0

I'm sort of confused here: According to several illustrations I've seen and material from Cisco the session layer from OSI is part of the application layer in TCP/IP. This makes no sense to me since it is the TCP protocol of the transport layer (in the TCP/IP model) that takes care of sessions. So what's the deal?

Axel Kennedal
  • 374

1 Answers1

2

These layers were simply consolidated into one because more often than not, the application will handle functions provided by the top 3 layers. As has been said many times here before, the layers are only intended to be abstraction tools. No one designs protocols in strict adherence with the layers of either the TCP/IP or OSI models. You're also incorrect in asserting that TCP handles "sessions" - the "session" can easily (and should) be thought of as an application-specific construct. For example, when you order something from an Internet website, the session is application-layer specific - there is an HTTP session cookie that's used to maintain state of your browsing session with that website via your web browser, completely separate from the TCP socket that's open between your machine and the web server. Do the notion of HTTP session cookies deserve their own layer in a model because they serve a distinct and separate purpose? They could, but from an abstraction point of view, it doesn't make a lot of sense, because this is a function that the application (HTTP) handles.

John Jensen
  • 141
  • Okay, but TCP handles sessions using the three-way-handshake –  Feb 28 '14 at 18:18
  • This is simply a semantics issue. The term "session" in the context of the TCP 3-way handshake could just as easily be replaced with "connection", "socket", or "channel" - there's not a direct one to one mapping between intended layer functionality and terminology used to describe said functionality. This is why the layers are intended to be abstraction tools. :-) –  Feb 28 '14 at 18:21
  • For example an HTTP session usually consists of multiple TCP connections, so application session, e.g. the login starts within one TCP connection but the authorized access extends over other TCP sessions. – Steffen Ullrich Feb 28 '14 at 19:53
  • Here's a longer discussion on the use of the OSI model: http://networkengineering.stackexchange.com/questions/6380/osi-model-and-networking-protocols-relationship – Ron Trunk Feb 28 '14 at 22:59