Understanding the IPV4 Packet Header: A Deep Dive
The IP (Internet Protocol) packet header is a crucial part of how data is transmitted across networks. It contains vital information that helps routers and devices determine where the packet is coming from, where it’s going, and how to handle it.
In this post, we’ll break down the structure of an IPv4 packet header, explain its fields, and show how it works in real-world data transmission.
What is an IP Packet?
An IP packet is the fundamental unit of data transmitted over the internet. It consists of two main parts:
- Header – Contains metadata about the packet (source, destination, etc.).
- Payload – The actual data being transmitted (such as part of a webpage, an email, or a video stream).
Every device on a network uses the IP header to properly route and process packets.
Structure of an IPv4 Packet Header
An IPv4 packet header is 20 to 60 bytes long and consists of several fields, each serving a specific function. Let’s break it down:
IPv4 Header Fields (Fixed 20 Bytes)
| Field | Size (Bits) | Description |
|---|---|---|
| Version | 4 | Specifies IP version (IPv4 = 4, IPv6 = 6). |
| IHL (Header Length) | 4 | Length of the header in 32-bit words. |
| Type of Service (TOS) | 8 | Defines packet priority and quality of service (QoS). |
| Total Length | 16 | Total size of the packet (header + data). |
| Identification | 16 | Unique ID for reassembling fragmented packets. |
| Flags | 3 | Control flags for fragmentation. |
| Fragment Offset | 13 | Position of this fragment in the original packet. |
| Time to Live (TTL) | 8 | Limits the packet’s lifespan in hops to prevent looping. |
| Protocol | 8 | Identifies the transport protocol (TCP = 6, UDP = 17). |
| Header Checksum | 16 | Error-checking for header integrity. |
| Source IP Address | 32 | Sender’s IP address. |
| Destination IP Address | 32 | Receiver’s IP address. |
| Options (if any) | Variable | Extra settings for security, routing, etc. |
Detailed Breakdown of Key Fields
1. Version (4 Bits)
This specifies the IP version being used.
- IPv4 packets have a value of 4.
- IPv6 packets have a value of 6 (IPv6 has a different header structure).
2. Internet Header Length (IHL) (4 Bits)
This tells us the length of the header in 32-bit words.
- The minimum value is 5 (20 bytes).
- If options are present, the header can be up to 60 bytes long.
3. Type of Service (TOS) / Differentiated Services (8 Bits)
This field is used for Quality of Service (QoS), allowing priority handling of packets.
- Example: Voice-over-IP (VoIP) packets may be given priority over normal web browsing.
4. Total Length (16 Bits)
Defines the entire size of the packet, including the header and data.
- Minimum = 20 bytes (header-only)
- Maximum = 65,535 bytes (though most networks limit it to lower sizes).
5. Identification, Flags, and Fragment Offset (16 + 3 + 13 Bits)
These fields handle packet fragmentation.
- Large packets are split into smaller fragments to fit network requirements.
- The Identification field helps reassemble fragments into the original packet.
- Flags indicate whether a packet is fragmented or not.
6. Time to Live (TTL) (8 Bits)
TTL limits how long a packet can exist in the network.
- Every router that forwards the packet decreases TTL by 1.
- If TTL reaches 0, the packet is discarded, preventing infinite loops.
- Default TTL values vary by OS (e.g., Windows = 128, Linux = 64).
7. Protocol (8 Bits)
Indicates the transport layer protocol that the packet’s payload is using.
- 6 = TCP (Transmission Control Protocol)
- 17 = UDP (User Datagram Protocol)
- 1 = ICMP (Ping and error reporting)
8. Header Checksum (16 Bits)
Used for error detection in the header.
- If an error is found, the packet is discarded and may be resent.
9. Source and Destination IP Addresses (32 Bits Each)
These fields specify where the packet is coming from and where it’s going.
Example:
- Source IP: 192.168.1.1 (Your device)
- Destination IP: 142.250.190.14 (Google’s server)
10. Options (Variable Length, Optional)
Rarely used, but can include:
- Security settings
- Timestamping
- Special routing instructions
How the IP Header Works in Data Transmission
Example: Sending a Web Request to Google
- Your browser sends a request for
www.google.com. - The request is encapsulated in a TCP segment.
- The TCP segment is encapsulated in an IP packet.
- The packet’s header is filled with:
- Source IP: Your device’s IP
- Destination IP: Google’s IP
- Protocol: TCP (6)
- TTL: 64 (so it doesn’t loop forever)
- The packet is sent to your router, which forwards it to Google.
- Google’s server processes the request and sends a response following the same process.
IP Packet Header in Action: Wireshark Example
Using tools like Wireshark, we can inspect real IP packets. A sample might look like this:
Internet Protocol Version 4, Src: 192.168.1.100, Dst: 142.250.190.14
Version: 4
Header Length: 20 bytes
Type of Service: 0x00 (Normal)
Total Length: 60 bytes
Identification: 0x1234
Flags: 0x02 (Don't Fragment)
Time to Live: 64
Protocol: TCP (6https://j2sw.com
https://startawisp.info
https://indycolo.net
#packetsdownrange #routethelight