic to different servers (or different services running on a server) accordingly. Routers don't 'see' which domain name a user is using to access a service since those only exist at a higher layer.
8. Since port numbers exist as a mechanism for differentiating between different network services, it would seem logical that each domain name (or subdomain prefix, like www.) could represent a different port at the destination IP address.
   However, due to a historical oversight, the Domain Name System only allows a domain name, or subdomain, to contain a record of a destination IP address (known as an 'A' record) in the database, not information about which service is actually needed at that IP address. When a user types a URL into a web browser, the browser simply has to assume the default port number (80 for all HTTP websites and 443 for all HTTPS websites) unless the user adds a port number to the end of the domain name separately.
   This creates inefficiencies, since all web traffic to a particular IP address carries the same port number and has to be routed through a single web server (creating a bottleneck), which then has to rely on domain name information provided by other means (which can't be used if the web traffic is encrypted).
9. Server Name Identification. A way for a web server to get information about what its name is understood to be from the visitor's web browser, and then play the appropriate part. It doesn't work in older browsers.
10. TLS is the protocol used for HTTPS (encrypted) websites. Although it stands for 'Transport Layer Security,' and layer 3 is also known as the transport layer, TLS functionality spans across multiple layers and its name is a misnomer. Some textbooks still try to shoehorn it into layer 3 even though it doesn't fit.

where to next?

Index Concourse Duct Messages About Me Outside

Site by Daniel Kos. Powered by FolderCMS.