IPv4
Encyclopedia
Internet Protocol version 4 (IPv4) is the fourth revision in the development of the Internet Protocol
(IP) and the first version of the protocol to be widely deployed. Together with IPv6
, it is at the core of standards-based internetworking methods of the Internet
. IPv4 is still by far the most widely deployed Internet Layer
protocol ' onMouseout='HidePop("23811")' href="/topics/IPv6_deployment">IPv6 deployment
is still in its infancy).
IPv4 is described in IETF publication RFC 791 (September 1981), replacing an earlier definition (RFC 760, January 1980).
IPv4 is a connectionless protocol for use on packet-switched Link Layer
networks (e.g., Ethernet
). It operates on a best effort delivery
model, in that it does not guarantee delivery, nor does it assure proper sequencing or avoidance of duplicate delivery. These aspects, including data integrity, are addressed by an upper layer
transport protocol , such as the Transmission Control Protocol
(TCP).
(four-byte
) addresses, which limits the address space
to (232) addresses. However, some address blocks are reserved for special purposes such as private network
s (~18 million addresses) and multicast
addresses (~270 million addresses). This reduces the number of addresses that may be allocated for routing on the public Internet. As addresses are assigned to end users, an IPv4 address shortage has been developing. Network addressing changes by classful network
design, Classless Inter-Domain Routing
, and network address translation
(NAT) have contributed to delay significantly the inevitable exhaustion which occurred on February 3, 2011 when IANA allocated the last five blocks to the five regional Internet registries (RIRs).
This limitation stimulated the development of IPv6
in the 1990s, which has been in commercial deployment since 2006.
, which consists of four octets of the address expressed individually in decimal
and separated by periods.
The following table shows several representation formats:
Additionally, in dotted format, each octet can be of any of the different bases. For example, 192.0x00.0002.235 is a valid (though unconventional) equivalent to the above addresses.
of the address and the host identifier using the rest of the address. The latter was therefore also called the rest field. This enabled the creation of a maximum of 256 networks. This was quickly found to be inadequate.
To overcome this limit, the high order octet of the addresses was redefined to create a set of classes of networks, in a system which later became known as classful network
ing.
The system defined five classes, Class A, B, C, D, and E. The Classes A, B, and C had different bit lengths for the new network identification. The rest of an address was used as previously to identify a host within a network, which meant that each network class had a different capacity to address hosts. Class D was allocated for multicast
addressing and Class E was reserved for future applications.
Starting around 1985, methods were devised to allow IP networks to be subdivided. The concept of the variable-length subnet mask (VLSM) was introduced which allowed flexible subdivision into varying network sizes.
Around 1993, this system of classes was officially replaced with Classless Inter-Domain Routing
(CIDR), and the class-based scheme was dubbed classful, by contrast.
CIDR was designed to permit repartitioning of any address space so that smaller or larger blocks of addresses could be allocated to users. The hierarchical structure created by CIDR is managed by the Internet Assigned Numbers Authority
(IANA) and the regional Internet registries
(RIRs). Each RIR maintains a publicly-searchable WHOIS
database that provides information about IP address assignments.
s. These ranges are not routable outside of private networks and private machines cannot directly communicate with public networks. They can, however, do so through network address translation
.
The following are the three ranges reserved for private networks (RFC 1918):
Packets with a private destination address are ignored by all public routers. Therefore, it is not possible to communicate directly between two private networks (e.g., two branch offices) via the public Internet. This requires the use of IP tunnel
s or a virtual private network
(VPN).
VPNs establish tunneling connections across the public network such that the endpoints of the tunnel function as routers for packets from the private network. In this routing function the host encapsulates packets in a protocol layer with packet headers acceptable in the public network so that they may be delivered to the opposing tunnel end point where the additional protocol layer is removed and the packet is delivered locally to its intended destination.
Optionally, encapsulated packets may be encrypted to secure the data while it travels over the public network.
) when a host cannot obtain an IP address from a DHCP server or other internal configuration methods.
When the address block was reserved, no standards existed for mechanisms of address autoconfiguration. Filling the void, Microsoft
created an implementation called Automatic Private IP Addressing (APIPA). Due to Microsoft's market power, APIPA has been deployed on millions of machines and has, thus, become a de facto
standard in the industry. Many years later, the IETF defined a formal standard for this functionality, RFC 3927, entitled Dynamic Configuration of IPv4 Link-Local Addresses.
) is reserved for localhost
communication.
Addresses within this range should never appear outside a host computer and packets sent to this address are returned as incoming packets on the same virtual network device (known as loopback
).
Classful addressing prescribed only three possible subnet masks: Class A, 255.0.0.0 or /8; Class B, 255.255.0.0 or /16; and Class C, 255.255.255.0 or /24. For example, in the subnet 192.168.5.0/255.255.255.0 (192.168.5.0/24) the identifier 192.168.5.0 commonly is used to refer to the entire subnet. To avoid ambiguity in representation, the address ending in the octet 0 is reserved.
A broadcast address
is an address that allows information to be sent to all interfaces in a given subnet, rather than a specific machine. Generally, the broadcast address is found by obtaining the bit complement of the subnet mask and performing a bitwise OR operation with the network identifier. In other words, the broadcast address is the last address in the address range of the subnet. For example, the broadcast address for the network 192.168.5.0 is 192.168.5.255. For networks of size /24 or larger, the broadcast address always ends in 255.
However, this does not mean that every address ending in 0 or 255 cannot be used as a host address. For example, in the case of a /16 subnet 192.168.0.0/255.255.0.0, equivalent to the address range 192.168.0.0–192.168.255.255, the broadcast address is 192.168.255.255. However, one may assign 192.168.1.255, 192.168.2.255, etc. 192.168.0.0 is the network identifier which should not be assigned to an interface,, but 192.168.1.0, 192.168.2.0, etc. may be assigned.
In the past, conflict between network addresses and broadcast addresses arose because some software used non-standard broadcast addresses with zeros instead of ones.
In networks smaller than /24, broadcast addresses do not necessarily end with 255. For example, a CIDR subnet 203.0.113.16/28 has the broadcast address 203.0.113.31.
are usually known by names, e.g., www.example.com, not primarily by their IP address, which is used for routing and network interface identification. The use of domain names requires translating, called resolving, them to addresses and vice versa.
The translation between addresses and domain names is performed by the Domain Name System
(DNS), a hierarchical, distributed naming system which allows for subdelegation of name spaces to other DNS servers. DNS is often described in analogy to the telephone system directory information systems in which subscriber names are translated to telephone numbers.
s, the creation of Classless Inter-Domain Routing
(CIDR) methods, and network address translation
(NAT), and finally for the redesign of the Internet Protocol, based on a larger address format (IPv6
).
Several market forces have driven the acceleration of IPv4 address exhaustion:
A variety of technologies introduced during the growth of the Internet have been applied to mitigate IPv4 address exhaustion and its effects, such as:
The primary address pool of the Internet, maintained by IANA, was exhausted on 3 February 2011 when the last 5 blocks were allocated to the 5 RIRs. APNIC
was the first RIR to exhaust its regional pool on 15 April 2011, except for a small amount of address space reserved for the transition to IPv6, which will be allocated under a much more restricted policy.
The accepted and standardized solution is the migration to Internet Protocol Version 6
. The address size was increased in IPv6 to 128 bits, providing a vastly increased address space that also allows improved route aggregation across the Internet and offers large subnetwork allocations of a minimum of 264 host addresses to end-users. Migration to IPv6 is in progress but completion is expected to take considerable time.
The IPv4 packet header consists of 14 fields, of which 13 are required. The 14th field is optional (red background in table) and aptly named: options. The fields in the header are packed with the most significant byte first (big endian
), and for the diagram and discussion, the most significant bits are considered to come first (MSB 0 bit numbering). The most significant bit is numbered 0, so the version field is actually found in the four most significant bits of the first byte, for example.
Version : The first header field in an IP packet is the four-bit version field. For IPv4, this has a value of 4 (hence the name IPv4).
Internet Header Length (IHL) : The second field (4 bits) is the Internet Header Length (IHL) telling the number of 32-bit words in the header. Since an IPv4 header may contain a variable number of options, this field specifies the size of the header (this also coincides with the offset to the data). The minimum value for this field is 5 (RFC 791), which is a length of 5×32 = 160 bits = 20 bytes. Being a 4-bit value, the maximum length is 15 words (15×32 bits) or 480 bits = 60 bytes.
Differentiated Services Code Point (DSCP)
Explicit Congestion Notification (ECN) : Defined in RFC 3168 and allows end-to-end notification of network congestion
without dropping packets. ECN is an optional feature that is only used when both endpoints support it and are willing to use it. It is only effective when supported by the underlying network.
Total Length : This 16-bit field defines the entire datagram size, including header and data, in bytes. The minimum-length datagram is 20 bytes (20-byte header + 0 bytes data) and the maximum is 65,535 bytes — the maximum value of a 16-bit word. The minimum size datagram that any host is required to be able to handle is 576 bytes, but most modern hosts handle much larger packets. Sometimes subnetwork
s impose further restrictions on the size, in which case datagrams must be fragmented. Fragmentation is handled in either the host or packet switch in IPv4.
Identification : This field is an identification field and is primarily used for uniquely identifying fragments of an original IP datagram. Some experimental work has suggested using the ID field for other purposes, such as for adding packet-tracing information to datagrams in order to help trace back datagrams with spoofed source addresses.
Flags : A three-bit field follows and is used to control or identify fragments. They are (in order, from high order to low order):
Fragment Offset : The fragment offset field, measured in units of eight-byte blocks, is 13 bits long and specifies the offset of a particular fragment relative to the beginning of the original unfragmented IP datagram. The first fragment has an offset of zero. This allows a maximum offset of (213 – 1) × 8 = 65,528 bytes which would exceed the maximum IP packet length of 65,535 bytes with the header length included (65,528 + 20 = 65,548 bytes).
Time To Live (TTL) : An eight-bit time to live
field helps prevent datagrams from persisting (e.g. going in circles) on an internet. This field limits a datagram's lifetime. It is specified in seconds, but time intervals less than 1 second are rounded up to 1. In latencies typical in practice, it has come to be a hop count
field. Each router that a datagram crosses decrements the TTL field by one. When the TTL field hits zero, the packet is no longer forwarded by a packet switch and is discarded. Typically, an ICMP Time Exceeded
message is sent back to the sender to inform it that the packet has been discarded. The reception of these ICMP messages is at the heart of how traceroute
works.
Protocol : This field defines the protocol used in the data portion of the IP datagram. The Internet Assigned Numbers Authority
maintains a list of IP protocol numbers which was originally defined in RFC 790.
Header Checksum : The 16-bit checksum
field is used for error-checking of the header. At each hop, the checksum of the header must be compared to the value of this field. If a header checksum is found to be mismatched, then the packet is discarded. Errors in the data field must be handled by the encapsulated protocol and both UDP
and TCP
have checksum fields.
Source address : An IPv4 address indicating the sender of the packet. Note that this address may be changed in transit by a network address translation
device.
Destination address : An IPv4 address indicating the receiver of the packet. As with the Source address, this may be changed in transit by a network address translation
device.
Options : Additional header fields may follow the destination address field, but these are not often used. Note that the value in the IHL field must include enough extra 32-bit words to hold all the options (plus any padding needed to ensure that the header contains an integral number of 32-bit words). The list of options may be terminated with an EOL (End of Options List, 0x00) option; this is only necessary if the end of the options would not otherwise coincide with the end of the header. The possible options that can be put in the header are as follows:
In a typical IP implementation, standard protocols such as TCP and UDP are implemented in the OS kernel
for performance reasons. Other protocols such as ICMP may be partially implemented by the kernel, or implemented purely in user software. Protocols not implemented in-kernel, and not exposed by standard APIs such as BSD sockets
, are typically implemented using a 'raw socket
' API.
Some of the common protocols for the data portion are listed below:
See List of IP protocol numbers for a complete list.
of IP datagrams. In IPv4, this function was placed at the Internet Layer
, and is performed in IPv4 routers, which thus only require this layer as highest one implemented in their design.
In contrast, the next generation of the Internet Protocol, namely IPv6
, does not require routers to perform fragmentation; instead, hosts must determine the path maximum transmission unit in advance of transmission and send conforming datagrams.
This interface has an associated MTU that dictates the maximum data size for its payload.
If the data size is bigger than the MTU then the device must fragment the data.
The device then segments the data into segments where each segment is less-than-or-equal-to the MTU less the IP header size (20 bytes minimum; 60 bytes maximum).
Each segment is then put into its own IP packet with the following changes:
For example, for an IP header of length 20 bytes and an Ethernet MTU of 1,500 bytes the fragment offsets would be: 0, (1480/8) = 185, (2960/8) = 370, (4440/8) = 555, (5920/8) = 740, etc.
By some chance if a packet changes link layer protocols or the MTU reduces then these fragments would be fragmented again.
For example, if a 4,500-byte data payload is inserted into an IP packet with no options (thus total length is 4,520 bytes) and is transmitted over a link with an MTU of 2,500 bytes then it will be broken up into two fragments:
Now, let's say the MTU drops to 1,500 bytes. Each fragment will individually be split up into two more fragments each:
Indeed, the amount of data has been preserved — 1480 + 1000 + 1480 + 540 = 4500 — and the last fragment offset (495) * 8 (bytes) plus data — 3960 + 540 = 4500 — is also the total length.
Note that fragments 3 & 4 were derived from the original fragment 2. When a device must fragment the last fragment then it must set the flag for all but the last fragment it creates (fragment 4 in this case). Last fragment would be set to 0 value.
then the receiver knows the packet is a fragment.
The receiver then stores the data with the identification field, fragment offset, and the more fragments flag.
When the receiver receives a fragment with the more fragments flag set to 0 then it knows the length of the original data payload since the fragment offset multiplied by 8 (bytes) plus the data length is equivalent to the original data payload size.
Using the example above, when the receiver receives fragment 4 the fragment offset (495 or 3960 bytes) and the data length (540 bytes) added together yield 4500 — the original data length.
Once it has all the fragments then it can reassemble the data in proper order (by using the fragment offsets) and pass it up the stack for further processing.
and thus forms the Internet. It uses a logical addressing system. IP addresses are not tied in any permanent manner to hardware identifications and, indeed, a network interface can have multiple IP addresses. Hosts and routers need additional mechanisms to identify the relationship between device interfaces and IP addresses, in order to properly deliver an IP packet to the destination host on a link. The Address Resolution Protocol
(ARP) performs this IP address to hardware address (MAC address
) translation for IPv4. In addition, the reverse correlation is often necessary. For example, when an IP host is booted or connected to a network it needs to determine its IP address, unless an address is preconfigured by an administrator. Protocols for such inverse correlations exist in the Internet Protocol Suite
. Currently used methods are Dynamic Host Configuration Protocol
(DHCP), Bootstrap Protocol (BOOTP) and, infrequently, reverse ARP.
Address exhaustion:
Internet Protocol
The Internet Protocol is the principal communications protocol used for relaying datagrams across an internetwork using the Internet Protocol Suite...
(IP) and the first version of the protocol to be widely deployed. Together with IPv6
IPv6
Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...
, it is at the core of standards-based internetworking methods of the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
. IPv4 is still by far the most widely deployed Internet Layer
Internet layer
The internet layer or IP layer is a group of internetworking methods in the Internet protocol suite, commonly also called TCP/IP, which is the foundation of the Internet...
protocol ' onMouseout='HidePop("23811")' href="/topics/IPv6_deployment">IPv6 deployment
IPv6 deployment
Internet Protocol Version 6 is the next generation of the Internet Protocol that is currently in various stages of deployment on the Internet...
is still in its infancy).
IPv4 is described in IETF publication RFC 791 (September 1981), replacing an earlier definition (RFC 760, January 1980).
IPv4 is a connectionless protocol for use on packet-switched Link Layer
Link Layer
In computer networking, the link layer is the lowest layer in the Internet Protocol Suite , the networking architecture of the Internet . It is the group of methods or protocols that only operate on a host's link...
networks (e.g., Ethernet
Ethernet
Ethernet is a family of computer networking technologies for local area networks commercially introduced in 1980. Standardized in IEEE 802.3, Ethernet has largely replaced competing wired LAN technologies....
). It operates on a best effort delivery
Best effort delivery
Best effort delivery describes a network service in which the network does not provide any guarantees that data is delivered or that a user is given a guaranteed quality of service level or a certain priority...
model, in that it does not guarantee delivery, nor does it assure proper sequencing or avoidance of duplicate delivery. These aspects, including data integrity, are addressed by an upper layer
Upper layer protocol
In computer networking, the term upper layer protocol refers to a more abstract protocol when performing encapsulation, in particular it is often used to describe the protocols above the network layer....
transport protocol , such as the Transmission Control Protocol
Transmission Control Protocol
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
(TCP).
Addressing
IPv4 uses 32-bitBit
A bit is the basic unit of information in computing and telecommunications; it is the amount of information stored by a digital device or other physical system that exists in one of two possible distinct states...
(four-byte
Byte
The byte is a unit of digital information in computing and telecommunications that most commonly consists of eight bits. Historically, a byte was the number of bits used to encode a single character of text in a computer and for this reason it is the basic addressable element in many computer...
) addresses, which limits the address space
Address space
In computing, an address space defines a range of discrete addresses, each of which may correspond to a network host, peripheral device, disk sector, a memory cell or other logical or physical entity.- Overview :...
to (232) addresses. However, some address blocks are reserved for special purposes such as private network
Private network
In the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks , when globally routable addresses are not...
s (~18 million addresses) and multicast
Multicast
In computer networking, multicast is the delivery of a message or information to a group of destination computers simultaneously in a single transmission from the source creating copies automatically in other network elements, such as routers, only when the topology of the network requires...
addresses (~270 million addresses). This reduces the number of addresses that may be allocated for routing on the public Internet. As addresses are assigned to end users, an IPv4 address shortage has been developing. Network addressing changes by classful network
Classful network
A classful network is a network addressing architecture used in the Internet from 1981 until the introduction of Classless Inter-Domain Routing in 1993. The method divides the address space for Internet Protocol Version 4 into five address classes. Each class, coded in the first four bits of the...
design, Classless Inter-Domain Routing
Classless Inter-Domain Routing
Classless Inter-Domain Routing is a method for allocating IP addresses and routing Internet Protocol packets. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture of classful network design in the Internet...
, and network address translation
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
(NAT) have contributed to delay significantly the inevitable exhaustion which occurred on February 3, 2011 when IANA allocated the last five blocks to the five regional Internet registries (RIRs).
This limitation stimulated the development of IPv6
IPv6
Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...
in the 1990s, which has been in commercial deployment since 2006.
Address representations
IPv4 addresses may be written in any notation expressing a 32-bit integer value, but for human convenience, they are most often written in dot-decimal notationDot-decimal notation
Dot-decimal notation is a presentation format for numerical data. It consists of a string of decimal numbers, each pair separated by a full stop ....
, which consists of four octets of the address expressed individually in decimal
Decimal
The decimal numeral system has ten as its base. It is the numerical base most widely used by modern civilizations....
and separated by periods.
The following table shows several representation formats:
Notation | Value | Conversion from dot-decimal |
---|---|---|
Dot-decimal notation Dot-decimal notation Dot-decimal notation is a presentation format for numerical data. It consists of a string of decimal numbers, each pair separated by a full stop .... |
192.0.2.235 | N/A |
Dotted Hexadecimal | 0xC0.0x00.0x02.0xEB | Each octet is individually converted to hexadecimal form |
Dotted Octal | 0300.0000.0002.0353 | Each octet is individually converted into octal |
Hexadecimal Hexadecimal In mathematics and computer science, hexadecimal is a positional numeral system with a radix, or base, of 16. It uses sixteen distinct symbols, most often the symbols 0–9 to represent values zero to nine, and A, B, C, D, E, F to represent values ten to fifteen... |
0xC00002EB | Concatenation of the octets from the dotted hexadecimal |
Decimal Decimal The decimal numeral system has ten as its base. It is the numerical base most widely used by modern civilizations.... |
3221226219 | The 32-bit number expressed in decimal |
Octal Octal The octal numeral system, or oct for short, is the base-8 number system, and uses the digits 0 to 7. Numerals can be made from binary numerals by grouping consecutive binary digits into groups of three... |
030000001353 | The 32-bit number expressed in octal |
Additionally, in dotted format, each octet can be of any of the different bases. For example, 192.0x00.0002.235 is a valid (though unconventional) equivalent to the above addresses.
Allocation
Originally, an IP address was divided into two parts, the network identifier represented in the most significant (highest order) octetOctet (computing)
An octet is a unit of digital information in computing and telecommunications that consists of eight bits. The term is often used when the term byte might be ambiguous, as there is no standard for the size of the byte.-Overview:...
of the address and the host identifier using the rest of the address. The latter was therefore also called the rest field. This enabled the creation of a maximum of 256 networks. This was quickly found to be inadequate.
To overcome this limit, the high order octet of the addresses was redefined to create a set of classes of networks, in a system which later became known as classful network
Classful network
A classful network is a network addressing architecture used in the Internet from 1981 until the introduction of Classless Inter-Domain Routing in 1993. The method divides the address space for Internet Protocol Version 4 into five address classes. Each class, coded in the first four bits of the...
ing.
The system defined five classes, Class A, B, C, D, and E. The Classes A, B, and C had different bit lengths for the new network identification. The rest of an address was used as previously to identify a host within a network, which meant that each network class had a different capacity to address hosts. Class D was allocated for multicast
Multicast
In computer networking, multicast is the delivery of a message or information to a group of destination computers simultaneously in a single transmission from the source creating copies automatically in other network elements, such as routers, only when the topology of the network requires...
addressing and Class E was reserved for future applications.
Starting around 1985, methods were devised to allow IP networks to be subdivided. The concept of the variable-length subnet mask (VLSM) was introduced which allowed flexible subdivision into varying network sizes.
Around 1993, this system of classes was officially replaced with Classless Inter-Domain Routing
Classless Inter-Domain Routing
Classless Inter-Domain Routing is a method for allocating IP addresses and routing Internet Protocol packets. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture of classful network design in the Internet...
(CIDR), and the class-based scheme was dubbed classful, by contrast.
CIDR was designed to permit repartitioning of any address space so that smaller or larger blocks of addresses could be allocated to users. The hierarchical structure created by CIDR is managed by the Internet Assigned Numbers Authority
Internet Assigned Numbers Authority
The Internet Assigned Numbers Authority is the entity that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System , media types, and other Internet Protocol-related symbols and numbers...
(IANA) and the regional Internet registries
Regional Internet Registry
A regional Internet registry is an organization that manages the allocation and registration of Internet number resources within a particular region of the world...
(RIRs). Each RIR maintains a publicly-searchable WHOIS
WHOIS
WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system, but is also used for a wider range of other information. The protocol stores...
database that provides information about IP address assignments.
Special-use addresses
CIDR Classless Inter-Domain Routing Classless Inter-Domain Routing is a method for allocating IP addresses and routing Internet Protocol packets. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture of classful network design in the Internet... address block |
Description | Reference |
---|---|---|
0.0.0.0/8 | Current network (only valid as source address) | RFC 1700 |
10.0.0.0/8 | Private network Private network In the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks , when globally routable addresses are not... |
RFC 1918 |
127.0.0.0/8 | Loopback Localhost In computer networking, localhost is the standard hostname given to the address of the loopback network interface. The name is also a reserved top-level domain name In computer networking, localhost (meaning this computer) is the standard hostname given to the address of the loopback network... |
RFC 5735 |
169.254.0.0/16 | Link-Local Zeroconf Zero configuration networking , is a set of techniques that automatically creates a usable Internet Protocol network without manual operator intervention or special configuration servers.... |
RFC 3927 |
172.16.0.0/12 | Private network Private network In the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks , when globally routable addresses are not... |
RFC 1918 |
192.0.0.0/24 | Reserved (IANA) | RFC 5735 |
192.0.2.0/24 | TEST-NET-1, Documentation and example code | RFC 5735 |
192.88.99.0/24 | IPv6 IPv6 Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4... to IPv4 relay |
RFC 3068 |
192.168.0.0/16 | Private network Private network In the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks , when globally routable addresses are not... |
RFC 1918 |
198.18.0.0/15 | Network benchmark tests | RFC 2544 |
198.51.100.0/24 | TEST-NET-2, Documentation and examples | RFC 5737 |
203.0.113.0/24 | TEST-NET-3, Documentation and examples | RFC 5737 |
224.0.0.0/4 | Multicast Multicast In computer networking, multicast is the delivery of a message or information to a group of destination computers simultaneously in a single transmission from the source creating copies automatically in other network elements, such as routers, only when the topology of the network requires... s (former Class D network) |
RFC 3171 |
240.0.0.0/4 | Reserved (former Class E network) | RFC 1700 |
255.255.255.255 | Broadcast | RFC 919 |
Private networks
Of the approximately four billion addresses allowed in IPv4, three ranges of address are reserved for use in private networkPrivate network
In the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks , when globally routable addresses are not...
s. These ranges are not routable outside of private networks and private machines cannot directly communicate with public networks. They can, however, do so through network address translation
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
.
The following are the three ranges reserved for private networks (RFC 1918):
Name | Address range | Number of addresses | Classful Classful network A classful network is a network addressing architecture used in the Internet from 1981 until the introduction of Classless Inter-Domain Routing in 1993. The method divides the address space for Internet Protocol Version 4 into five address classes. Each class, coded in the first four bits of the... description | Largest CIDR Classless Inter-Domain Routing Classless Inter-Domain Routing is a method for allocating IP addresses and routing Internet Protocol packets. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture of classful network design in the Internet... block |
---|---|---|---|---|
24-bit block | 10.0.0.0–10.255.255.255 | Single Class A | 10.0.0.0/8 | |
20-bit block | 172.16.0.0–172.31.255.255 | Contiguous range of 16 Class B blocks | 172.16.0.0/12 | |
16-bit block | 192.168.0.0–192.168.255.255 | Contiguous range of 256 Class C blocks | 192.168.0.0/16 |
Virtual private networks
Packets with a private destination address are ignored by all public routers. Therefore, it is not possible to communicate directly between two private networks (e.g., two branch offices) via the public Internet. This requires the use of IP tunnel
IP tunnel
An IP tunnel is an Internet Protocol network communications channel between two networks. It is used to transport another network protocol by encapsulation of its packets....
s or a virtual private network
Virtual private network
A virtual private network is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network....
(VPN).
VPNs establish tunneling connections across the public network such that the endpoints of the tunnel function as routers for packets from the private network. In this routing function the host encapsulates packets in a protocol layer with packet headers acceptable in the public network so that they may be delivered to the opposing tunnel end point where the additional protocol layer is removed and the packet is delivered locally to its intended destination.
Optionally, encapsulated packets may be encrypted to secure the data while it travels over the public network.
Link-local addressing
RFC 5735 defines an address block, 169.254.0.0/16, for the special use in link-local addressing. These addresses are only valid on the link, such as a local network segment or point-to-point connection, that a host is connected to. These addresses are not routable and like private addresses cannot be the source or destination of packets traversing the Internet. Link-local addresses are primarily used for address autoconfiguration (ZeroconfZeroconf
Zero configuration networking , is a set of techniques that automatically creates a usable Internet Protocol network without manual operator intervention or special configuration servers....
) when a host cannot obtain an IP address from a DHCP server or other internal configuration methods.
When the address block was reserved, no standards existed for mechanisms of address autoconfiguration. Filling the void, Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
created an implementation called Automatic Private IP Addressing (APIPA). Due to Microsoft's market power, APIPA has been deployed on millions of machines and has, thus, become a de facto
De facto
De facto is a Latin expression that means "concerning fact." In law, it often means "in practice but not necessarily ordained by law" or "in practice or actuality, but not officially established." It is commonly used in contrast to de jure when referring to matters of law, governance, or...
standard in the industry. Many years later, the IETF defined a formal standard for this functionality, RFC 3927, entitled Dynamic Configuration of IPv4 Link-Local Addresses.
Localhost
The address range 127.0.0.0–127.255.255.255 (127.0.0.0/8 in CIDR notationCIDR notation
CIDR notation is a compact specification of an Internet Protocol address and its associated routing prefix. Classless Inter-Domain Routing is an Internet Protocol address allocation and route aggregation methodology used within the Internet addressing architecture that replaced the IPv4 classful...
) is reserved for localhost
Localhost
In computer networking, localhost is the standard hostname given to the address of the loopback network interface. The name is also a reserved top-level domain name In computer networking, localhost (meaning this computer) is the standard hostname given to the address of the loopback network...
communication.
Addresses within this range should never appear outside a host computer and packets sent to this address are returned as incoming packets on the same virtual network device (known as loopback
Loopback
Loopback describes ways of routing electronic signals, digital data streams, or flows of items from their originating facility back to the source without intentional processing or modification...
).
Addresses ending in 0 or 255
Networks with subnet masks of at least 24 bits, i.e. Class C networks in classful networking, and networks with CIDR prefixes /24 to /32 (255.255.255.0–255.255.255.255) may not have an address ending in 0 or 255.Classful addressing prescribed only three possible subnet masks: Class A, 255.0.0.0 or /8; Class B, 255.255.0.0 or /16; and Class C, 255.255.255.0 or /24. For example, in the subnet 192.168.5.0/255.255.255.0 (192.168.5.0/24) the identifier 192.168.5.0 commonly is used to refer to the entire subnet. To avoid ambiguity in representation, the address ending in the octet 0 is reserved.
A broadcast address
Broadcast address
A broadcast address is a logical address at which all devices connected to a multiple-access communications network are enabled to receive datagrams...
is an address that allows information to be sent to all interfaces in a given subnet, rather than a specific machine. Generally, the broadcast address is found by obtaining the bit complement of the subnet mask and performing a bitwise OR operation with the network identifier. In other words, the broadcast address is the last address in the address range of the subnet. For example, the broadcast address for the network 192.168.5.0 is 192.168.5.255. For networks of size /24 or larger, the broadcast address always ends in 255.
However, this does not mean that every address ending in 0 or 255 cannot be used as a host address. For example, in the case of a /16 subnet 192.168.0.0/255.255.0.0, equivalent to the address range 192.168.0.0–192.168.255.255, the broadcast address is 192.168.255.255. However, one may assign 192.168.1.255, 192.168.2.255, etc. 192.168.0.0 is the network identifier which should not be assigned to an interface,, but 192.168.1.0, 192.168.2.0, etc. may be assigned.
In the past, conflict between network addresses and broadcast addresses arose because some software used non-standard broadcast addresses with zeros instead of ones.
In networks smaller than /24, broadcast addresses do not necessarily end with 255. For example, a CIDR subnet 203.0.113.16/28 has the broadcast address 203.0.113.31.
Address resolution
Hosts on the InternetInternet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
are usually known by names, e.g., www.example.com, not primarily by their IP address, which is used for routing and network interface identification. The use of domain names requires translating, called resolving, them to addresses and vice versa.
The translation between addresses and domain names is performed by the Domain Name System
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
(DNS), a hierarchical, distributed naming system which allows for subdelegation of name spaces to other DNS servers. DNS is often described in analogy to the telephone system directory information systems in which subscriber names are translated to telephone numbers.
Address space exhaustion
Since the 1980s it was apparent that the pool of available IPv4 addresses was depleted at a rate that was not initially anticipated in the original design of the network address system. The apparent threat of exhaustion was the motivation for remedial technologies, such as the introduction of classful networkClassful network
A classful network is a network addressing architecture used in the Internet from 1981 until the introduction of Classless Inter-Domain Routing in 1993. The method divides the address space for Internet Protocol Version 4 into five address classes. Each class, coded in the first four bits of the...
s, the creation of Classless Inter-Domain Routing
Classless Inter-Domain Routing
Classless Inter-Domain Routing is a method for allocating IP addresses and routing Internet Protocol packets. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture of classful network design in the Internet...
(CIDR) methods, and network address translation
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
(NAT), and finally for the redesign of the Internet Protocol, based on a larger address format (IPv6
IPv6
Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...
).
Several market forces have driven the acceleration of IPv4 address exhaustion:
- Rapidly growing number of Internet users
- Always-on devices — ADSLAsymmetric Digital Subscriber LineAsymmetric digital subscriber line is a type of digital subscriber line technology, a data communications technology that enables faster data transmission over copper telephone lines than a conventional voiceband modem can provide. It does this by utilizing frequencies that are not used by a voice...
modems, cable modemCable modemA cable modem is a type of network bridge and modem that provides bi-directional data communication via radio frequency channels on a HFC and RFoG infrastructure. Cable modems are primarily used to deliver broadband Internet access in the form of cable Internet, taking advantage of the high...
s - Mobile devices — laptop computers, PDAPersonal digital assistantA personal digital assistant , also known as a palmtop computer, or personal data assistant, is a mobile device that functions as a personal information manager. Current PDAs often have the ability to connect to the Internet...
s, mobile phoneMobile phoneA mobile phone is a device which can make and receive telephone calls over a radio link whilst moving around a wide geographic area. It does so by connecting to a cellular network provided by a mobile network operator...
s
A variety of technologies introduced during the growth of the Internet have been applied to mitigate IPv4 address exhaustion and its effects, such as:
- Network address translationNetwork address translationIn computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
(NAT) is a technology that masquerades an entire, private network with a single public IP address, permitting the use of private addresses within the private network. - Use of private networkPrivate networkIn the Internet addressing architecture, a private network is a network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks , when globally routable addresses are not...
s - Dynamic Host Configuration ProtocolDynamic Host Configuration ProtocolThe Dynamic Host Configuration Protocol is a network configuration protocol for hosts on Internet Protocol networks. Computers that are connected to IP networks must be configured before they can communicate with other hosts. The most essential information needed is an IP address, and a default...
(DHCP) - Name-based virtual hostingVirtual hostingVirtual hosting is a method for hosting multiple domain names on a server using a single IP address. This allows one server to share its resources, such as memory and processor cycles, in order to use its resources more efficiently....
of web sites - Tighter control by regional Internet registriesRegional Internet RegistryA regional Internet registry is an organization that manages the allocation and registration of Internet number resources within a particular region of the world...
over the allocation of addresses to local Internet registries - Network renumbering to reclaim large blocks of address space allocated in the early days of the Internet
The primary address pool of the Internet, maintained by IANA, was exhausted on 3 February 2011 when the last 5 blocks were allocated to the 5 RIRs. APNIC
Asia-Pacific Network Information Centre
The Asia Pacific Network Information Centre is the Regional Internet Registry for the Asia Pacific region.APNIC provides number resource allocation and registration services that support the global operation of the Internet...
was the first RIR to exhaust its regional pool on 15 April 2011, except for a small amount of address space reserved for the transition to IPv6, which will be allocated under a much more restricted policy.
The accepted and standardized solution is the migration to Internet Protocol Version 6
IPv6
Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...
. The address size was increased in IPv6 to 128 bits, providing a vastly increased address space that also allows improved route aggregation across the Internet and offers large subnetwork allocations of a minimum of 264 host addresses to end-users. Migration to IPv6 is in progress but completion is expected to take considerable time.
The IPv4 packet header consists of 14 fields, of which 13 are required. The 14th field is optional (red background in table) and aptly named: options. The fields in the header are packed with the most significant byte first (big endian
Endianness
In computing, the term endian or endianness refers to the ordering of individually addressable sub-components within the representation of a larger data item as stored in external memory . Each sub-component in the representation has a unique degree of significance, like the place value of digits...
), and for the diagram and discussion, the most significant bits are considered to come first (MSB 0 bit numbering). The most significant bit is numbered 0, so the version field is actually found in the four most significant bits of the first byte, for example.
bit offset | 0–3 | 4–7 | 8–13 | 14-15 | 16–18 | 19–31 | ||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
0 | Version | Header Length | Differentiated Services Differentiated services Differentiated Services or DiffServ is a computer networking architecture that specifies a simple, scalable and coarse-grained mechanism for classifying and managing network traffic and providing Quality of Service on modern IP networks... Code Point |
Explicit Congestion Notification Explicit Congestion Notification Explicit Congestion Notification is an extension to the Internet Protocol and to the Transmission Control Protocol and is defined in RFC 3168 . ECN allows end-to-end notification of network congestion without dropping packets. ECN is an optional feature that is only used when both endpoints... |
Total Length | |||||||||||||||||||||||||||
32 | Identification | Flags | Fragment Offset | |||||||||||||||||||||||||||||
64 | Time to Live | Protocol | Header Checksum | |||||||||||||||||||||||||||||
96 | Source IP Address | |||||||||||||||||||||||||||||||
128 | Destination IP Address | |||||||||||||||||||||||||||||||
160 | Options ( if Header Length > 5 ) | |||||||||||||||||||||||||||||||
160 or 192+ |
Data |
Version : The first header field in an IP packet is the four-bit version field. For IPv4, this has a value of 4 (hence the name IPv4).
Internet Header Length (IHL) : The second field (4 bits) is the Internet Header Length (IHL) telling the number of 32-bit words in the header. Since an IPv4 header may contain a variable number of options, this field specifies the size of the header (this also coincides with the offset to the data). The minimum value for this field is 5 (RFC 791), which is a length of 5×32 = 160 bits = 20 bytes. Being a 4-bit value, the maximum length is 15 words (15×32 bits) or 480 bits = 60 bytes.
Differentiated Services Code Point (DSCP)
- Originally defined as the Type of ServiceType of ServiceThe type of service field in the IPv4 header has had various purposes over the years, and has been defined in different ways by five RFCs...
field, this field is now defined by RFC 2474 for Differentiated servicesDifferentiated servicesDifferentiated Services or DiffServ is a computer networking architecture that specifies a simple, scalable and coarse-grained mechanism for classifying and managing network traffic and providing Quality of Service on modern IP networks...
(DiffServ). New technologies are emerging that require real-time data streaming and therefore make use of the DSCP field. An example is Voice over IPVoice over IPVoice over Internet Protocol is a family of technologies, methodologies, communication protocols, and transmission techniques for the delivery of voice communications and multimedia sessions over Internet Protocol networks, such as the Internet...
(VoIP) that is used for interactive data voice exchange.
Explicit Congestion Notification (ECN) : Defined in RFC 3168 and allows end-to-end notification of network congestion
Network congestion
In data networking and queueing theory, network congestion occurs when a link or node is carrying so much data that its quality of service deteriorates. Typical effects include queueing delay, packet loss or the blocking of new connections...
without dropping packets. ECN is an optional feature that is only used when both endpoints support it and are willing to use it. It is only effective when supported by the underlying network.
Total Length : This 16-bit field defines the entire datagram size, including header and data, in bytes. The minimum-length datagram is 20 bytes (20-byte header + 0 bytes data) and the maximum is 65,535 bytes — the maximum value of a 16-bit word. The minimum size datagram that any host is required to be able to handle is 576 bytes, but most modern hosts handle much larger packets. Sometimes subnetwork
Subnetwork
A subnetwork, or subnet, is a logically visible subdivision of an IP network. The practice of dividing a network into subnetworks is called subnetting....
s impose further restrictions on the size, in which case datagrams must be fragmented. Fragmentation is handled in either the host or packet switch in IPv4.
Identification : This field is an identification field and is primarily used for uniquely identifying fragments of an original IP datagram. Some experimental work has suggested using the ID field for other purposes, such as for adding packet-tracing information to datagrams in order to help trace back datagrams with spoofed source addresses.
Flags : A three-bit field follows and is used to control or identify fragments. They are (in order, from high order to low order):
- bit 0: Reserved; must be zero.As an April Fools' joke, proposed for use in RFC 3514 as the "Evil bitEvil bitThe evil bit is a fictional IPv4 packet header field proposed in RFC 3514, a humorous April Fools' Day RFC from 2003 authored by Steve Bellovin. The RFC recommended that the last remaining unused bit in the IPv4 packet header be used to indicate whether a packet had been sent with malicious intent,...
". - bit 1: Don't Fragment (DF)
- bit 2: More Fragments (MF)
- If the DF flag is set and fragmentation is required to route the packet then the packet is dropped. This can be used when sending packets to a host that does not have sufficient resources to handle fragmentation. It can also be used for Path MTU DiscoveryPath MTU discoveryPath MTU Discovery is a standardized technique in computer networking for determining the maximum transmission unit size on the network path between two Internet Protocol hosts, usually with the goal of avoiding IP fragmentation...
, either automatically by the host IP software, or manually using diagnostic tools such as pingPingPing is a computer network administration utility used to test the reachability of a host on an Internet Protocol network and to measure the round-trip time for messages sent from the originating host to a destination computer...
or tracerouteTraceroutetraceroute is a computer network diagnostic tool for displaying the route and measuring transit delays of packets across an Internet Protocol network. Traceroute is available on most operating systems....
. - For unfragmented packets, the MF flag is cleared. For fragmented packets, all fragments except the last have the MF flag set. The last fragment has a non-zero Fragment Offset field, differentiating it from an unfragmented packet.
Fragment Offset : The fragment offset field, measured in units of eight-byte blocks, is 13 bits long and specifies the offset of a particular fragment relative to the beginning of the original unfragmented IP datagram. The first fragment has an offset of zero. This allows a maximum offset of (213 – 1) × 8 = 65,528 bytes which would exceed the maximum IP packet length of 65,535 bytes with the header length included (65,528 + 20 = 65,548 bytes).
Time To Live (TTL) : An eight-bit time to live
Time to live
Time to live is a mechanism that limits the lifespan of data in a computer or network. TTL may be implemented as a counter or timestamp attached to or embedded in the data. Once the prescribed event count or timespan has elapsed, data is discarded. In computer networking, TTL prevents a data...
field helps prevent datagrams from persisting (e.g. going in circles) on an internet. This field limits a datagram's lifetime. It is specified in seconds, but time intervals less than 1 second are rounded up to 1. In latencies typical in practice, it has come to be a hop count
Hop count
In computer networking, hop count refers to the number of routers through which data must pass between source and destination. Each router along the data path constitutes a hop, as the data is moved from one Layer 3 network to another...
field. Each router that a datagram crosses decrements the TTL field by one. When the TTL field hits zero, the packet is no longer forwarded by a packet switch and is discarded. Typically, an ICMP Time Exceeded
ICMP Time Exceeded
The Time Exceeded Message is an ICMP message which is generated by a gateway to inform the source of a discarded datagram due to the time to live field reaching zero...
message is sent back to the sender to inform it that the packet has been discarded. The reception of these ICMP messages is at the heart of how traceroute
Traceroute
traceroute is a computer network diagnostic tool for displaying the route and measuring transit delays of packets across an Internet Protocol network. Traceroute is available on most operating systems....
works.
Protocol : This field defines the protocol used in the data portion of the IP datagram. The Internet Assigned Numbers Authority
Internet Assigned Numbers Authority
The Internet Assigned Numbers Authority is the entity that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System , media types, and other Internet Protocol-related symbols and numbers...
maintains a list of IP protocol numbers which was originally defined in RFC 790.
Header Checksum : The 16-bit checksum
Checksum
A checksum or hash sum is a fixed-size datum computed from an arbitrary block of digital data for the purpose of detecting accidental errors that may have been introduced during its transmission or storage. The integrity of the data can be checked at any later time by recomputing the checksum and...
field is used for error-checking of the header. At each hop, the checksum of the header must be compared to the value of this field. If a header checksum is found to be mismatched, then the packet is discarded. Errors in the data field must be handled by the encapsulated protocol and both UDP
User Datagram Protocol
The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
and TCP
Transmission Control Protocol
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
have checksum fields.
- As the TTL field is decremented on each hop, a new checksum must be computed each time. The method used to compute the checksum is defined by RFC 1071:
- The checksum field is the 16-bit one's complement of the one's complement sum of all 16-bit words in the header. For purposes of computing the checksum, the value of the checksum field is zero.
- For example, use Hex 4500003044224000800600008c7c19acae241e2b (20 bytes IP header):
- 4500 + 0030 + 4422 + 4000 + 8006 + 0000 + 8c7c + 19ac + ae24 + 1e2b = 2BBCF
- 2 + BBCF = BBD1 = 1011101111010001, the 1'S of sum = 0100010000101110 = 442E
- To validate a header's checksum the same algorithm may be used - the checksum of a header which contains a correct checksum field is a word containing all zeros (value 0):
- 2BBCF + 442E = 2FFFD. 2 + FFFD = FFFF. the 1'S of FFFF = 0.
Source address : An IPv4 address indicating the sender of the packet. Note that this address may be changed in transit by a network address translation
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
device.
Destination address : An IPv4 address indicating the receiver of the packet. As with the Source address, this may be changed in transit by a network address translation
Network address translation
In computer networking, network address translation is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device....
device.
Options : Additional header fields may follow the destination address field, but these are not often used. Note that the value in the IHL field must include enough extra 32-bit words to hold all the options (plus any padding needed to ensure that the header contains an integral number of 32-bit words). The list of options may be terminated with an EOL (End of Options List, 0x00) option; this is only necessary if the end of the options would not otherwise coincide with the end of the header. The possible options that can be put in the header are as follows:
Field | Size (bits) | Description |
---|---|---|
Copied | 1 | Set to 1 if the options need to be copied into all fragments of a fragmented packet. |
Option Class | 2 | A general options category. 0 is for "control" options, and 2 is for "debugging and measurement". 1, and 3 are reserved. |
Option Number | 5 | Specifies an option. |
Option Length | 8 | Indicates the size of the entire option (including this field). This field may not exist for simple options. |
Option Data | Variable | Option-specific data. This field may not exist for simple options. |
- Note: If the header length is greater than 5, i.e. it is from 6 to 15, it means that the options field is present and must be considered.
- Note: Copied, Option Class, and Option Number are sometimes referred to as a single eight-bit field - the Option Type.
- The use of the LSRR and SSRR options (Loose and Strict Source and Record Route) is discouraged because they create security concerns; many routers block packets containing these options.
Data
The data portion of the packet is not included in the packet checksum. Its contents are interpreted based on the value of the Protocol header field.In a typical IP implementation, standard protocols such as TCP and UDP are implemented in the OS kernel
Kernel (computing)
In computing, the kernel is the main component of most computer operating systems; it is a bridge between applications and the actual data processing done at the hardware level. The kernel's responsibilities include managing the system's resources...
for performance reasons. Other protocols such as ICMP may be partially implemented by the kernel, or implemented purely in user software. Protocols not implemented in-kernel, and not exposed by standard APIs such as BSD sockets
Berkeley sockets
The Berkeley sockets application programming interface comprises a library for developing applications in the C programming language that perform inter-process communication, most commonly for communications across a computer network....
, are typically implemented using a 'raw socket
Raw socket
In computer networking, a raw socket is a socket that allows direct sending and receiving of network packets by applications, bypassing all encapsulation in the networking software of the operating system. Most socket application programming interfaces , especially those based on Berkeley sockets,...
' API.
Some of the common protocols for the data portion are listed below:
Protocol Number | Protocol Name | Abbreviation |
---|---|---|
1 | Internet Control Message Protocol Internet Control Message Protocol The Internet Control Message Protocol is one of the core protocols of the Internet Protocol Suite. It is chiefly used by the operating systems of networked computers to send error messages indicating, for example, that a requested service is not available or that a host or router could not be... |
ICMP |
2 | Internet Group Management Protocol Internet Group Management Protocol The Internet Group Management Protocol is a communications protocol used by hosts and adjacent routers on IP networks to establish multicast group memberships.... |
IGMP |
6 | Transmission Control Protocol Transmission Control Protocol The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP... |
TCP |
17 | User Datagram Protocol User Datagram Protocol The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring... |
UDP |
41 | IPv6 encapsulation | - |
89 | Open Shortest Path First Open Shortest Path First Open Shortest Path First is an adaptive routing protocol for Internet Protocol networks. It uses a link state routing algorithm and falls into the group of interior routing protocols, operating within a single autonomous system . It is defined as OSPF Version 2 in RFC 2328 for IPv4... |
OSPF |
132 | Stream Control Transmission Protocol Stream Control Transmission Protocol In computer networking, the Stream Control Transmission Protocol is a Transport Layer protocol, serving in a similar role to the popular protocols Transmission Control Protocol and User Datagram Protocol... |
SCTP |
See List of IP protocol numbers for a complete list.
Fragmentation and reassembly
The Internet Protocol is the facility in the Internet architecture that enables different networks to exchange traffic and route traffic across one another. The design accommodates networks of diverse physical nature; it is independent of the underlying transmission technology used in the Link Layer. Link Layer networks of different hardware design usually vary not only in transmission speed, but also in the structure and size of valid framing methods, characterized by the maximum transmission unit (MTU) parameter. To fulfill the role of IP to traverse networks, it was necessary to implement a mechanism to automatically adjust the size of transmission units to adapt to the underlying technology. This introduced the need for fragmentationFragmentation (computer)
In computer storage, fragmentation is a phenomenon in which storage space is used inefficiently, reducing storage capacity and in most cases reducing the performance. The term is also used to denote the wasted space itself....
of IP datagrams. In IPv4, this function was placed at the Internet Layer
Internet layer
The internet layer or IP layer is a group of internetworking methods in the Internet protocol suite, commonly also called TCP/IP, which is the foundation of the Internet...
, and is performed in IPv4 routers, which thus only require this layer as highest one implemented in their design.
In contrast, the next generation of the Internet Protocol, namely IPv6
IPv6
Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...
, does not require routers to perform fragmentation; instead, hosts must determine the path maximum transmission unit in advance of transmission and send conforming datagrams.
Fragmentation
When a device receives an IP packet it examines the destination address and determines the outgoing interface to use.This interface has an associated MTU that dictates the maximum data size for its payload.
If the data size is bigger than the MTU then the device must fragment the data.
The device then segments the data into segments where each segment is less-than-or-equal-to the MTU less the IP header size (20 bytes minimum; 60 bytes maximum).
Each segment is then put into its own IP packet with the following changes:
- The total length field is adjusted to the segment size
- The more fragments (MF) flag is set for all segments except the last one, which is set to 0
- The fragment offset field is set accordingly based on the offset of the segment in the original data payload. This is measured in units of eight-byte blocks.
- The header checksum field is recomputed.
For example, for an IP header of length 20 bytes and an Ethernet MTU of 1,500 bytes the fragment offsets would be: 0, (1480/8) = 185, (2960/8) = 370, (4440/8) = 555, (5920/8) = 740, etc.
By some chance if a packet changes link layer protocols or the MTU reduces then these fragments would be fragmented again.
For example, if a 4,500-byte data payload is inserted into an IP packet with no options (thus total length is 4,520 bytes) and is transmitted over a link with an MTU of 2,500 bytes then it will be broken up into two fragments:
# | Total length | More fragments (MF) flag set? |
Fragment offset | |
---|---|---|---|---|
Header | Data | |||
1 | 2500 | rowspan="2" | 0 | |
20 | 2480 | |||
2 | 2040 | rowspan="2" | 310 | |
20 | 2020 |
Now, let's say the MTU drops to 1,500 bytes. Each fragment will individually be split up into two more fragments each:
# | Total length | More fragments (MF) flag set? |
Fragment offset | |
---|---|---|---|---|
Header | Data | |||
1 | 1500 | rowspan="2" | 0 | |
20 | 1480 | |||
2 | 1020 | rowspan="2" | 185 | |
20 | 1000 | |||
3 | 1500 | rowspan="2" | 310 | |
20 | 1480 | |||
4 | 560 | rowspan="2" | 495 | |
20 | 540 |
Indeed, the amount of data has been preserved — 1480 + 1000 + 1480 + 540 = 4500 — and the last fragment offset (495) * 8 (bytes) plus data — 3960 + 540 = 4500 — is also the total length.
Note that fragments 3 & 4 were derived from the original fragment 2. When a device must fragment the last fragment then it must set the flag for all but the last fragment it creates (fragment 4 in this case). Last fragment would be set to 0 value.
Reassembly
When a receiver detects an IP packet where either of the following is true:- "more fragments" flag set
- "fragment offset" field is non-zero
then the receiver knows the packet is a fragment.
The receiver then stores the data with the identification field, fragment offset, and the more fragments flag.
When the receiver receives a fragment with the more fragments flag set to 0 then it knows the length of the original data payload since the fragment offset multiplied by 8 (bytes) plus the data length is equivalent to the original data payload size.
Using the example above, when the receiver receives fragment 4 the fragment offset (495 or 3960 bytes) and the data length (540 bytes) added together yield 4500 — the original data length.
Once it has all the fragments then it can reassemble the data in proper order (by using the fragment offsets) and pass it up the stack for further processing.
Assistive protocols
The Internet Protocol is the protocol that defines and enables internetworking at the Internet LayerInternet layer
The internet layer or IP layer is a group of internetworking methods in the Internet protocol suite, commonly also called TCP/IP, which is the foundation of the Internet...
and thus forms the Internet. It uses a logical addressing system. IP addresses are not tied in any permanent manner to hardware identifications and, indeed, a network interface can have multiple IP addresses. Hosts and routers need additional mechanisms to identify the relationship between device interfaces and IP addresses, in order to properly deliver an IP packet to the destination host on a link. The Address Resolution Protocol
Address Resolution Protocol
Address Resolution Protocol is a telecommunications protocol used for resolution of network layer addresses into link layer addresses, a critical function in multiple-access networks. ARP was defined by RFC 826 in 1982. It is Internet Standard STD 37...
(ARP) performs this IP address to hardware address (MAC address
MAC address
A Media Access Control address is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used for numerous network technologies and most IEEE 802 network technologies, including Ethernet...
) translation for IPv4. In addition, the reverse correlation is often necessary. For example, when an IP host is booted or connected to a network it needs to determine its IP address, unless an address is preconfigured by an administrator. Protocols for such inverse correlations exist in the Internet Protocol Suite
Internet protocol suite
The Internet protocol suite is the set of communications protocols used for the Internet and other similar networks. It is commonly known as TCP/IP from its most important protocols: Transmission Control Protocol and Internet Protocol , which were the first networking protocols defined in this...
. Currently used methods are Dynamic Host Configuration Protocol
Dynamic Host Configuration Protocol
The Dynamic Host Configuration Protocol is a network configuration protocol for hosts on Internet Protocol networks. Computers that are connected to IP networks must be configured before they can communicate with other hosts. The most essential information needed is an IP address, and a default...
(DHCP), Bootstrap Protocol (BOOTP) and, infrequently, reverse ARP.
See also
- Classful networkClassful networkA classful network is a network addressing architecture used in the Internet from 1981 until the introduction of Classless Inter-Domain Routing in 1993. The method divides the address space for Internet Protocol Version 4 into five address classes. Each class, coded in the first four bits of the...
- Classless Inter-Domain RoutingClassless Inter-Domain RoutingClassless Inter-Domain Routing is a method for allocating IP addresses and routing Internet Protocol packets. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture of classful network design in the Internet...
- Internet Assigned Numbers AuthorityInternet Assigned Numbers AuthorityThe Internet Assigned Numbers Authority is the entity that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System , media types, and other Internet Protocol-related symbols and numbers...
- IPv6IPv6Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...
- List of assigned /8 IPv4 address blocks
- List of IP protocol numbers
- Regional Internet RegistryRegional Internet RegistryA regional Internet registry is an organization that manages the allocation and registration of Internet number resources within a particular region of the world...
External links
- RFC 791 — Internet Protocol
- http://www.iana.org — Internet Assigned Numbers Authority (IANA)
- http://www.networksorcery.com/enp/protocol/ip.htm — IP Header Breakdown, including specific options
- RFC 3344 — IPv4 Mobility
- IPv6 vs. carrier-grade NAT/squeezing more out of IPv4
Address exhaustion:
- RIPE report on address consumption as of October 2003
- Official current state of IPv4 /8 allocations, as maintained by IANA
- Dynamically generated graphs of IPv4 address consumption with predictions of exhaustion dates — Geoff Huston
- IP addressing in China and the myth of address shortage
- Countdown of remaining IPv4 available addresses (estimated)