- Authors
- Name
- Youngju Kim
- @fjvbn20031
IP Protocol: Datagrams and Addressing
IP (Internet Protocol) is the core protocol of the Internet network layer. All Internet devices must run the IP protocol, which serves as the glue that holds the Internet together.
In this post, we examine the IPv4 datagram format, IP fragmentation, addressing systems (subnets, CIDR, DHCP), NAT, ICMP, and the emergence of IPv6 along with its transition mechanisms.
1. IPv4 Datagram Format
An IPv4 datagram consists of a header and data (payload).
IPv4 Datagram Header (20 bytes base)
======================================
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL |Type of Service| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time to Live | Protocol | Header Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination IP Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options (variable length) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Key Header Fields
| Field | Size | Description |
|---|---|---|
| Version | 4 bits | IP version (IPv4 = 4) |
| IHL | 4 bits | Header length (in 32-bit words) |
| Total Length | 16 bits | Total datagram length (bytes) |
| TTL | 8 bits | Remaining hops, discarded when 0 |
| Protocol | 8 bits | Upper layer protocol (TCP=6, UDP=17) |
| Header Checksum | 16 bits | Header error detection |
2. IP Fragmentation and Reassembly
2.1 Why Fragmentation Is Needed
Each link has an MTU (Maximum Transmission Unit) that limits the maximum frame size that can be transmitted. If an IP datagram exceeds the MTU, it must be fragmented.
IP Fragmentation Example
==========================
Original datagram: 4000 bytes (header 20 + data 3980)
Link MTU: 1500 bytes
Fragment 1: [Header 20] [Data 1480] = 1500 bytes
ID=x, MF=1, Offset=0
Fragment 2: [Header 20] [Data 1480] = 1500 bytes
ID=x, MF=1, Offset=185 (1480/8)
Fragment 3: [Header 20] [Data 1020] = 1040 bytes
ID=x, MF=0, Offset=370 (2960/8)
2.2 Reassembly
IP fragment reassembly is performed only at the final destination host, not at intermediate routers. This is because fragments may arrive via different routes.
- Identification: Identifies fragments belonging to the same original datagram
- MF (More Fragments) flag: Indicates whether more fragments follow
- Fragment Offset: Position in the original data (in 8-byte units)
3. IPv4 Addressing
3.1 Basic Structure of IP Addresses
An IPv4 address is 32 bits and expressed in dotted decimal notation.
IP Address Notation
====================
Binary: 11000000 10101000 00000001 00000001
Decimal: 192.168.1.1
32 bits = approximately 4.3 billion unique addresses
3.2 Subnets
A subnet is a network of devices that can communicate directly with each other without going through a router.
Subnet Example
================
223.1.1.0/24 Subnet
+-----------------------+
| |
223.1.1.1 223.1.1.2 223.1.1.3
[Host] [Host] [Router]
|
223.1.2.9
|
+-----------------------+
| |
223.1.2.1 223.1.2.2 223.1.2.3
223.1.2.0/24 Subnet
3.3 CIDR (Classless Inter-Domain Routing)
CIDR addresses the inefficiency of class-based addressing. It allows flexible subnet mask lengths for efficient use of address space.
CIDR Notation
===============
200.23.16.0/20
Address: 200.23.16.0
Subnet part: 200.23.0001|0000.00000000
^20 bits
Host range in this subnet:
200.23.16.0 ~ 200.23.31.255
Total 2^12 = 4096 addresses
3.4 Class-Based Addressing (Historical Reference)
Before CIDR, addresses were classified into Classes A, B, and C.
IP Address Classes
====================
Class A: 0xxxxxxx | 24-bit host (2^24 = ~16 million hosts)
Class B: 10xxxxxx xxxxxxxx | 16-bit (2^16 = 65,536 hosts)
Class C: 110xxxxx xxxxxxxx xxxxxxxx | 8-bit (2^8 = 256 hosts)
Problem: Class B is too large, Class C is too small
--> Address space waste --> CIDR introduced
4. DHCP (Dynamic Host Configuration Protocol)
4.1 Role of DHCP
DHCP automatically assigns an IP address, subnet mask, default gateway, and DNS server address to a host when it connects to a network.
4.2 DHCP Operation
DHCP operates through a 4-step process (DORA).
DHCP 4-Step Process (DORA)
============================
Client DHCP Server
| |
|--- 1. DHCP Discover (broadcast) -->|
| src: 0.0.0.0 |
| dst: 255.255.255.255 |
| |
|<-- 2. DHCP Offer ------------------|
| Offered IP: 192.168.1.100 |
| Lease time: 3600 sec |
| |
|--- 3. DHCP Request (broadcast) --->|
| Requested IP: 192.168.1.100 |
| |
|<-- 4. DHCP ACK -------------------|
| Confirmed IP: 192.168.1.100 |
| Subnet: 255.255.255.0 |
| Gateway: 192.168.1.1 |
| DNS: 8.8.8.8 |
| |
5. NAT (Network Address Translation)
5.1 Need for NAT
NAT was introduced to address IPv4 address exhaustion. With NAT, multiple internal hosts can access the Internet using a single public IP address.
5.2 How NAT Works
NAT Operation
===============
Internal Network (Private IP) NAT Router External Internet
10.0.0.0/24 138.76.29.7
[10.0.0.1:3345] ----> [138.76.29.7:5001] ----> Web Server
[10.0.0.2:2890] ----> [138.76.29.7:5002] ----> Web Server
[10.0.0.3:1789] ----> [138.76.29.7:5003] ----> Web Server
NAT Translation Table:
+-------------------+----------------------+
| WAN Side | LAN Side |
+-------------------+----------------------+
| 138.76.29.7:5001 | 10.0.0.1:3345 |
| 138.76.29.7:5002 | 10.0.0.2:2890 |
| 138.76.29.7:5003 | 10.0.0.3:1789 |
+-------------------+----------------------+
5.3 Controversies Around NAT
There are several criticisms of NAT:
- Port numbers are meant for process identification but are used for host identification, violating layer boundaries
- Violates the end-to-end principle
- Requires port forwarding configuration for running servers
- Causes connection issues in P2P applications
6. ICMP (Internet Control Message Protocol)
6.1 Role of ICMP
ICMP is a protocol for error reporting and information exchange between network devices. It is encapsulated as the payload of an IP datagram.
6.2 Key ICMP Messages
ICMP Message Types
====================
Type Code Description
---- ---- ----------------------------------
0 0 Echo Reply (ping response)
3 0 Destination Network Unreachable
3 1 Destination Host Unreachable
3 3 Destination Port Unreachable
4 0 Source Quench (congestion control)
8 0 Echo Request (ping request)
11 0 TTL Expired (used by traceroute)
12 0 IP Header Bad
6.3 Usage Example: Traceroute
Traceroute sends UDP packets with TTL values incrementing from 1. When TTL reaches 0 at each router, an ICMP TTL Expired message is returned, revealing the routers along the path.
Traceroute Operation
=====================
Host --> TTL=1 --> [R1] --> ICMP TTL Expired returned
Host --> TTL=2 --> [R1] --> [R2] --> ICMP TTL Expired returned
Host --> TTL=3 --> [R1] --> [R2] --> [R3] --> ICMP TTL Expired returned
Host --> TTL=4 --> [R1] --> [R2] --> [R3] --> [Destination] --> ICMP Port Unreachable
7. IPv6
7.1 Background of IPv6
As IPv4 address space (approximately 4.3 billion) was exhausted, IPv6 was developed. IPv6 uses 128-bit addresses, providing a virtually unlimited address space.
7.2 IPv6 Datagram Format
IPv6 Header (40 bytes fixed)
==============================
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Traffic Class | Flow Label |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload Length | Next Header | Hop Limit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| Source Address |
+ (128 bits) +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| Destination Address |
+ (128 bits) +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
7.3 Key Changes from IPv4
IPv4 vs IPv6 Comparison
========================
Item | IPv4 | IPv6
-------------------+-------------------+--------------------
Address Size | 32 bits | 128 bits
Header Size | Variable (20~60B) | Fixed 40 bytes
Fragmentation | Possible at routers| Source only
Checksum | Present | None (delegated to upper layers)
Options | In header | Separated to extension headers
Broadcast | Supported | Replaced by multicast
7.4 Transition from IPv4 to IPv6
Since all devices worldwide cannot be replaced at once, gradual transition methods are used.
Tunneling: IPv6 datagrams are encapsulated as the payload of IPv4 datagrams, allowing them to traverse IPv4 networks.
Tunneling Operation
=====================
[IPv6] --> [IPv6/IPv4] ===== IPv4 Tunnel ===== [IPv4/IPv6] --> [IPv6]
Host A Tunnel Entry (IPv6 encapsulated Tunnel Exit Host B
in IPv4 for transit)
Original packet: [IPv6 Header][Data]
Inside tunnel: [IPv4 Header][IPv6 Header][Data]
IPv4 Protocol field = 41 (IPv6)
8. Summary
| Concept | Key Points |
|---|---|
| IPv4 Header | 20 bytes base, includes TTL/Protocol/Checksum |
| Fragmentation | Split when exceeding MTU, reassembled at destination only |
| CIDR | Flexible subnet masks for improved address efficiency |
| DHCP | Automatic IP assignment (Discover-Offer-Request-ACK) |
| NAT | Translates private to public IP, mapped by port number |
| ICMP | Network error reporting and diagnostics (ping, traceroute) |
| IPv6 | 128-bit addresses, fixed 40-byte header, no fragmentation |
In the next post, we will examine the routing algorithms (Link-State, Distance-Vector) that routers use to find optimal paths.
References
- James F. Kurose, Keith W. Ross, "Computer Networking: A Top-Down Approach", 6th Edition, Chapter 4
- RFC 791 - Internet Protocol (IPv4)
- RFC 2460 - Internet Protocol Version 6 (IPv6)
- RFC 2131 - Dynamic Host Configuration Protocol