Data encapsulation is the process that takes place when one host on a network needs to send data to another host. As data is prepared for transit, it flows down through each layer of the OSI model. At each layer, extra control information is added to the data before being passed to the layer below. This process continues until the data reaches the physical layer where the data is passed onto the network medium as a series of 0’s and 1’s.
Data encapsulation is analogous to Russian matryoshka dolls where the smallest doll (data) is nicely encapsulated into the next smallest doll (lower layer headers), etc.
A Protocol data unit (PDU) is an OSI term given to the chunks of information either added (encapsulation) or removed (decapsulation) by an OSI layer. Data, segments, packets, frames, and bits are all PDUs which can be seen below. One mnemonic which can be used for learning these PDUs is “Does sergeant pay for beer?” It’s just crazy enough that you won’t forget it!
Once the data is encapsulated by layers 7, 6, and 5, layer 4 (the transport layer) is responsible for taking the larger chunks of data and breaking it into smaller manageable segments. In the case of TCP, these segments are also sequenced so that the receiving host can reassemble the segments into the original message since the transport layer cannot guarantee that the data will arrive in the order that it was sent. The segment is then handed down to the network layer.
Once the network layer receives a segment, source and destination logical addresses are appended. These addresses are used for routing this newly formed packet through the various networks until it reaches its destination. The packet is then handed down to the data link layer.
The data link layer intercepts the packet and appends both a header and a trailer. This is called a frame. The frame’s header contains source and destination hardware addresses as well as additional information that specifies what network layer protocol is being carried. The trailer contains a Cyclic Redundancy Check (CRC) for error detection. The frame is then handed down to the physical layer for transmission onto the network medium.
CRC is a mathematical process that is run against the frame with the result placed in the trailer. The receiving host will run the same mathematical process again and compare its result with the original result in the trailer. If the results are the same, the receiving host can be assured the frame has not become corrupted in some way during transit.
Since the above layers are really just logical groupings of 0’s and 1’s, the physical layer encapsulates these bits into a digital signal that can be read by other devices on the same network.
The above processes describe data encapsulation, but the process must be reversed by the receiving host. This is called decapsulation. As the message is passed up through the OSI model, each layer strips off its corresponding headers before passing the remaining content up to the next layer. This process repeats until it reaches the application layer.
Not all networking devices work at all layers of the OSI model. In fact, nearly all devices that intercept network traffic along its path from source to destination tend to deal with the lower layers only and do not concern themselves with the information from higher layers. An exception to this rule would be a firewall with deep packet inspection capabilities such as Cisco’s ASA 5500-X series adaptive security appliances.