Troubleshooting Along the OSI Model
Troubleshooting interconnected networks plays a significant roll in a network engineer’s daily routine. Whether one is troubleshooting connectivity, cabling problems, communication failures, or synchronization issues, troubleshooting requires a fundamental understanding of how network protocols work.
Due to its importance, Cisco has dedicated specific sections in the Interconnecting Network Devices 1 and 2 (ICND1, ICND2) exams for troubleshooting. As such, in order to pass either exam, one must have a solid understanding of troubleshooting principles. To gain a solid understanding of troubleshooting principles, one must understand the Open Systems Interconnection (OSI) model and the different layers of the OSI model affect interconnected networks. The ICND1 and ICND2 exams will test ones knowledge of the first four layers of the OSI model. This article will outline the OSI model, the functions of Layer 1 through 4, and how these layers affect the network.
The OSI Model
The OSI model is a standardized framework for network functions and schemes. It breaks other complex network interaction into simple elements, which lets developers modularize design efforts. This method allows many independent developers to work on separate network functions, which can be applied in a “plug-and-play” manner. There are seven layers to the OSI model:
- Layer 7Application
- Layer 6Presentation
- Layer 5Session
- Layer 4Transport
- Layer 3Network
- Layer 2Data Link
- Layer 1Physical
As protocol data units (PDU) communicate between layers, encapsulation is used to add headers and trailers from the prior layers. As the data moves up or down the communication stack, headers and trailers are added or removed by their associated layer.
Each layer on the OSI model is dependent on the layer below it to function. If there is a problem at a lower layer, the higher layers will not be able to function or communicate. For example, HTTP is a common protocol at Layer 7the Application layer. If the Data Link layer is not function properly then HTTP will not function. As such, understanding the dependence of each layer is important when troubleshooting networks. Due to the dependence of the high-layers to the lower-layers, it is recommended to start troubleshooting at Layer 1 and then moving up the OSI stack.
Layer 1The Physical Layer
The physical layer defines the physical medium. It defines the media type, the connector type, and the signaling type (baseband versus broadband). This includes voltage levels, physical data rates, and maximum cable lengths. The physical layer is responsible for converting frames into electronic bits of data, which are then sent or received across the physical medium. Twisted-pair, coaxial, and fiber-optic cables, as well as interface types operate at this level. Other implementations as this layer are repeaters and hubs.
Since the physical layer is responsible for the media type and connector type, if this layer is not functioning properly all higher layers will not work. Problems at this layer typically occur with cabling and media connector issues. For example, if the network cabling is longer than support lengths or broken, then communication will not workor if the connector (whether an SPF, Ethernet Interface, or DSU/CSU) is broken.
Troubleshooting errors at this level include using cable testing tools to ensure cabling is functioning properly. Link lights on network devices are also a great way to troubleshoot issues at Layer 1. If the link light is green, then Layer 1 is working. If the link light is another color or not lighting up at all, then there is a problem at this layer. Easy ways to test this are swapping out cables with a working cable, swapping SFPs, or modules, and using cable testing. Cisco provides a tool in the IOS to test 10-Gigabit Ethernet or copper links using TDR. To do so, one would enter the test cable-diagnostics tdr interface type number privileged EXEC mode command. One can also troubleshoot modules or interfaces by using the show interface, show module, or show test commands.
Layer 2The Data Link Layer
The Data Link layer creates frames from bits of data and provides error detection. It consists of two sub-layers: The Logical Link Control (LLC) layer and the Media Access Control (MAC) layer. These two sub-layers provide physical media independence.
The LLC sub-layer (802.2) is responsible for identifying different network layer protocols and then encapsulating them to be transferred across the network. This layer communicates with the network layer.
The MAC sub-layer specifies how data is placed and transported over the physical wire. It controls access to the physical medium. Physical addressing, network topologies, error notification, and delivery of frames are defined at the MAC sub-layer.
Switches are typically considered Layer 2 devices.
Problems that can occur at this layer include, MAC addressing errors, duplex errors, collisions, CRC frame errors, and spanning-tree problems. Ways to detect if Layer 2 errors are occurring are by using various show commands. These include show interface, show port, show spanning-tree commands. FCS errors, Single, Multiple, and Late collisions, Runts and Giants, and broadcast storms are all ways to tell that there are Layer 2 issues.
Layer 3The Network Layer
The network layer provides internetwork routing and logical network addresses. It defines how to transport traffic between devices that are not logically attached. This layer also supports connection-oriented and connectionless service from higher-layer protocols. Addressing, error handling, congestion control, and packet sequences are performed at this layer.
Routers and Layer 3 switches operate at the network layer. IP, IPX, and AppleTalk are examples of network layer implementations.
Problems that can occur at this layer are network addressing issues and routing issues. Since network addressing is usually handled by a network administrator it is important to ensure that the device has the proper network address assigned to it. Ping is a wonderful troubleshooting command to use to help troubleshoot Layer 3 issues. A successful ping to the loopback address (127.0.0.1) will let you know that IP is working properly. A successful ping to the devices assigned address will show that the device has the proper IP configured. A successful ping to the devices default gateway will show that the device is communicating on the network properly. A successful ping past the default gateway will show that internetworking is working properly.
If routing is not working, the trace command will show where the packets are being dropped. Also, the show ip route command will show if the device has the proper routing tables. If the device cannot communicate on its local network the show ip protocols command will show if the device has the proper Layer 3 protocols enabled.
Layer4The Transport Layer
The transport layer segments and reassembles data from upper-layer applications into data streams. It provides reliable data transmission to upper layers. End-to-end communications, flow control, multiplexing, error detection and correction, and virtual circuit management are typical transport functions.
TCP and UDP function at the transport layer. Although error correction is a function in the transport layer, UDP does not perform any error detection or correction. Instead it realize on higher-layer protocols to do this.
Since TCP and UDP use ports for communication, most Layer 4 problems revolve around ports being blocked. When troubleshooting Layer 4 communications issues, first make sure there are no access-lists or firewall’s blocking TCP/UPD ports. QoS can also affect the transport layer. QoS can block or slow traffic and also cause fragmentation of large frames. As such, if QoS is enabled, try disabling it while troubleshooting Layer 4 issues.
Troubleshooting is an important part of any network engineer or administrator’s job. Effect troubleshooting requires one to have a solid understanding of the OSI model; understand how each layer functions and how each layer impacts the layer above and below it.