Hello again Mohammad.
When any communication is initiated from source to destination, the contents of some network layers change for every hop and some do not change. So, you need some sort of integrity check at different layers to account for that. Let’s look at the following example:
Your PC with IP address 10.10.10.10 is sending an email to the email server with an IP address of 10.10.20.20. The encapsulation takes place like this:
Layer 4 TCP checksum checks the header and payload
Layer 3 IP header checksum checks only the IP header integrity
Layer 2 Ethernet FCS checks header and payload
Layer 1 Placed on the medium
Now because the destination is in another subnet, the PDU must be sent to the default gateway. The default gateway does some decapsulation as well:
Decapsulation:
Layer 2 Check Ethernet FCS and if approved, decapsulate further
Layer 3 Check IP header checksum and if approved, check destination IP addresses and determine routing
The PDU must now be reencapsulated
Layer 2 Create a new Ethernet Header with new Source and Destination MAC addresses and a new FCS
Layer 1 Place on the medium
Now the PDU has reached the subnet in which the email server is, so when it reaches the destination, decapsulation takes place again:
Layer 2 Check Ethernet FCS and if approved, decapsulate further
Layer 3 Check IP header checksum, and if approved, check IP destination address and confirm packet is for me
Layer 4 Check TCP checksum and confirm integrity of segment
Further decapsulate to the application layer.
So you should see from the above that the layer 2 FCS is necessary for EVERY hop that takes place, and it is actually recalculated every time!! The Layer 3 IP header checksum is checked every hop to confirm that the header is correct so that the destination IP address can be read and routing is determined. The Layer 4 TCP checksum is only checked at the destination to make sure the payload has no errors.
So once again, layer 2 changes every hop, layer 3 does not change but must be checked for correct routing, and layer 4 is checked only at the destination. So that’s why we need different integrity checks for different layers of the OSI.
I hope this has been helpful!
Laz