We have learned how data is transmitted between the network devices or across the networks. One of the most applied models is OSI (Open Systems Interconnection). If you are unaware of the network model, we got you covered. We know that the transport layer is layer 4 and just above the network layer. What happens in the transport layer? The data from the session layer is broken down into chunks called segments. Now, these segments are further divided into smaller units called packets by the network layer. These packets are delivered to the respective IP addresses. The IP packet encapsulates the data received from the session layer, known as IP payload, and adds it to its IP header. The IP header contains all the information required to deliver the packets to the destination.

Prerequisite zone:

• Internet protocol (IP) is responsible for the successful delivery of packets to the destination.
• IP addresses are generally two types: IPv4 and IPv6.
• IPv4 is the first major version of IP and is version 4.
• IPv4 is of 32 bits (4 octets) and IPv6 is of 128 bits (16 octets).
• IPv4 is a connectionless protocol and is used in packet-switching networks.

Here, we focus on the IPv4 header.

IP Header Format:

Version:

It is a 4-bit field that indicates the version of IP used. The most popularly used versions are version 4 (IPv4) and version 6 (IPv6). Note that datagram headers or header formats are different for different versions and are parsed accordingly.

IP Header Length:

The IP header length field is of 4-bits. That is represented in 32-bit words, that is the value is multiplied by 4 bytes. (Since a word= 16 bits=2 bytes; 32-bit=4 bytes). 

Let’s say the value of this field is 5 (0101 in binary). Then the length of the IP header is 5*4=20 bytes. But the IP header length cannot be less than 20 bytes. So, the initial 5 values in the IP Header length field i.e. 0 (0000) ,1 (0001), 2 (0010) ,3 (0011) and 4 (0100) are considered invalid. Hence the minimum value of this field comes to be 5 (5*4=20 bytes, which is the minimum length of the IP header) and the maximum is 15 (15*4=60 bytes) which is the maximum length of the IP header.

From the above discussion, the minimum length of the IP header is 20 bytes (without payload) and the maximum length is 60 bytes.

Types of Service:

Also, TOS is an 8-bit field,  provides an indication of the abstract parameters of the quality of service desired. Several networks offer service precedence which treats high precedence traffic as more important. With the help of the precedence field, the packets which are highly prioritized can be transmitted and the ones with less priority can be discarded, in case of network congestion. What exactly is precedence here? We shall take a look now.

The below figures show the description of the TOS field. (This is with reference to RFC791)

Total Length:

It is a 16-bit field

Total Length = Header length + user Data Length (value in bytes)

Minimum length of the datagram=20 bytes (min header length=20+ 0 payload)

The maximum length of the datagram= 65535 bytes as it is a 16-bit field.

Identification:

During the transmission, if the IP datagram is fragmented then each fragmented datagram will have the same identification number. The same identification number aids the sender when assembling the datagram. 

Flags:

It is a 3-bit field. The first bit is reserved and is always zero.

The second bit: DF (Do not Fragment bit)

If set to 0, datagram grants the permission to the intermediate networks to fragment the datagram, if needed.

If set to 1:

• The intermediate networks should not fragment the datagram.
• If the datagram required to be fragmented in order to travel further but the settings do not permit, then the datagram is simply discarded.
• An error message will be sent to the sender stating that the datagram could not be delivered due to settings.

The third bit: MF (More Fragments)

If set to 0, it indicates that it is the last fragment of the set or it is the only fragment.

If set to 1, it indicates that it isn’t the last fragment of the set and there are more fragments following. All the MFs are set to 1 in all the fragments except for the last one.

Fragment Offset:

It is a 13-bit field that indicates the position of a fragmented datagram in the unfragmented datagram (original datagram). The first fragment has an offset of 0, it is in the first position in the original datagram. We use a scaling factor of 8 to find the offset.

Fragment offset field value=Fragment offset/8.

Why scaling factor is necessary?

• In the IPv4 header, the total length field comprises 16 bits.
• Minimum header length = 20 bytes.
• So, the maximum amount of data that can be sent in the payload field = 2¹⁶ – 20 bytes.
• In the worst case, a datagram containing 2¹⁶ – 20 bytes of data might be fragmented in such a way that the last fragmented datagram contains only 1 byte of data.
• Then, fragment offset for the last fragmented datagram will be (2¹⁶ – 20) – 1 = 2¹⁶ -21 ≅ 2¹⁶ (if no scaling factor is used)
• Now, this fragment offset value of 2¹⁶ can not be represented as the fragment offset field is of only 13-bits.
• Using 13 bits, a maximum number of 2¹³ can be represented.
• So, to represent 2¹⁶ we use the concept of scaling factor.
• Scaling factor = 2¹⁶ / 2¹³ = 2³ = 8.

Time To Live (TTL):

It is an 8-bit field. It indicates the maximum number of hops (intermediate network devices) a datagram can take before actually reaching the destination. The value of TTL is decremented when the datagram visits a hop. So, if the value of TTL becomes zero at any intermediate network device the datagram is discarded. It is only accepted if the value of TTL is greater than or equal to zero at the destination.

Protocol:

It is an 8-bit field that tells the receiver, to which protocol does the IP packet belongs to. In other words, it tells about the next level (layer) protocol to the network layer.

When the datagram reaches a router, the buffer would have already full. The router doesn’t discard the datagrams directly. The router checks for the next level protocol in the protocol field and takes decisions accordingly. If the next level protocol is TCP, then the router tries to make a room for the datagram in the buffer. The room is created by eliminating some datagrams with lower priority. Isn’t this a loss? No. The router knows that the TCP is a reliable protocol and the lost packets will be sent again by the sender.

If the protocol would have been inside the datagram, the router will not be able to check for the protocol number. This is because the router has only three layers: physical, data link, and the network layer. The information within the datagram can only be assembled by the layers above the network layer. Hence, the protocol is placed in the header field.

The process of adjusting the buffer of the router to avoid dropping of packets is called buffer tuning. More about buffers in the reference section.

The order in which the router eliminates datagrams from its buffer:

ICMP > IGMP > UDP > TCP

Header Checksum:

It is a 16-bit field that has the checksum value of the entire header. The checksum is used for error detection and checking. The header checksum is compared with the value of the header field. If the values do not match, the datagram will be discarded. The router updates the value of the checksum whenever it modifies the datagram header.

The fields that may be modified by a router or intermediate network device are TTL, Header Length, Fragment offset, Options, and datagram length.

Source IP address: 

It is a 32-bit field that carries the IP address of the sender.

Destination IP address:

It is a 32-bit field that carries the IP address of the receiver.

Options:

The size of this field varies from 0 to 40 bytes. The options field is used for several purposes. They are as follows: 

Record route:

It is used to record the IP addresses of the routers through which the datagram has traveled. The maximum number of IPv4 addresses that can be accommodated in this field is 9. Since the field length is 40-bytes and the size of the IP address is 4 bytes (32-bits each), the number of IP addresses can be only 9. Isn’t 40/4=10? Yes. But to indicate which type of option is used, some space (4-bytes) is left. 

Source routing:

It is the option used to specify the route that a datagram should take to reach the destination.

Padding:

It is the process of filling up dummy data in the unused space of the transmission unit and make it conform to the standard size.

We know that the header length should be a multiple of 4. If the header length doesn’t sum to a multiple of 4 then extra zeroes are padded to meet the standard. If header length is 17-bytes then three zeroes are padded and 20/4= 5 is put in the header length field. Utmost only 3-bytes of dummy data will be padded.

Co-author: @yuktibagrodia

Neologism and Additional Information:

Delay: In simple terms, it is the time taken for a network to successfully deliver the packets to the destination. The networks in which delays are low are termed as “Low Latency networks” and those with higher delays are termed as “High Latency Networks”. 

Throughput: It is the number of packets of data transmitted in a given unit time. It can also be said as the measure of no.of units of data a system can process in a given time. Throughput has different definitions in different contexts.

Reliability: When a packet is lost or corrupted, then the receiver requests retransmission. In this way, TCP ensures complete packet delivery and hence the reliable protocol. It also notifies the sender if the packet is delivered to the destination or not.

Buffer: It is a space or region in physical memory that is used to temporarily store data (any PDU) when it is being transmitted from one place to the other.

PDU: Protocol Data Unit. It is the unit of information transmitted in a network. At different layers, these blocks are termed differently. Physical layer (raw bits 0s and 1s), Data Link Layer (Frames), Network Layer (Packets), Transport Layer (Segments), Session (the data passed to the network connection), Presentation Layer (data formatted for presentation) and Application Layer (the data transmitted or received by the software application). These are with reference to the OSI Model.

Protocol number: Each protocol is assigned with a number to uniquely identify them. The protocol number for TPC is 6, UDP is 17, and many more.

Connectionless protocol: A transmission between the two hosts or peers without any prior connection is connectionless. Ex. IP

Packet-switching: The data is broken down into packets (small chunks of data) and routed individually from source to destination without a dedicated route or circuit.

References and Recommendations:

• Transmission Control Protocol
• Network Performance
• OSI Model
• TCP/IP Model
• Protocol Numbers
• Working of buffer
• Additional reference