What You'll Learn
A complete guide to the OSI model — all 7 layers explained with real-world DevOps context, Docker examples, and practical debugging implications at each layer.
What is the OSI Model?
The Open Systems Interconnection (OSI) model is a conceptual framework that standardizes the functions of a communication system into seven distinct layers. Created by the International Organization for Standardization (ISO), it helps you understand how data travels from one application to another across a network.
The 7 OSI Layers
Data travels DOWN when sending, UP when receiving
Mnemonic: Please Do Not Throw Sausage Pizza Away (Physical→Application)
Layer 1: Physical Layer
The physical layer is the foundation — it deals with the raw transmission of bits over a physical medium. This includes electrical signals over copper cables, light pulses through fiber optic cables, and radio waves for Wi-Fi.
- What it does: Converts bits (0s and 1s) to signals and back
- Your concern: Usually none — but if you're connecting bare-metal servers, NIC issues, or diagnosing cable problems
- DevOps context: When AWS says "Enhanced Networking" — it's optimizing at this layer
Layer 2: Data Link Layer
The data link layer handles communication between devices on the same network using MAC addresses. It packages raw bits into frames and provides error detection.
# View MAC address
ip link show eth0
# output: link/ether 00:1a:2b:3c:4d:5e
# ARP — Maps IP to MAC (L2 to L3 bridge)
arp -a # View ARP cache
arp -n 192.168.1.1 # Look up specific IP
# Docker uses L2 for bridge networking
# When containers communicate on the same bridge network,
# they use virtual Ethernet (veth) pairs at Layer 2Layer 3: Network Layer
This is where IP addressing and routing happen. The network layer determines the best path to get data from source to destination — even across multiple networks.
# IP commands (Layer 3)
ip addr show # View IP addresses
ip route show # View routing table
ip route add 10.0.0.0/8 via 192.168.1.1 # Add static route
# ICMP operates at Layer 3 (ping)
ping -c 3 8.8.8.8 # Test network connectivity
traceroute 8.8.8.8 # See L3 routing path
# AWS VPC operates at Layer 3
# - Route tables decide where packets go
# - Security Groups filter at L3/L4
# - Internet Gateway bridges VPC to internetLayer 4: Transport Layer
The transport layer provides end-to-end communication between applications. This is where TCP and UDP live — along with port numbers.
TCP — Reliable, Connection-Oriented
- ✅ 3-way handshake (SYN → SYN-ACK → ACK)
- ✅ Guaranteed delivery with retransmission
- ✅ Ordered delivery
- ✅ Flow control
- Use for: HTTP, HTTPS, SSH, FTP, email
UDP — Fast, Connectionless
- ⚡ No handshake — fire and forget
- ⚡ Lower latency
- ⚡ No guaranteed delivery
- ⚡ No ordering
- Use for: DNS, video streaming, VoIP, games
# View open ports (Layer 4)
ss -tulnp # TCP/UDP listeners with process
ss -tnp # TCP connections
# Common ports you must know:
# 22 — SSH 80 — HTTP
# 443 — HTTPS 3306 — MySQL
# 5432 — PostgreSQL 6379 — Redis
# 8080 — HTTP alt 27017 — MongoDB
# Docker port mapping works at Layer 4
docker run -p 8080:80 nginx # Map host:8080 → container:80
# Kubernetes Services also operate at L4
# ClusterIP, NodePort, LoadBalancer all use TCP/UDP portsLayers 5-7: Session, Presentation, Application
In modern TCP/IP networking, these three layers are often merged into the "Application Layer". As a DevOps engineer, you'll interact with these most.
- Session (L5): Manages connections (relevant in stateful load balancing, session persistence)
- Presentation (L6): TLS/SSL encryption happens here — crucial for HTTPS
- Application (L7): HTTP, gRPC, WebSockets — your Nginx/Kubernetes Ingress operates here
OSI in Kubernetes Context
- L7 — Ingress controllers (Nginx, Traefik)
- L4 — Services (LoadBalancer, NodePort)
- L3 — Pod-to-pod routing (CNI plugin)
- L2 — Node networking (veth, flannel)
- L7 — App returning 502? Check Ingress config
- L4 — Service not reachable? Check ports
- L3 — Pod can't reach pod? Check NetworkPolicy
- L2 — Node unreachable? Check NIC/bridge