Session layer in OSI and TCP/IP
Naruto Uzumaki
I've certain questions regarding how session layer functionalities are
implemented in OSI and TCP/IP. I know that there's no session layer in
TCP/IP. I just want to focus on its functionalities.
According to OSI model session layer provides connection establishment,
management and termination. So does this mean that in OSI TCP 3-way
handshake and graceful connection termination is initiated by session layer
and the transport layer is concerned with data transfer and reliability of
communication only?
But in TCP/IP the connection establishment and termination along with
reliability are part of the transport layer and no session layer is used. Is
this statement correct?
Eg.- I want to browse a website.
a) So according to OSI, firstly I resolve domain name using the DNS in
application layer, then my web browser asks the session layer to initiate a
session. Session layer asks the transport layer to make suitable TCP packets
to perform a 3 way handshake. Then HTTP packets are transported using the
transport layer.
b) According to TCP/IP, firstly I resolve domain name using DNS in
application layer. Then my application layer requests the transport layer to
connect to a webserver on port 80. Transport layer makes a TCP 3-way
handshake. After connection establishment HTTP packets are transported using
transport layer.
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Naruto Uzumaki
dwg...@fhda.edu
In the world of the Internet as it has evolved, sessions are usually a
host-based phenomenon and not a network service. When I began to work
with communications between computer systems, it was routine to physically
connect to a network, authenticate to establish one's right to use the
network, request a connection to a destination (host or service), snd tear
that down again once communication was completed. I think the closest you
are likely to see to that these days is as a wireless client,
authenticating and associating before packets will be transported on your
behalf.
David Gillett
sandt...@gmail.com
According to OSI model session layer provides connection establishment, management and termination. So does this mean that in OSI TCP 3-way handshake and graceful connection termination is initiated by session layer
and the transport layer is concerned with data transfer and reliability of communication only?
But in TCP/IP the connection establishment and termination along with reliability are part of the transport layer and no session layer is used. Is this statement correct?
Sandeep> Please refer the image from the below url first for better understanding of realtime protocol suit (TCP/IP) with respect to international standard (ISO OSI; this is not a protocol suit by itself; this is a standard for implementation of networking protocol suites).
http://homepages.uel.ac.uk/u0306091/TCP_IP9.gif
The function of transport layer as per standard OSI will be implemented as is or with slight enhancements. In otherwords, connection establishment, reset task will be done at transport layer, you may refer OSI or TCP/IP. Similarly session layer is above the transport layer and nothing to do with connection establishment (three-way handshake procedure). Essentially, session layer will refer to protocols that fall under that layer or the session related to application itself which requires network service.
Eg.- I want to browse a website.
a) So according to OSI, firstly I resolve domain name using the DNS in application layer, then my web browser asks the session layer to initiate a
session. Session layer asks the transport layer to make suitable TCP packets to perform a 3 way handshake. Then HTTP packets are transported using the transport layer.
Sandeep> DNS is a concept which work across the networks. Yes, as you said the program which usually runs at application layer maintains the session incase required, which inturn are the services/features from session layer, similarly the presentation layers functions to the application layer program. Hence, all these are actually clubbed into one layer in TCP/IP as the program/protocol suite itself does most of these actions of (Application, Presentation, Session) layers. Transport layer when receives its top layer packets, it has nothing to do with top layer packets rather establish the connection from source port/address to dest port/address using flagging mechanism in handshake procedure and transfer it further. Network layer has role in it when request has to go out of the network. IP protocols helps in doing this...
b) According to TCP/IP, firstly I resolve domain name using DNS in application layer. Then my application layer requests the transport layer to
connect to a webserver on port 80. Transport layer makes a TCP 3-way handshake. After connection establishment HTTP packets are transported using transport layer.
Sandeep> This is correct.
Regards
Sandeep Thakur,
CEH, CHFI, ECSA, ISO 27001 LA, ... so on
Reach me here for any queries with respect to IT Security and its culture:
http://groups.google.com/group/nforceit
Naruto Uzumaki
Thanks for the response guys. I really appreciate it.
However, just to ensure that I've "got" it, I'm posting what I've
understood. Kindly tell me if I'm correct or not. This is nothing just
what I posted in my earlier query.
A) TCP/IP is the actual protocol suite used mostly in the Internet.
B) OSI is a reference model, as such various protocol suites have been
created based on OSI.
C) These protocol suites like TCP/IP etc. don't comply exactly to OSI
and therefore functionalities of layers in these protocol suites don't
strictly adhere to the functionalities of layers specified in the OSI
model.
D) This follows if the above part C is correct.
Session layer session/connection is different from transport layer
connection and as such ***3-way handshake and 3-way connection
termination was never a part of session layer either in OSI and
definitely not in TCP/IP.***
So connection/session establishment in session layer is from different
connection establishment in transport layer.
E) Session layer is rarely used.But when used, the session layer uses
the transport layer connection to establish a session, i.e firstly a
TCP connection is established and then a session layer session.
F) I think I might be wrong with part D and E :)
It'll be very useful if answers can be provided on part-by-part
basis--quoting one of above part and answering it. I understand better
this way.
sandt...@gmail.com
A) TCP/IP is the actual protocol suite used mostly in the Internet.
Sandeep Thakur> Yes.In otherwords widely accepted standard.
B) OSI is a reference model, as such various protocol suites have been created based on OSI.
Sandeep Thakur> Yes. Decent comparison between OSI and TCP/IP can be found here:
http://www.vlsm-calc.net/models.php
C) These protocol suites like TCP/IP etc. don't comply exactly to OSI and therefore functionalities of layers in these protocol suites don't strictly adhere to the functionalities of layers specified in the OSI
model.
Sandeep Thakur> Yes. Very good and detailed presentation on this can be refered from below:
http://academic.regis.edu/jguhlke/osi.ppt
D) This follows if the above part C is correct.
Session layer session/connection is different from transport layer connection and as such ***3-way handshake and 3-way connection
termination was never a part of session layer either in OSI and definitely not in TCP/IP.***
So connection/session establishment in session layer is from different connection establishment in transport layer.
Sandeep Thakur> Yes. Its should be.
E) Session layer is rarely used.But when used, the session layer uses the transport layer connection to establish a session, i.e firstly a
TCP connection is established and then a session layer session.
Sandeep Thakur> Yes. Its Correct!
F) I think I might be wrong with part D and E :)
Sandeep Thakur> No. You have rightly understood it.
It'll be very useful if answers can be provided on part-by-part basis--quoting one of above part and answering it. I understand better this way.
Regards
Sandeep Thakur,
CEH, CHFI, ECSA, ISO 27001 LA, ... so on
Reach me here for any queries with respect to IT Security and its culture:
http://groups.google.com/group/nforceit
------------------------------------------------------------------------
dwg...@fhda.edu
reference model. You can map TCP/IP onto a 7-layer reference model, but
that mapping was not part of the design and will not be exact in every
respect. (It will frequently be close enough to be useful, but that's
all.)
David Gillett
Kurt Buff
Charlie Clark
Charlie
Andy Colson
> @dwg5901. Thanks! Looking at your answer I think you're correct.
> TCP/IP isn't based on OSI.
>
>
> So for my another question.
>
> What "exactly" is a SSL session? I mean how do you view it?
> From what I've gathered, I think it's also called a 'dialogue'--
> simplex, full duplex and half-duplex.
>
You seem to "quote" a lot. To me, quotes means sarcastically. So I'll
"answer" your question. Other may use it differently. So, then did you
want an exact answer, or and "exact" answer (which one would have to
consider two different things, and I'd assume a sarcastic answer).
But, then, a sarcastic answer would not help you. So I'll assume you
really just want an exact answer. But then an exact answer would
require huge amount of detail, probably some source code, and a
mathematical bases in encryption, none of which I know. So instead,
I'll offer a simple answer.
First, I'd say dont over use session. Lots of places use the word to
mean different thing, dont assume they are the same.
SSL is encryption. You create a socket connection (TCP/IP if you like)
and then begin encrypted communication over it. I'd bet session,
dialog, connection, etc, all refer to the same thing.
-Andy
PS: do you think Sakura would go out with me?
Naruto Uzumaki
Here it is:
What "exactly" is a SSL session? I mean how fo you view it?
From what I've gathered, I think it's also called a 'dialogue--
simplex ,full duplex and half-duplex'
Naruto Uzumaki
TCP/IP isn't based on OSI.
So for my another question.
What "exactly" is a SSL session? I mean how do you view it?
From what I've gathered, I think it's also called a 'dialogue'--
simplex, full duplex and half-duplex.
------------------------------------------------------------------------
or...@baturov.com
> SSL is encryption. You create a socket connection (TCP/IP if you like)
> and then begin encrypted communication over it. I'd bet session,
> dialog, connection, etc, all refer to the same thing.
atleast one session. For example if you open a ssl client to some host you
can download a file and execute a command at the same time while having
the same connection but each content having it's own session.
>
> -Andy
>
> PS: do you think Sakura would go out with me?
No, she is still deeply in love with Sasuke, though she will ask Naruto
out and he would cut her off. Naruto + Hinata ftw!
Cheers,
Orlin
Naruto Uzumaki
<cha...@funkymunkey.co.uk> wrote:
> I believe the only section you have wrong is F :)
>
> Charlie
Really? Looks like I'm finally "getting" it a little bit.
I do have more questions, but it's 2:30 AM so I can only think of only
one right now.
What "exactly" is a SSL session? I mean how do you view it?
From what I've gathered, I think it's also called a 'dialogue'--
simplex, full duplex and half-duplex.
------------------------------------------------------------------------
David Gillett
-----Original Message-----
From: Naruto Uzumaki [mailto:ageof...@gmail.com]
Sent: Friday, July 16, 2010 13:58
I do have more questions, but it's 2:30 AM so I can only think of only one
right now.
What "exactly" is a SSL session? I mean how do you view it?
>From what I've gathered, I think it's also called a 'dialogue'--
simplex, full duplex and half-duplex.
----
Looking at reference models, one might imagine that the stack of layers
over a given channel is very static. But on top of a transport layer you
could have multiple sessions, each encapsulating its own presentation an
application traffic (if those are present). And different sessions might
contain totally different kinds of presentations....
Now start looking at VPNs, where we effectively erect a new stack, from
the network layer on up, on top of a transport layer. I remember when that
made my head hurt for a while.
I don't understand why you're bringing simplex and duplex into this --
They're generally encountered at the physical and/or datalink layers. A
simplex connection carries signals in one direction only; duplex in both
directions, but half-duplex only in one direction at a time.
David Gillett