questions about network layers

Hello! Here are some questions & answers. The goal isn't to get all the questions "right". Instead, the goal is to learn something! If you find a topic you're interested in learning more about, I'd encourage you to look it up and learn more.

the OSI model has 7 network layers. Does that mean that every network packet has 7 headers?

nope!

The OSI model is kind of conceptual -- the layers don't always correspond directly to the structure of a network packet. A TCP packet has 3 headers: 

+-+-+-+-+-+-+-+-+--+-
|  Ethernet header  |
+-+-+-+-+-+-+-+-+--+-
|  IP header        |
+-+-+-+-+-+-+-+-+--+-
|  TCP header       |
+-+-+-+-+-+-+-+-+-+-+
|   packet contents |       
+-+-+-+-+-+-+-+-+-+-+

which part of a packet does a "layer 2 switch" look at?

the Ethernet header!

the Ethernet header contains a source/destination MAC address. A switch can use that MAC address to send packets to the device with the matching MAC address.

which part of a packet does a "layer 3 router" look at?

the IP header!

"layer 3" means "IP". Routers on the internet use a packet's IP address to decide which router to send the packet to next.

which part of a packet does a "layer 4 load balancer" look at?

the TCP/UDP headers!

layer 4 load balancers will take TCP/UDP packets and forward them to another machine. For TCP connections, they need to keep track of what's in the connection and forward the entire TCP stream to the same machine.

does "layer 1" correspond to part of a packet?

nope!

layer 1 is the "physical layer" -- it's the wireless signals / network cards / cables that allow the bytes in a packet to be sent from one device to another

in an HTTP request, what does a layer 7 load balancer look at?

the HTTP headers!

For example, a layer 7 load balancer will use the Host: header to determine which website to serve.

will a layer 3 router modify the packet's port?

nope!

the port is in layer 4. network equipment that's responsible for handling a certain layer usually leaves information in higher layers alone.

will a layer 3 router modify the packet's MAC address?

yes!

the MAC address is in layer 2. when a router sends a packet to the next hop, it often needs to set the MAC address to the address of the machine it's sending the packet to.

in general, changing lower layers is fair game. For example, a HTTP load balancer will usually change the IP address.

will a layer 4 load balancer change the HTTP request being made?

nope!

in general a TCP or (layer 4) load balancer only changes the lower layers, (like IP address / port). It won't look at the contents of the TCP stream being forwarded at all.

can a HTTP (layer 7) load balancer modify the HTTP response?

yes!

2 common uses for this:

  1. compress the response to improve performance
  2. add headers (like for CORS)

is there such a thing as software that works at layer 5/6?

not really!

in real life people only really talk about layers 1, 2, 3, 4, and 7. If you Google you'll find TONS of results for "layer 4 proxy" and "layer 7 proxy" but basically none for 5/6.

more reading