IP Header Format
Unlike the post office, a router or computer cannot determine the size of a package without additional information. A person can look at a letter or box and determine how big it is, but a router cannot. Therefore, additional information is required at the IP layer, in addition to the source and destination IP addresses. Figure 3-12 is a logical representation of the information that is used at the IP layer to enable the delivery of electronic data. This information is called a header, and is analogous to the addressing information on an envelope. A header contains the information required to route data on the Internet, and has the same format regardless of the type of data being sent. This is the same for an envelope where the address format is the same regardless of the type of letter being sent.
)
Figure
3-12
IP Header Format
The fields in the IP header and their descriptions are
Version—A 4-bit field that identifies the IP version being used. The current version is 4, and this version is referred to as IPv4.
Length—A 4-bit field containing the length of the IP header in 32-bit increments. The minimum length of an IP header is 20 bytes, or five 32-bit increments. The maximum length of an IP header is 24 bytes, or six 32-bit increments. Therefore, the header length field should contain either 5 or 6.
Type of Service (ToS)—The 8-bit ToS uses 3 bits for IP Precedence, 4 bits for ToS with the last bit not being used. The 4-bit ToS field, although defined, has never been used.
IP Precedence— A 3-bit field used to identify the level of service a packet receives in the network.
Differentiated Services Code Point (DSCP)—A 6-bit field used to identify the level of service a packet receives in the network. DSCP is a 3-bit expansion of IP precedence with the elimination of the ToS bits.
Total Length—Specifies the length of the IP packet that includes the IP header and the user data. The length field is 2 bytes, so the maximum size of an IP packet is 216 – 1 or 65,535 bytes.
Identifier, Flags, and Fragment Offset—As an IP packet moves through the Internet, it might need to cross a route that cannot handle the size of the packet. The packet will be divided, or fragmented, into smaller packets and reassembled later. These fields are used to fragment and reassemble packets.
Time to Live (TTL)—It is possible for an IP packet to roam aimlessly around the Internet. If there is a routing problem or a routing loop, then you don't want packets to be forwarded forever. A routing loop is when a packet is continually routed through the same routers over and over. The TTL field is initially set to a number and decremented by every router that is passed through. When TTL reaches 0 the packet is discarded.
Protocol—In the layered protocol model, the layer that determines which application the data is from or which application the data is for is indicated using the Protocol field. This field does not identify the application, but identifies a protocol that sits above the IP layer that is used for application identification.
Header Checksum—A value calculated based on the contents of the IP header. Used to determine if any errors have been introduced during transmission.
Source IP Address—32-bit IP address of the sender.
Destination IP Address—32-bit IP address of the intended recipient.
Options and Padding—A field that varies in length from 0 to a multiple of 32-bits. If the option values are not a multiple of 32-bits, 0s are added or padded to ensure this field contains a multiple of 32 bits.
The IP Precedence field can be used to prioritize IP traffic. (See Table 3-9.) This is the same as the postal system having different classes of mail such as priority, overnight, and 2-day delivery. Routers can choose to use this field to give preferential treatment to certain types of IP traffic.
Table 3-9 IP Precedence Values
|
Precedence Value |
Meaning |
|
000 (0) |
Routine or Best Effort |
|
001 (1) |
Priority |
|
010 (2) |
Immediate |
|
011 (3) |
Flash |
|
Precedence Value |
Meaning |
|
100 (4) |
Flash Override |
|
101 (5) |
Critical |
|
110 (6) |
Internetwork Control |
|
111 (7) |
Network Control |
The ToS bits were originally designed to influence the delivery of data based on delay, throughput, reliability and cost. (See Table 3-10.) They are usually not used and are therefore set to zero.
Table 3-10 Type of Service Values
|
ToS Value |
Meaning |
|
0000 (0) |
Normal Delivery |
|
0001 (1) |
Minimize Cost |
|
0010 (2) |
Maximize Reliability |
|
0100 (4) |
Maximize Throughput |
|
1000 (8) |
Minimize Delay |
The IP Precedence field can have 8 or 23 possible values. Routers use two of these values, 6 and 7, for routing protocol traffic. That leaves six values that can be used to prioritize user traffic. Because the ToS bits are typically not used, the IP Precedence field can be extended from 3 to 6 bits by using 3 bits from the ToS field. (See Figure 3-13.)
)
Figure
3-13
IP Header Type of Service (ToS) Field
This new field is called the Differentiated Services Code Point (DSCP). That gives you 64 or 26 possible values that can be used to prioritize traffic. Although there are 64 possible DSCP values, only 14 are used typically. (See Table 3-11 and the explanation that follows.)
Table 3-11 Differentiated Services Code Point Values
|
DSCP Value |
Meaning |
Drop Probability |
Equivalent IP Precedence Value |
|
101 110 (46) |
High Priority Expedited Forwarding (EF) |
N/A |
101 – Critical |
|
000 000 (0) |
Best Effort |
N/A |
000 – Routine |
|
001 010 (10) |
AF11 |
Low |
001 – Priority |
|
001 100 (12) |
AF12 |
Medium |
001 – Priority |
|
001 110 (14) |
AF13 |
High |
001 – Priority |
|
010 010 (18) |
AF21 |
Low |
001 – Immediate |
|
010 100 (20) |
AF22 |
Medium |
001 – Immediate |
|
010 110 (22) |
AF23 |
High |
001 – Immediate |
|
011 010 (26) |
AF31 |
Low |
011 – Flash |
|
011 100 (28) |
AF32 |
Medium |
011 – Flash |
|
011 110 (30) |
AF33 |
High |
011 – Flash |
|
100 010 (34) |
AF41 |
Low |
100 – Flash Override |
|
100 100 (36) |
AF42 |
Medium |
100 – Flash Override |
|
100 110 (38) |
AF43 |
High |
100 – Flash Override |
Notice that the first 3 bits of the DSCP value are the 3 bits from the IP precedence. An IP precedence of 000 maps into a DSCP value of 000 000, and both represent best effort delivery. An IP precedence of 101 (Critical) maps into a DSCP value of 101 110 (High Priority or Expedited Forwarding). The remaining 4 IP precedence values are each mapped into 3 DSCP values. The additional 3-bit portion is used to identify a drop probability within one of the four assured forwarding (AF) classes.
This discussion of the contents of the IP header is meant as an overview. If you are interested in learning more details regarding the IP header, refer to the references at the end of this chapter. The important concept to take away from this discussion is that the IP header contains the source and destination IP addresses. Routers use the destination IP address to determine a route; therefore, the IP layer in the layered model is the routing layer.
At this point, we could stop our discussion of the layered protocol model. This book is about routing, and routing is the second or third layer depending on which model is used. A router does not care what application sent the data, or how the application is going to receive the data. The job of the router is to get the packet to the proper destination. It is then the responsibility of the destination host to deliver the data to the application. The incomplete layered model in Figure 3-8 is sufficient for the remainder of this book. But, to be complete, let's go ahead and finish the model.