'%3e%3crect%20x='109.185'%20y='253.397'%20width='350.859'%20height='857.656'%20fill='white'/%3e%3cpath%20d='M274.77%20708.572H233.194V888.205H286.632C302.651%20888.205%20314.635%20883.711%20322.461%20875.088C330.287%20866.465%20334.322%20851.404%20334.322%20830.149V779.138C334.322%20752.539%20329.797%20734.2%20320.382%20723.997C310.966%20713.795%20295.681%20708.451%20274.77%20708.451V708.572Z'%20fill='%23FF5C00'/%3e%3cpath%20d='M310.966%20610.558C320.015%20601.206%20324.539%20585.295%20324.539%20563.19V530.518C324.539%20490.559%20308.887%20470.519%20277.705%20470.033H232.949V624.768H269.512C287.977%20624.768%20302.039%20619.91%20311.088%20610.436L310.966%20610.558Z'%20fill='%23FF5C00'/%3e%3cpath%20d='M277.582%200C124.362%200%200%20123.399%200%20275.704V1069.3C0%201221.48%20124.239%201345%20277.582%201345C430.803%201345%20555.165%201221.6%20555.165%201069.3V275.704C555.165%20123.52%20430.926%200%20277.582%200ZM426.523%20833.064C426.523%20878.367%20414.539%20912.739%20390.817%20936.423C375.898%20951.241%20356.7%20961.322%20333.221%20966.909V987.677C333.221%201002.5%20320.993%201014.64%20306.075%201014.64C291.156%201014.64%20278.805%201002.5%20278.805%20987.677V971.888H232.949V987.677C232.949%201002.5%20220.721%201014.64%20205.803%201014.64C190.884%201014.64%20178.655%201002.5%20178.655%20987.677V971.888H170.218C150.53%20971.888%20140.625%20962.05%20140.625%20942.496V415.743C140.625%20396.188%20150.53%20386.35%20170.218%20386.35H178.655V357.201C178.655%20342.383%20190.884%20330.238%20205.803%20330.238C220.721%20330.238%20232.949%20342.383%20232.949%20357.201V386.35H278.805V357.201C278.805%20342.383%20291.034%20330.238%20306.075%20330.238C321.115%20330.238%20333.221%20342.383%20333.221%20357.201V388.78C333.221%20389.994%20332.977%20391.087%20332.855%20392.18C354.499%20397.524%20371.863%20406.512%20384.703%20419.386C406.469%20441.491%20417.597%20475.377%20417.597%20521.045V544.364C417.597%20604.363%20397.42%20642.743%20357.556%20659.14V660.719C403.656%20676.265%20426.646%20717.074%20426.646%20782.782V833.064H426.523Z'%20fill='%23FF5C00'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_1_174'%3e%3crect%20width='555'%20height='1345'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
- Definitions and general information
- Fragmentation of IP datagrams
- Data encapsulation
- IP addressing
- CIDR addressing
Definitions and general information
The IP protocol, or "Internet Protocol", is the backbone of the TCP/IP model. It carries data packets from one host to another within a network, whether it's local or spans the globe. It has two key roles: managing the logical addressing of devices, and ensuring packets are routed across often heterogeneous and interconnected networks.
At the physical level, transmission relies on hardware interfaces to establish point-to-point connections between nodes. However, it is the IP protocol that makes end-to-end communication possible, giving each packet the information it needs to navigate through multiple possible paths to its destination.
Three network configuration elements determine how a packet is sent on its way:
- IP address: uniquely identifies the destination host in the network.
- Subnet mask: specifies which part of the address identifies the network and which part identifies the host, enabling logical division into subnets.
- The gateway: indicates the intermediate router through which the packet should pass to reach an external network or another segment of the local network.
On the Internet, data doesn't flow as one continuous stream, but it's sent as datagrams: independent blocks of data, each encapsulated with all the information needed for delivery. This is the principle of packet switching, where information is split into self-contained units that may take different paths to reach the same recipient.
In addition to the payload (payload), each IP datagram contains a structured header with fields such as the destination address, source address, type of service, protocol version number and other control information needed to manage the transmission.
The theoretical maximum size of an IP datagram is 65,536 octets, a limit set by the total length field in the header. In practice, this size is rarely reached, as the physical networks carrying the packets (Ethernet, Wi-Fi, fiber optics...) usually impose a stricter limits known as MTU (Maximum Transmission Unit). If a datagram exceeds the MTU of the physical link, it must be split into smaller packets, each sent separately and reassembled on arrival.
This adaptability makes IP a robust and flexible protocol, able to operate over a wide variety of underlying technologies while maintaining universal compatibility between heterogeneous systems and networks.
Fragmentation of IP datagrams
When an IP datagram needs to pass through a network whose transmission capacity is smaller than the datagram itself, it must be fragmented so it can travel without issue. This physical size limit is called the MTU (Maximum Transmission Unit): the largest frame size that can pass over a given network without being split.
Each network technology imposes its own MTU, determined by its hardware and protocol characteristics. Common values include:
- ARPANET: 1000 bytes
- Ethernet: 1500 bytes
- FDDI: 4470 bytes
When a datagram exceeds the MTU of a network segment it needs to cross, routing equipment will split it into smaller fragments that comply with the limit. This typically happens when moving from a high-MTU network to one with a lower capacity. For example, a datagram coming from an FDDI network may need to be fragmented before being sent over an Ethernet segment.
The fragmentation process works like this:
- The router breaks the datagram into fragments that are no larger than the target network's MTU.
- Each fragment's size is a multiple of 8 bytes, since the IP protocol uses this unit to encode the reassembly offset.
- Every fragment gets its own IP header, which contains the information needed by the final recipient to reassemble them in the correct order.
Once fragmented, the pieces travel independently through the network. They may take different routes, depending on routing tables, link loads, or outages. There's no guarantee they'll arrive in the order they were sent.
On arrival, the receiving machine handles reassembly. Using the information in the headers (shared identifier, offset, and fragmentation flags), it puts the fragments back in the right order to reconstruct the original datagram before transmitting it to the next layer. If even one fragment is lost or corrupted, the whole datagram is usually discarded, without every piece, the result would be incomplete or unusable.
Although effective, fragmentation and reassembly come with downsides: extra processing for routers and hosts, and a higher chance of packet loss, which can increase retransmissions. That's why careful MTU management and packet size optimization are important for smooth, efficient IP communication.
Data encapsulation
To ensure that data is routed correctly through the layers of the TCP/IP model, the process of encapsulation plays a key role. At each stage as a message travels from the sender's application to the recipient's machine, extra information, known as headers, is added. These headers give intermediate devices and software layers the instructions they need to process, deliver, and, if necessary, reassemble the data.
When a message is sent, it passes through the four layers of the TCP/IP stack. At each layer, a new header is added in front of the existing data: each header contains specific metadata, such as logical or physical addresses, communication ports, sequence numbers, error-control flags, and any information needed to manage transmission and routing.
Transmission thus follows a structured process:
- The Application layer creates the initial message, containing the raw data.
- The Transport layer encapsulates it into a segment, adding source and destination ports, sequence numbers, and flow-control mechanisms.
- The Internet layer adds to the segment an IP header to form a datagram, specifying source and destination IP addresses.
- The Network Access layer wraps the datagram into a frame, adding MAC addresses and integrity check codes (CRC).
This encapsulation process ensures both the integrity and traceability of the data, and also its adaptability: when moving from one network to another, the headers provide devices with the information needed to choose the route, check validity, or perform fragmentation if necessary.
Upon arrival, the process is reversed: the receiving machine gets the frame at the Network Access layer, which reads and removes the corresponding header. The datagram is then passed to the Internet layer, which reads the IP header and removes it in turn to deliver the segment to the Transport layer. The Transport layer processes the transport headers, checks the integrity of the stream, and finally delivers the message to the target application in its original state.
The transformation of the data at each layer can be summarized as:
- Message: block of information at the Application layer.
- Segment: data unit after encapsulation by the Transport layer.
- Datagram: form taken following the addition of the IP header by the Internet layer.
- Frame: final block ready for transmission over the physical medium by the Network Access layer.
This process, essential to the reliability and universality of Internet communications, ensures that every piece of data, no matter how fragmented or complex, can be transported end-to-end while remaining comprehensible and usable by the receiving machine.
IP addressing
Even with packet switching, fragmentation, and encapsulation in place, a network still couldn't function without a reliable addressing system. To ensure that each data packet reaches the correct recipient, the Internet layer uses a unique identifier: the IP address.
In IPv4, an IP address is coded on 32 bits and written as four decimal numbers separated by dots, in the familiar N1.N2.N3.N4 format (for example: 192.168.1.12).
An IP address has two parts:
- netid: identifies the network that the host belongs to
- hostid: identifies the specific host within that network This separation allows the global Internet to be logically structured into many interconnected networks.
Historically, the IPv4 system relied on a class-based scheme, labeled from A to E, which defined the range of address and their intended use. Each class allocated a set number of bits to the netid and hostid, directly affecting the possible number of networks and hosts.
| Class | IPv4 Address Range | Usage |
| A | 1.x.x.x to 126.x.x.x | Unicast addresses |
| (127.x.x.x reserved for loopback) | Local loopback | |
| B | 128.0.x.x to 191.255.x.x | Unicast addresses |
| C | 192.0.0.x to 223.255.255.x | Unicast addresses |
| D | 224.0.0.0 to 239.255.255.255 | IP Multicast |
| E | 240.0.0.0 to 255.255.255.255 | Reserved for experimentation |
Not all possible values can be assigned to hosts. For example, in a class C address, the last byte offers 8 bits (256 values). But two of these are reserved:
- 0: identifies the network itself
- 255: is the broadcast address, used to send a packet to all hosts in the network at once. That leaves 254 usable addresses for devices.
The number of available addresses varies widely between classes: from large public networks in class A, to corporate networks in class B, to smaller local networks in class C.
Some address ranges are reserved for private use and never routed directly on the Internet. These are known as private addresses, and are used inside organizations, businesses, or homes, and require address translation, typically NAT (Network Address Translation), to reach the public Internet. These are:
- Class A: from 10.0.0.0 to 10.255.255.255
- Class B: from 172.16.0.0 to 172.31.255.255
- Class C: from 192.168.0.0 to 192.168.255.255
When a device with a private address accesses the Internet, a NAT-enabled router or gateway replaces it with a valid public address.
Example: If a host has the address 192.168.7.5, we can deduce:
- 192.168.7.0: network address
- 192.168.7.1: often the local router
- 192.168.7.5: the host itself
Another special case is 127.0.0.1, known as the "loopback".
On Linux systems, it is associated with the Interface lo. This address allows a machine to address itself for local testing or diagnostics, without going through a physical Interface. The entire 127.0.0.0/8 range is reserved for this purpose.
To optimize address use and design complex networks, the subnetmask (netmask) is essential. This binary mask separates the netid from the hostid in an IP address.
Each class has a default mask:
- 255.0.0.0 for class A,
- 255.255.0.0 for class B,
- 255.255.255.0 for class C.
Good network design follows a basic rule: devices that must communicate directly should be in the same network or subnet. To segment a network, we use subnetting, dividing a network into smaller subnets by using a more specific mask.
Subnetting example:
A class C network: 192.168.1.0/24 with a default mask of 255.255.255.0.
We want 4 subnets of up to 60 hosts each.
Step 1: Number of addresses needed per subnet = 60 + 2 reserved addresses (network + broadcast) = 62.
Step 2: Find the nearest power of 2 ≥ 62. -> 2⁶ = 64.
Step 3: Adjust the mask. Keep the netid bits and reserve the needed hostid bits. We obtain a binary mask which, once converted, gives 255.255.255.192.
11111111 11111111 11111111 11000000
Step 4: Calculate the address ranges for each subnet, varying the bits reserved for the host.
| Subnet ID (bits) | Subnet Address | Subnet Mask | Address Range | Broadcast Address |
| 00 | 192.168.1.0/26 | 255.255.255.192 | 192.168.1.1 – 192.168.1.62 | 192.168.1.63 |
| 01 | 192.168.1.64/26 | 255.255.255.192 | 192.168.1.65 – 192.168.1.126 | 192.168.1.127 |
| 10 | 192.168.1.128/26 | 255.255.255.192 | 192.168.1.129 – 192.168.1.190 | 192.168.1.191 |
| 11 | 192.168.1.192/26 | 255.255.255.192 | 192.168.1.193 – 192.168.1.254 | 192.168.1.255 |
Step 5: This creates four subnetworks, each supporting up to 62 machines, while keeping the overall addressing scheme efficient. The hostid portion is split into a subnetid part and a host part.
This fundamental principle of subnetting remains indispensable in modern network engineering, allowing precise IP allocation, better traffic control, strong segment isolation, and scalable network management.
CIDR addressing
In the early 1990s, as the Internet spread rapidly through businesses and organizations, the traditional IP addressing system based on classes (A, B, C) began to show its limits.
Its rigid structure led to significant waste of IP addresses and made routing tables increasingly large, complex, and difficult to maintain.
To address these issues, a more flexible and efficient method was introduced: CIDR (Classless Inter-Domain Routing). CIDR has gradually become the standard, largely replacing the old class-based system.
The core idea behind CIDR is the ability to group several adjacent networks, especially Class C blocks, into a single logical unit called a supernet (supernet). With this aggregation, a single entry in the routing table can represent multiple subnetworks, reducing the number of routes routers need to handle and improving their performance.
While Class C networks initially had the greatest need for aggregation due to their smaller capacity, the principle has also been applied to Class B and, in theory, even Class A networks, though the latter are less affected thanks to their large address range.
With CIDR, the concept of fixed classes disappears. The address space is treated as a continuous range that can be divided or aggregated as needed. CIDR blocks are defined using subnet masks that are not limited to the defaults of A, B, or C classes. A CIDR block can represent either a single network or a contiguous set of subnetworks sharing the same prefix.
A CIDR block is written in the format "address/prefix", where the number after the slash indicates how many bits make up the network portion. For example, /17 means that the first 17 bits identify the network, while the remaining 15 bits identify hosts.
Example:
A /17 block contains 2^(32-17) addresses so 2^15 = 32,768 total addresses. Subtracting the two reserved addresses (network and broadcast) leaves 32,766 usable host addresses. This allows network administrators to size their subnets precisely to match real-world needs, avoiding unnecessary waste.
To make CIDR sizing easier to understand, here is a table of common prefixes and their equivalent subnet masks and usable addresses:
| CIDR Prefix | Available Host Bits | Subnet Mask | Usable Host Addresses |
| /8 | 24 | 255.0.0.0 | 2^24 - 2 = 16,777,214 |
| /12 | 20 | 255.240.0.0 | 2^20 - 2 = 1,048,574 |
| /16 | 16 | 255.255.0.0 | 2^16 - 2 = 65,534 |
| /20 | 12 | 255.255.240.0 | 2^12 - 2 = 4,094 |
| /24 | 8 | 255.255.255.0 | 2^8 - 2 = 254 |
| /26 | 6 | 255.255.255.192 | 2^6 - 2 = 62 |
| /27 | 5 | 255.255.255.224 | 2^5 - 2 = 30 |
| /28 | 4 | 255.255.255.240 | 2^4 - 2 = 14 |
| /29 | 3 | 255.255.255.248 | 2^3 - 2 = 6 |
| /30 | 2 | 255.255.255.252 | 2^2 - 2 = 2 |
| /31 | 1 | 255.255.255.254 | 2^1 = 2 (point-to-point only) |
| /32 | 0 | 255.255.255.255 | 1 (host address only) |
NOTE: Historically, RFC 950 discouraged the use of subnet zero, mainly to avoid confusion in routing. This restriction became obsolete with RFC 1878, which fully allows its use. The old limitation was mostly due to imcompatibility with older hardware that could not handle CIDR correctly. Modern equipment has no such problem.
For example, the subnet 1.0.0.0 with the subnet mask 255.255.0.0 once ambiguous with the class A network identifier, is now perfectly valid and usable.
TIP: for error-free subnet calculations and rapid conversion of addresses to CIDR notation, there are handy tools like ipcalc. This "network calculator" clearly shows address breakdowns, available ranges, and associated masks, ideal for both administrators and students learning CIDR.
sudo apt install ipcalc
Quiz
Quiz1/5
net3022.4
What is a datagram in the context of the IP protocol?