November 26th, 2001, 08:21 PM
Tutorial: IP header explained
Over the internet, data is send trough packets. If you are new to this term, you might want to look at Warriors of the Net - a movie made by Ericsson, explaining how data is send over the internet in a simplified way.
Each of these packets have a header, telling the routers on the internet how and where this packet has to go. You could compare the header with an adress you write on a letter, telling the mailman where it has to go.
In this tutorial, I will show you how this header is constructed.
Typically, a header consists of 32-bits words, or 'groups of 4 bytes,' as shown by the image.
This field indicates the IP-version used for this packet. Typically 4.
This indicates the length of the header of this packets.
Type of Service
These are rarely used. If one or more of these bits are set, they indicate how routers should handle this packet.
Total length of packet
What it sais: the total lengt of the packet, including this header and including the data sent.
A number identifiing this packet. Numbering packets is usefull when fragmenting packets. See Fragmentation Offset.
The first of these bits is reserved for future use. For now, it should be set to 0.
The second bit indicates wether this packet may be fragmented by the router (0) or not (1).
The third bit tells the receiver wether this was the last fragment of the packet (0) or not (1).
If the total lengt is to large for a network to handle, it is divided into smaller packets. These packets all have the same identification number. If, for example, a packet 150 bytes large is send, but the network can only handle packets with a maximum size of 100 bytes, the original packet is fragmented in two others: the first will be 100 bytes large and will have a fragmentation offset of 0 (first fragment). The second will be 50 bytes long, and will have an offset of 50. Furthermore, it will have set its third Flag, telling the receiver this is the last fragment of the packet. Now, the receiver can completely reconstruct the original packet.
Time to Live
This is used to make sure no packet will wander through the internet for eternity. Each router that handles this packet, will deduct at least 1 from the Time to Live value. If a router receives a packet with a TTL of 1 or 0, it will discard the package, and send a message to the source indicating that the TTL-value has reached zero. This message is used by traceroute programs: If you send out a packet to a destination, but you deliberately set the TTL-value within the packet too small, one of the routers between you and the destination will give you a reply. By adding 1 to the TTL and resending the packet, the next router on the way will send you such a message. This way, you can get messages (and thus identify) from all routers between you and the destination.
The protocol used in the packet. Typically 06 for TCP or 17 for UDP.
Before sending, the sender calculates a checksum using date from this packet. The receiver calculates this checksum again - if the value was changed, the receiver can tell that the packet was damaged during transit.
The IP-address of the sender of this packet.
The IP-address of the intended receiver.
If required, routers or gateways can define custom options here.
This space makes sure the entire header will fit nicely into 32bit words, as it is supposed to.