Sep 17, 2020



What is packet

Every packet in every protocol has Header (control information) and Payload (user data) structure. The header has a protocol-specific structure: this ensures that the receiving host can correctly interpret the payload and handle the communication. The payload is the actual information. It could be something like part of an email message or the content of a file during a download.

IPv4 protocol header is at least 160 bits (20 bytes) long, and it includes 14 fields, of which 13 are required. Last field, called options is optional. IPv4 packet - Wikipedia Source: Wikipedia, author MichelBakni

Using the information in the header, the nodes involved in the communication can understand and use IP packets.

Protocol layers

Most of the time, when people talk about layers, they think about OSI model. OSI model promoted the idea of a consistent model of protocol layers, defining interoperability between network devices and software. Based on that we can think about seven layers (more here). What we need to know is, that each protocol has header and payload. It goes from top to bottom. Every next layer is encapsulating the layer before in the form of payload.


If we look from 10.000 foot perspective, we can see only data packet. However, if we look at this closer, it's starting showing some interesting properties. Every layer contains paylod in a form of header+payload from previous layer. It means, that at the lowest level, we're looking at

(header + (header + (header + (header + payload))))

This kind of behavior happens to every packet sent by host. On the other side of pipeline, receiving host, needs to unpack all the information, with regards to correct layers.

Internet Protocol (IP)

IP Address

IPv4 Address

IPv4 address consists of 4 bytes (octets). A dot delimits every octet in the address. Each byte (2^8) can represent value 0 to 255.

Special use IPv4 addresses

RFC5735 describes IPv4 addresses, which cannot be assigned to host, due to its special use case. Common addresses, that are in use:    <-- host loopback address. <-- communication between hosts, without DHCP server cannot be found. <-- private networks.

Network classes

Internet addresses are allocated by the InterNIC organization. The most common classes are A, B and C. D and E exist, but are not used by end users. Each of classes has different default subnet mask.

  • Class A: uses (CIDR /8) and have 0-127 as first octet,
  • Class B: uses (CIDR /16) and have 128-191 as first octet,
  • Class C: uses (CIDR /24) and have 192-223 as first octet.
  • Class D: range 224-239 as first octet, used for multicasting
  • Class E: range 240-255 as first octet, not available for general use, reserved for research purposes.


Subnet with all zeros is reserved for the referring to the network itself, while last address, all ones is used as broadcast address for the network. It means, that from network, two addresses are unavailable. In the world of CIDR, /31 and /32, would be unusable, due to above requirement. That's why RFC3021 created an exception. Network /31 is usable for point-to-point links, while /32 (single-host network) must be accessed by explicit routing rules, as there is no room in such a network for a gateway.


RFC3513 (obsolete now) and RFC4291 describes IPv6 addressing architecture. This version allows to address 2^128 devices (approximately 3.4*10^38). It's been introduced in December 1995, but still majority of Internet relies on IPv4. IPv6 is divided into two parts (each 64 bits): network identifier and interface identifier. Furthermore, the first 64 bits ends with a dedicated 16-bits space that can be used only for specifying a subnet.

Additional resources