IPv4 explained

Explicit Congestion Notification

This 16-bit field defines the entire packet size in bytes, including header and data. The minimum size is 20 bytes (header without data) and the maximum is 65,535 bytes. All hosts are required to be able to reassemble datagrams of size up to 576 bytes, but most modern hosts handle much larger packets. Links may impose further restrictions on the packet size, in which case datagrams must be fragmented. Fragmentation in IPv4 is performed in either the sending host or in routers. Reassembly is performed at the receiving host.

This field is an identification field and is primarily used for uniquely identifying the group of fragments of a single IP datagram. Some experimental work has suggested using the ID field for other purposes, such as for adding packet-tracing information to help trace datagrams with spoofed source addresses,^[15] but any such use is now prohibited.

A three-bit field follows and is used to control or identify fragments. They are (in order, from most significant to least significant):

• bit 0: Reserved; must be zero.

• bit 1: Don't Fragment (DF)

• bit 2: More Fragments (MF)

If the DF flag is set, and fragmentation is required to route the packet, then the packet is dropped. This can be used when sending packets to a host that does not have resources to perform reassembly of fragments. It can also be used for path MTU discovery, either automatically by the host IP software, or manually using diagnostic tools such as ping or traceroute.

For unfragmented packets, the MF flag is cleared. For fragmented packets, all fragments except the last have the MF flag set. The last fragment has a non-zero Fragment Offset field, differentiating it from an unfragmented packet.

This field specifies the offset of a particular fragment relative to the beginning of the original unfragmented IP datagram. The fragmentation offset value for the first fragment is always 0. The field is 13 bits wide, so that the offset can be from 0 to 8191 (from (2⁰ – 1) to (2¹³ – 1)). Fragments are specified in units of 8 bytes, which is why fragment length must be a multiple of 8.^[16] Therefore, the 13-bit field allows a maximum offset of (2¹³ – 1) × 8 = 65,528 bytes, with the header length included (65,528 + 20 = 65,548 bytes), supporting fragmentation of packets exceeding the maximum IP length of 65,535 bytes.

An eight-bit time to live field limits a datagram's lifetime to prevent network failure in the event of a routing loop. It is specified in seconds, but time intervals less than 1 second are rounded up to 1. In practice, the field is used as a hop count—when the datagram arrives at a router, the router decrements the TTL field by one. When the TTL field hits zero, the router discards the packet and typically sends an ICMP time exceeded message to the sender.

This field defines the protocol used in the data portion of the IP datagram. IANA maintains a list of IP protocol numbers.

The 16-bit IPv4 header checksum field is used for error checking of the header. When a packet arrives at a router or its destination, the network device calculates the checksum of the header including the checksum field. A value of 0xFFFF is expected. If a different result is obtained, the device discards the packet. Errors in the data portion of the packet are handled separately by the encapsulated protocol. Both UDP and TCP have separate checksums that apply to their data.

This 32-bit field is the IPv4 address of the sender of the packet. It may be changed in transit by network address translation (NAT).

This 32-bit field is the IPv4 address of the receiver of the packet. It may be affected by NAT.

The options field is not often used. Packets containing some options may be considered as dangerous by some routers and be blocked.^[17] The value in the IHL field must include sufficient extra 32-bit words to hold all options and any padding needed to ensure that the header contains an integral number of 32-bit words. If IHL is greater than 5 (i.e., it is from 6 to 15) it means that the options field is present and must be considered. The list of options may be terminated with the option EOOL (End of Options List, 0x00); this is only necessary if the end of the options would not otherwise coincide with the end of the header.

The table below shows the defined options for IPv4. The Option Type column is derived from the Copied, Option Class, and Option Number bits as defined above.^[18]

Data

The packet payload is not included in the checksum. Its contents are interpreted based on the value of the Protocol header field.

List of IP protocol numbers contains a complete list of payload protocol types. Some of the common payload protocols include:

Fragmentation and reassembly

See main article: IP fragmentation. The Internet Protocol enables traffic between networks. The design accommodates networks of diverse physical nature; it is independent of the underlying transmission technology used in the link layer. Networks with different hardware usually vary not only in transmission speed, but also in the maximum transmission unit (MTU). When one network wants to transmit datagrams to a network with a smaller MTU, it may fragment its datagrams. In IPv4, this function was placed at the Internet Layer and is performed in IPv4 routers limiting exposure to these issues by hosts.

In contrast, IPv6, the next generation of the Internet Protocol, does not allow routers to perform fragmentation; hosts must perform Path MTU Discovery before sending datagrams.

Fragmentation

When a router receives a packet, it examines the destination address and determines the outgoing interface to use and that interface's MTU. If the packet size is bigger than the MTU, and the Do not Fragment (DF) bit in the packet's header is set to 0, then the router may fragment the packet.

The router divides the packet into fragments. The maximum size of each fragment is the outgoing MTU minus the IP header size (20 bytes minimum; 60 bytes maximum). The router puts each fragment into its own packet, each fragment packet having the following changes:

• The total length field is the fragment size.
• The more fragments (MF) flag is set for all fragments except the last one, which is set to 0.
• The fragment offset field is set, based on the offset of the fragment in the original data payload. This is measured in units of 8-byte blocks.
• The header checksum field is recomputed.

For example, for an MTU of 1,500 bytes and a header size of 20 bytes, the fragment offsets would be multiples of

It is possible that a packet is fragmented at one router, and that the fragments are further fragmented at another router. For example, a packet of 4,520 bytes, including a 20 bytes IP header is fragmented to two packets on a link with an MTU of 2,500 bytes:

The total data size is preserved: 2,480 bytes + 2,020 bytes = 4,500 bytes. The offsets are

When forwarded to a link with an MTU of 1,500 bytes, each fragment is fragmented into two fragments:

Again, the data size is preserved: 1,480 + 1,000 = 2,480, and 1,480 + 540 = 2,020.

Also in this case, the More Fragments bit remains 1 for all the fragments that came with 1 in them and for the last fragment that arrives, it works as usual, that is the MF bit is set to 0 only in the last one. And of course, the Identification field continues to have the same value in all re-fragmented fragments. This way, even if fragments are re-fragmented, the receiver knows they have initially all started from the same packet.

The last offset and last data size are used to calculate the total data size:

Reassembly

A receiver knows that a packet is a fragment, if at least one of the following conditions is true:

• The flag more fragments is set, which is true for all fragments except the last.
• The field fragment offset is nonzero, which is true for all fragments except the first.

The receiver identifies matching fragments using the source and destination addresses, the protocol ID, and the identification field. The receiver reassembles the data from fragments with the same ID using both the fragment offset and the more fragments flag. When the receiver receives the last fragment, which has the more fragments flag set to 0, it can calculate the size of the original data payload, by multiplying the last fragment's offset by eight and adding the last fragment's data size. In the given example, this calculation was

Assistive protocols

IP addresses are not tied in any permanent manner to networking hardware and, indeed, in modern operating systems, a network interface can have multiple IP addresses. In order to properly deliver an IP packet to the destination host on a link, hosts and routers need additional mechanisms to make an association between the hardware address of network interfaces and IP addresses. The Address Resolution Protocol (ARP) performs this IP-address-to-hardware-address translation for IPv4. In addition, the reverse correlation is often necessary. For example, unless an address is preconfigured by an administrator, when an IP host is booted or connected to a network it needs to determine its IP address. Protocols for such reverse correlations include Dynamic Host Configuration Protocol (DHCP), Bootstrap Protocol (BOOTP) and, infrequently, reverse ARP.

See also

• History of the Internet
• List of assigned /8 IPv4 address blocks

External links

• Internet Assigned Numbers Authority (IANA)
• IP, Internet Protocol — IP Header Breakdown, including specific options
• 3344. IP Mobility Support for IPv4.
• Official current state of IPv4/8 allocations, as maintained by IANA

Notes and References

1. Web site: BGP Analysis Reports . 2013-01-09 . BGP Reports . en-US.
2. Web site: IPv6 – Google. 2022-01-28. www.google.com.
3. Web site: IANA IPv4 Special-Purpose Address Registry. 2022-01-28. www.iana.org.
4. Web site: Davis . Lidija . Vint Cerf - We Still Have 80 Per Cent of the World to Connect . 2024-05-10 . The New York Times.
5. Web site: A Brief History of IPv4. 2020-08-19. IPv4 Market Group. en.
6. Web site: Understanding IP Addressing: Everything You Ever Wanted To Know. https://web.archive.org/web/20010616012053/http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf. June 16, 2001. 3Com. dead.
7. Internet Engineering Task Force. Almquist. Philip. Kastenholz. Frank. December 1993. Towards Requirements for IP Routers.
8. Web site: Understanding and Configuring the ip unnumbered Command. 2021-11-25. Cisco. en.
9. Web site: World 'running out of Internet addresses'. 2011-01-23. dead. https://web.archive.org/web/20110125195711/http://technology.inquirer.net/infotech/infotech/view/20110121-315808/World-running-out-of-Internet-addresses. 2011-01-25.
10. Web site: Free Pool of IPv4 Address Space Depleted. Smith. Lucie. Lipner, Ian. 3 February 2011. Number Resource Organization. 3 February 2011.
11. Web site: Five /8s allocated to RIRs – no unallocated IPv4 unicast /8s remain. ICANN,nanog mailing list.
12. Web site: APNIC IPv4 Address Pool Reaches Final /8. 15 April 2011. Asia-Pacific Network Information Centre. 15 April 2011. dead. https://web.archive.org/web/20110807162057/http://www.apnic.net/publications/news/2011/final-8. 7 August 2011.
13. Book: 2016 IEEE International Conference on Emerging Technologies and Innovative Business Practices for the Transformation of Societies (EmergiTech). University of Technology, Mauritius, Institute of Electrical and Electronics Engineers. August 2016. 9781509007066. Piscataway, NJ. 972636788.
14. Technical Criteria for Choosing IP The Next Generation (IPng). 1726. 6.2. 6.2 IP Header Checksum. 26. Partridge. C.. Kastenholz. F.. December 1994.
15. Savage. Stefan. Practical network support for IP traceback. ACM SIGCOMM Computer Communication Review. 2000. 30. 4. 295–306. 10.1145/347057.347560. free.
16. Web site: Bhardwaj . Rashmi . 2020-06-04 . Fragment Offset - IP With Ease . 2022-11-21 . ipwithease.com . en-US.
17. Web site: Cisco unofficial FAQ. 2012-05-10.
18. Web site: Internet Protocol Version 4 (IPv4) Parameters.