What does the protocol field in ipv4 header is 1 indicate

Inhaltsverzeichnis Show

Overview of IPv4 Header Format
IPv4 Header Format Component
Recommended Articles

Overview of IPv4 Header Format

IPV4 header format is of 20 to 60 bytes in length, contains information essential to routing and delivery, consist of 13 fields, VER, HLEN, service type, total length, identification, flags, fragmentation offset, time to live, protocol, header checksum, source IP address, Destination IP address and option + padding, where each has its own features and provides essential data required to transmit the data.

An IPv4 packet header has a total of 14 fields; among these 14 fields, only one is optional, which is aptly known as the options component.

IPv4 Header Format Component

Below is the list mentioned.

Version.
Internet Header Length.
Type of Service.
Explicit Congestion Notification.
Total Length.
Identification.
Flags.
Fragment Offset
Time to live.
Protocol.
A checksum of header.
Source Address.
Destination Address.
Options.

Let’s take a look at these components, their sizes and what they can do:

Version: The first header field is a 4-bit version indicator. In the case of IPv4, the value of its four bits is set to 0100, which indicates 4 in binary.
Internet Header Length: IHL is the 2nd field of an IPv4 header, and it is of 4 bits in size. This header component is used to show how many 32-bit words are present in the header. As we know, IPv4 headers have a variable size, so this is used to specify the size of the header to avoid any errors. This size can be between 20 bytes to 60 bytes.
Type of Service: ToS is also called Differentiated Services Code Point or DSCP. This field is used to provide features related to service quality, such as for data streaming or Voice over IP (VoIP) calls. It is used to specific how a datagram will be handled.
Explicit Congestion Notification: ECN is used to send notifications to the sender or receive in situations where network congestion happens. This is an optional feature of IPv4 can; if one of the endpoints don’t support it, it is not used.
Total Length: This field’s size is 16 bit, and it is used to denote the size of the entire datagram. The minimum size of an IP datagram is 20 bytes, and at the maximum, it can be 65,535 bytes. Practically, all hosts are required to be able to read 576-byte datagrams. If a datagram is too large for the hosts in the network, fragmentation is used, which is handled in the host or packet switch.
Identification: The identification or ID field in a packet can identify an IP datagram’s fragments uniquely. Some have suggested using this field for other things such as adding information for packet tracing etc.
Flags: flag in an IPv4 header is a three-bit field that is used to control and identify fragments. The following can be their possible configuration:
- Bit 0: this is reserved and has to be set to zero
- Bit 1: DF or do not fragment
- Bit 2: MF or more fragments.
Fragment Offset: This field is 13 bit long in length, and it is measured by blocks that units of 8-byte blocks. These are used to specify the offset of a fragment relative to the start of the IP datagram, which when it was not fragmented. As you can expect, the first offset of a fragment is always set to zero. The maximum possible offset is ( 213-1 ) * 8 = 65528, but it is more than the maximum possible IP Packet length, which is 65,535 bytes long with the length of a header added in.
Time to live: Time to live (or TTL in short) is an 8-bit field to indicate the maximum time the datagram will be live in the internet system. The time here is measured in seconds, and in case the value of TTL is zero, the datagram is erased. Every time a datagram is processed, it’s Time to live is decreased by one second. These are used so that datagrams that are not delivered are discarded automatically. TTL can be between 0 – 255.
Protocol: This is a filed in the IPv4 header reserved to denote which protocol is used in the later (data) portion of the datagram. For Example, number 6 is used to denote TCP and 17 is used to denote UDP protocol.
The header’s checksum: The checksum field is of 16-bit length, and it is used to check the header for any errors. The header is compared to the value of its checksum at each hop, and in case the header checksum is not matching, the packet is discarded. Keep in mind that this is only for the header, and its protocol handles the data field. UDP and TCP, for example, have their own checksum fields.
Source Address: It is a 32-bit address of the source of the IPv4 packet.
Destination Address: the destination address is also 32 bit in size, and it contains the receiver’s address.
Options: This is an optional field of the IPv4 header. It is used only when the value of IHL is set to more than 5. These options contain values and settings for things related to security. Record route and time stamp etc. You will find that the list of options component ends with an End of Options or EOL in many cases.

Conclusion

IP headers are one of the crucial components of the protocol. Being able to tell the network about the datagram, its source, and its destination is important, and so is the ability to detect any errors in the header to avoid using corrupted packets. Considering that almost all of the modern internet relies on IPv4 and IPv6, these headers are used in almost all of the HTTP internet traffic.

Recommended Articles

This has been a guide to IPv4 Header Format. Here we discussed Introduction to IPv4 Header Format, its components with their sizes and what they are used for. You can also go through our other suggested articles to learn more –

Header : IPv4

Version

This field (4 bits) indicates IP version. It is always 4 in IPv4 header.

DSCP (Differentiated Services Code Point)

This field (6 bits) used to be called ToS('Type of Service') and now renamed to DSCP. Refer to rfc2475 for the details.

ECN(Explicit Congestion Notification)

This field (2 bits) is used for end to end notification of Network Congestion. It has following meaning

00 � Non ECN-Capable Transport, Non-ECT
10 � ECN Capable Transport, ECT(0)
01 � ECN Capable Transport, ECT(1)
11 � Congestion Encountered, CE.

Internet Header Length (IHL)

This field (4 bit) indicates the length of the IP header and the unit is 4 bytes (32 bits). So, if the value of this field is 5, it means the length of IP header is 20 bytes (= 5 x 4 bytes).

Total Length

This field (16 bits) indicates the total length of the IP packet (Length of IP header + Length of payload) in bytes. The minimum value is 20 bytes since the minimum IPv4 header length is 20 bytes.

The length of field is 16 bits. This means the max length of one IP packet is 2^16 Bytes (65535 bytes) including the header. the minimum length of one IP packet is 20 bytes which is the case in which there is only IP header and No payload.

Identification

This field (16 bits) is used to uniquely identify a group of fragments that belongs to the same IP diagram.

Flags

This field (3 bits) is used to control and indentify the fragments. The meaning of each bit is as follows.

bit 0: Reserved; must be zero.
bit 1: Don't Fragment (DF)
bit 2: More Fragments (MF)

For unfragmented packets, the MF flag is set to be 0.

For fragmented packets, bit 0 set to be 0, bit 1 is set to be 0 and bit 2 is set to be 1 (However, in case of the last fragment of the fragmented packets all bits are set to be 0)

Fragment Offset

This field (13 bits) indicates the position of a fragemented packets from the biginning of the original packet. The unit is the multiples of 8 bytes. For example, if the value is 1, it menas the fragment offest is 8 bytes . if the value is 10, it means the fragment offset is 80 bytes. The value for unfragmented packet or the first fragment of the fragmented packet is set to be 0.

Time to Live

This field (8 bits) indicates how long the packet can survive in the network. Even though the unit is in seconds, it is practically interpreted as the number of hops it can go through. When the datagram arrives at a router, the router decrements the TTL field by one. When the TTL field hits zero, the router discards the packet and typically sends an ICMP Time Exceeded message to the sender. In this way, we can avoid the situation in which a packet goes round and round within the network without reaching the final destination.

Protocol

This field (8 bits) indicates the protocol of the payload part and can be specified by one of the following values.

Decimal	Hex	Keyword	Protocol
0	0x00	HOPOPT	IPv6 Hop-by-Hop Option
1	0x01	ICMP	Internet Control Message Protocol
2	0x02	IGMP	Internet Group Management Protocol
3	0x03	GGP	Gateway-to-Gateway Protocol
4	0x04	IP-in-IP	IP in IP (encapsulation)
5	0x05	ST	Internet Stream Protocol
6	0x06	TCP	Transmission Control Protocol
7	0x07	CBT	Core-based trees
8	0x08	EGP	Exterior Gateway Protocol
9	0x09	IGP	Interior Gateway Protocol (any private interior gateway (used by Cisco for their IGRP))
10	0x0A	BBN-RCC-MON	BBN RCC Monitoring
11	0x0B	NVP-II	Network Voice Protocol
12	0x0C	PUP	Xerox PUP
13	0x0D	ARGUS	ARGUS
14	0x0E	EMCON	EMCON
15	0x0F	XNET	Cross Net Debugger
16	0x10	CHAOS	Chaos
17	0x11	UDP	User Datagram Protocol
18	0x12	MUX	Multiplexing
19	0x13	DCN-MEAS	DCN Measurement Subsystems
20	0x14	HMP	Host Monitoring Protocol
21	0x15	PRM	Packet Radio Measurement
22	0x16	XNS-IDP	XEROX NS IDP
23	0x17	TRUNK-1	Trunk-1
24	0x18	TRUNK-2	Trunk-2
25	0x19	LEAF-1	Leaf-1
26	0x1A	LEAF-2	Leaf-2
27	0x1B	RDP	Reliable Datagram Protocol
28	0x1C	IRTP	Internet Reliable Transaction Protocol
29	0x1D	ISO-TP4	ISO Transport Protocol Class 4
30	0x1E	NETBLT	Bulk Data Transfer Protocol
31	0x1F	MFE-NSP	MFE Network Services Protocol
32	0x20	MERIT-INP	MERIT Internodal Protocol
33	0x21	DCCP	Datagram Congestion Control Protocol
34	0x22	3PC	Third Party Connect Protocol
35	0x23	IDPR	Inter-Domain Policy Routing Protocol
36	0x24	XTP	Xpress Transport Protocol
37	0x25	DDP	Datagram Delivery Protocol
38	0x26	IDPR-CMTP	IDPR Control Message Transport Protocol
39	0x27	TP++	TP++ Transport Protocol
40	0x28	IL	IL Transport Protocol
41	0x29	IPv6	IPv6 Encapsulation
42	0x2A	SDRP	Source Demand Routing Protocol
43	0x2B	IPv6-Route	Routing Header for IPv6
44	0x2C	IPv6-Frag	Fragment Header for IPv6
45	0x2D	IDRP	Inter-Domain Routing Protocol
46	0x2E	RSVP	Resource Reservation Protocol
47	0x2F	GRE	Generic Routing Encapsulation
48	0x30	MHRP	Mobile Host Routing Protocol
49	0x31	BNA	BNA
50	0x32	ESP	Encapsulating Security Payload
51	0x33	AH	Authentication Header
52	0x34	I-NLSP	Integrated Net Layer Security Protocol
53	0x35	SWIPE	SwIPe
54	0x36	NARP	NBMA Address Resolution Protocol
55	0x37	MOBILE	IP Mobility (Min Encap)
56	0x38	TLSP	Transport Layer Security Protocol (using Kryptonet key management)
57	0x39	SKIP	Simple Key-Management for Internet Protocol
58	0x3A	IPv6-ICMP	ICMP for IPv6
59	0x3B	IPv6-NoNxt	No Next Header for IPv6
60	0x3C	IPv6-Opts	Destination Options for IPv6
61	0x3D		Any host internal protocol
62	0x3E	CFTP	CFTP
63	0x3F		Any local network
64	0x40	SAT-EXPAK	SATNET and Backroom EXPAK
65	0x41	KRYPTOLAN	Kryptolan
66	0x42	RVD	MIT Remote Virtual Disk Protocol
67	0x43	IPPC	Internet Pluribus Packet Core
68	0x44		Any distributed file system
69	0x45	SAT-MON	SATNET Monitoring
70	0x46	VISA	VISA Protocol
71	0x47	IPCU	Internet Packet Core Utility
72	0x48	CPNX	Computer Protocol Network Executive
73	0x49	CPHB	Computer Protocol Heart Beat
74	0x4A	WSN	Wang Span Network
75	0x4B	PVP	Packet Video Protocol
76	0x4C	BR-SAT-MON	Backroom SATNET Monitoring
77	0x4D	SUN-ND	SUN ND PROTOCOL-Temporary
78	0x4E	WB-MON	WIDEBAND Monitoring
79	0x4F	WB-EXPAK	WIDEBAND EXPAK
80	0x50	ISO-IP	International Organization for Standardization Internet Protocol
81	0x51	VMTP	Versatile Message Transaction Protocol
82	0x52	SECURE-VMTP	Secure Versatile Message Transaction Protocol
83	0x53	VINES	VINES
84	0x54	TTP	TTP
84	0x54	IPTM	Internet Protocol Traffic Manager
85	0x55	NSFNET-IGP	NSFNET-IGP
86	0x56	DGP	Dissimilar Gateway Protocol
87	0x57	TCF	TCF
88	0x58	EIGRP	EIGRP
89	0x59	OSPF	Open Shortest Path First
90	0x5A	Sprite-RPC	Sprite RPC Protocol
91	0x5B	LARP	Locus Address Resolution Protocol
92	0x5C	MTP	Multicast Transport Protocol
93	0x5D	AX.25	AX.25
94	0x5E	IPIP	IP-within-IP Encapsulation Protocol
95	0x5F	MICP	Mobile Internetworking Control Protocol
96	0x60	SCC-SP	Semaphore Communications Sec. Pro
97	0x61	ETHERIP	Ethernet-within-IP Encapsulation
98	0x62	ENCAP	Encapsulation Header
99	0x63		Any private encryption scheme
100	0x64	GMTP	GMTP
101	0x65	IFMP	Ipsilon Flow Management Protocol
102	0x66	PNNI	PNNI over IP
103	0x67	PIM	Protocol Independent Multicast
104	0x68	ARIS	IBM's ARIS (Aggregate Route IP Switching) Protocol
105	0x69	SCPS	SCPS (Space Communications Protocol Standards)
106	0x6A	QNX	QNX
107	0x6B	A/N	Active Networks
108	0x6C	IPComp	IP Payload Compression Protocol
109	0x6D	SNP	Sitara Networks Protocol
110	0x6E	Compaq-Peer	Compaq Peer Protocol
111	0x6F	IPX-in-IP	IPX in IP
112	0x70	VRRP	Virtual Router Redundancy Protocol, Common Address Redundancy Protocol (not IANA assigned)
113	0x71	PGM	PGM Reliable Transport Protocol
114	0x72		Any 0-hop protocol
115	0x73	L2TP	Layer Two Tunneling Protocol Version 3
116	0x74	DDX	D-II Data Exchange (DDX)
117	0x75	IATP	Interactive Agent Transfer Protocol
118	0x76	STP	Schedule Transfer Protocol
119	0x77	SRP	SpectraLink Radio Protocol
120	0x78	UTI	Universal Transport Interface Protocol
121	0x79	SMP	Simple Message Protocol
122	0x7A	SM	Simple Multicast Protocol
123	0x7B	PTP	Performance Transparency Protocol
124	0x7C	IS-IS over IPv4	Intermediate System to Intermediate System (IS-IS) Protocol over IPv4
125	0x7D	FIRE	Flexible Intra-AS Routing Environment
126	0x7E	CRTP	Combat Radio Transport Protocol
127	0x7F	CRUDP	Combat Radio User Datagram
128	0x80	SSCOPMCE	Service-Specific Connection-Oriented Protocol in a Multilink and Connectionless Environment
129	0x81	IPLT
130	0x82	SPS	Secure Packet Shield
131	0x83	PIPE	Private IP Encapsulation within IP
132	0x84	SCTP	Stream Control Transmission Protocol
133	0x85	FC	Fibre Channel
134	0x86	RSVP-E2E-IGNORE	Reservation Protocol (RSVP) End-to-End Ignore
135	0x87	Mobility Header	Mobility Extension Header for IPv6
136	0x88	UDPLite	Lightweight User Datagram Protocol
137	0x89	MPLS-in-IP	Multiprotocol Label Switching Encapsulated in IP
138	0x8A	manet	MANET Protocols
139	0x8B	HIP	Host Identity Protocol
140	0x8C	Shim6	Site Multihoming by IPv6 Intermediation
141	0x8D	WESP	Wrapped Encapsulating Security Payload
142	0x8E	ROHC	Robust Header Compression
143-252	0x8F-0xFC	UNASSIGNED
253-254	0xFD-0xFE	Use for experimentation and testing
255	0xFF	Reserved.

Header Checksum

This field (16 bits) carries the checksum value of the header. It may be confusing.. because Header Checksum field is also a part of the header. So you may ask 'does checksum calculation includes HeadChecksum field or not ?'. The answer is 'Yes, the HeadChecksum field is also used in the checksum calculation, but the value is always assumed to be all zero.

Source Address / Destination Address

Both Source address and Destination Address takes 32 bits for each. These address are represted as follow format.

W.X.Y.Z

W, X, Y, Z can be any number between 0 and 255, but depending on various purpose/class these number can take a specific range of values as below. (You can figure out the IP set to your PC using ipconfig command (in windows) or ifconfig (in Linux) and you can figure out the ip for a specific site using nslookup).

Followings are IP addresses that are reserved for private networks.

Name	Address range	Number of addresses	Classful description	Largest CIDR block
24-bit block	10.0.0.0�10.255.255.255	16,777,216	Single Class A	10.0.0.0/8
20-bit block	172.16.0.0�172.31.255.255	1,048,576	Contiguous range of 16 Class B blocks	172.16.0.0/12
16-bit block	192.168.0.0�192.168.255.255	65,536	Contiguous range of 256 Class C blocks	192.168.0.0/16

Followings are some of the IP addresses that are reserved for special purpose.

Range	Description
0.0.0.0/8	Current network (only valid as source address)
10.0.0.0/8	Private network
100.64.0.0/10	Shared Address Space
127.0.0.0/8	Loopback
169.254.0.0/16	Link-local
172.16.0.0/12	Private network
192.0.0.0/24	IETF Protocol Assignments
192.0.2.0/24	TEST-NET-1, documentation and examples
192.88.99.0/24	IPv6 to IPv4 relay
192.168.0.0/16	Private network
198.18.0.0/15	Network benchmark tests
198.51.100.0/24	TEST-NET-2, documentation and examples
203.0.113.0/24	TEST-NET-3, documentation and examples
224.0.0.0/4	IP multicast (former Class D network)
240.0.0.0/4	Reserved (former Class E network)
255.255.255.255	Broadcast

Example 01 > ===========================================================

Internet Protocol Version 4, Src: 1.1.1.100 (1.1.1.100), Dst: 1.1.1.1 (1.1.1.1)

Version: 4

Header length: 20 bytes

Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))

0000 00.. = Differentiated Services Codepoint: Default (0x00)

.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)

Total Length: 32

Identification: 0x0a76 (2678)

Flags: 0x00

0... .... = Reserved bit: Not set

.0.. .... = Don't fragment: Not set

..0. .... = More fragments: Not set

Fragment offset: 0

Time to live: 128

Protocol: Unknown (253)

Header checksum: 0x2b05 [correct]

[Good: True]

Following is the HEX string and Binary String for the IP header decoded above, try decode each field on your own and compare your decoding with the wireshark decode shown above. You can get the C language example of IPv4 decoding if you are interested.

HEX : 45 00 00 20 0a 76 00 00 80 fd 2b 05 01 01 01 64 01 01 01 01

BIN :

01000101 00000000 00000000 00100000

00001010 01110110 00000000 00000000

10000000 11111101 00101011 00000101

00000001 00000001 00000001 01100100

00000001 00000001 00000001 00000001