Internet Protocol version 4 (IPv4) is the fourth revision in the development of the Internet Protocol (IP) and the first version of the protocol to be widely deployed. Together with IPv6, it is at the core of standards-based internetworking methods of the Internet. IPv4 is still by far the most widely deployed Internet Layer protocol (As of 2011[update], IPv6 deployment is still in its infancy).
IPv4 is described in IETF publication RFC 791 (September 1981), replacing an earlier definition (RFC 760, January 1980).
IPv4 is a connectionless protocol for use on packet-switched Link Layer networks (e.g., Ethernet). It operates on a best effort delivery model, in that it does not guarantee delivery, nor does it assure proper sequencing or avoidance of duplicate delivery. These aspects, including data integrity, are addressed by an upper layer transport protocol , such as the Transmission Control Protocol (TCP).
Internet protocol suite |
---|
Application layer |
Transport layer |
Internet layer |
Link layer |
Contents |
IPv4 uses 32-bit (four-byte) addresses, which limits the address space to 4294967296 (232) addresses. However, some address blocks are reserved for special purposes such as private networks (~18 million addresses) and multicast addresses (~270 million addresses). This reduces the number of addresses that may be allocated for routing on the public Internet. As addresses are assigned to end users, an IPv4 address shortage has been developing. Network addressing changes by classful network design, Classless Inter-Domain Routing, and network address translation (NAT) have contributed to delay significantly the inevitable exhaustion which occurred on February 3, 2011 when IANA allocated the last five blocks to the five regional Internet registries (RIRs).
This limitation stimulated the development of IPv6 in the 1990s, which has been in commercial deployment since 2006.
IPv4 addresses may be written in any notation expressing a 32-bit integer value, but for human convenience, they are most often written in dot-decimal notation, which consists of four octets of the address expressed individually in decimal and separated by periods.
The following table shows several representation formats:
Notation | Value | Conversion from dot-decimal |
---|---|---|
Dot-decimal notation | 192.0.2.235 | N/A |
Dotted Hexadecimal[1] | 0xC0.0x00.0x02.0xEB | Each octet is individually converted to hexadecimal form |
Dotted Octal[1] | 0300.0000.0002.0353 | Each octet is individually converted into octal |
Hexadecimal | 0xC00002EB | Concatenation of the octets from the dotted hexadecimal |
Decimal | 3221226219 | The 32-bit number expressed in decimal |
Octal | 030000001353 | The 32-bit number expressed in octal |
Additionally, in dotted format, each octet can be of any of the different bases. For example, 192.0x00.0002.235 is a valid (though unconventional) equivalent to the above addresses.
Originally, an IP address was divided into two parts, the network identifier represented in the most significant (highest order) octet of the address and the host identifier using the rest of the address. The latter was therefore also called the rest field. This enabled the creation of a maximum of 256 networks. This was quickly found to be inadequate.
To overcome this limit, the high order octet of the addresses was redefined to create a set of classes of networks, in a system which later became known as classful networking. The system defined five classes, Class A, B, C, D, and E. The Classes A, B, and C had different bit lengths for the new network identification. The rest of an address was used as previously to identify a host within a network, which meant that each network class had a different capacity to address hosts. Class D was allocated for multicast addressing and Class E was reserved for future applications.
Starting around 1985, methods were devised to allow IP networks to be subdivided. The concept of the variable-length subnet mask (VLSM) was introduced which allowed flexible subdivision into varying network sizes.[2][3]
Around 1993, this system of classes was officially replaced with Classless Inter-Domain Routing (CIDR), and the class-based scheme was dubbed classful, by contrast.
CIDR was designed to permit repartitioning of any address space so that smaller or larger blocks of addresses could be allocated to users. The hierarchical structure created by CIDR is managed by the Internet Assigned Numbers Authority (IANA) and the regional Internet registries (RIRs). Each RIR maintains a publicly-searchable WHOIS database that provides information about IP address assignments.
CIDR address block | Description | Reference |
---|---|---|
0.0.0.0/8 | Current network (only valid as source address) | RFC 1700 |
10.0.0.0/8 | Private network | RFC 1918 |
127.0.0.0/8 | Loopback | RFC 5735 |
169.254.0.0/16 | Link-Local | RFC 3927 |
172.16.0.0/12 | Private network | RFC 1918 |
192.0.0.0/24 | Reserved (IANA) | RFC 5735 |
192.0.2.0/24 | TEST-NET-1, Documentation and example code | RFC 5735 |
192.88.99.0/24 | IPv6 to IPv4 relay | RFC 3068 |
192.168.0.0/16 | Private network | RFC 1918 |
198.18.0.0/15 | Network benchmark tests | RFC 2544 |
198.51.100.0/24 | TEST-NET-2, Documentation and examples | RFC 5737 |
203.0.113.0/24 | TEST-NET-3, Documentation and examples | RFC 5737 |
224.0.0.0/4 | Multicasts (former Class D network) | RFC 3171 |
240.0.0.0/4 | Reserved (former Class E network) | RFC 1700 |
255.255.255.255 | Broadcast | RFC 919 |
Of the approximately four billion addresses allowed in IPv4, three ranges of address are reserved for use in private networks. These ranges are not routable outside of private networks and private machines cannot directly communicate with public networks. They can, however, do so through network address translation.
The following are the three ranges reserved for private networks (RFC 1918):
Name | Address range | Number of addresses | Classful description | Largest CIDR block |
---|---|---|---|---|
24-bit block | 10.0.0.0–10.255.255.255 | 16777216 | Single Class A | 10.0.0.0/8 |
20-bit block | 172.16.0.0–172.31.255.255 | 1048576 | Contiguous range of 16 Class B blocks | 172.16.0.0/12 |
16-bit block | 192.168.0.0–192.168.255.255 | 65536 | Contiguous range of 256 Class C blocks | 192.168.0.0/16 |
Packets with a private destination address are ignored by all public routers. Therefore, it is not possible to communicate directly between two private networks (e.g., two branch offices) via the public Internet. This requires the use of IP tunnels or a virtual private network (VPN).
VPNs establish tunneling connections across the public network such that the endpoints of the tunnel function as routers for packets from the private network. In this routing function the host encapsulates packets in a protocol layer with packet headers acceptable in the public network so that they may be delivered to the opposing tunnel end point where the additional protocol layer is removed and the packet is delivered locally to its intended destination.
Optionally, encapsulated packets may be encrypted to secure the data while it travels over the public network.
RFC 5735 defines an address block, 169.254.0.0/16, for the special use in link-local addressing. These addresses are only valid on the link, such as a local network segment or point-to-point connection, that a host is connected to. These addresses are not routable and like private addresses cannot be the source or destination of packets traversing the Internet. Link-local addresses are primarily used for address autoconfiguration (Zeroconf) when a host cannot obtain an IP address from a DHCP server or other internal configuration methods.
When the address block was reserved, no standards existed for mechanisms of address autoconfiguration. Filling the void, Microsoft created an implementation called Automatic Private IP Addressing (APIPA). Due to Microsoft's market power, APIPA has been deployed on millions of machines and has, thus, become a de facto standard in the industry. Many years later, the IETF defined a formal standard for this functionality, RFC 3927, entitled Dynamic Configuration of IPv4 Link-Local Addresses.
The address range 127.0.0.0–127.255.255.255 (127.0.0.0/8 in CIDR notation) is reserved for localhost communication. Addresses within this range should never appear outside a host computer and packets sent to this address are returned as incoming packets on the same virtual network device (known as loopback).
Networks with subnet masks of at least 24 bits, i.e. Class C networks in classful networking, and networks with CIDR prefixes /24 to /32 (255.255.255.0–255.255.255.255) may not have an address ending in 0 or 255.
Classful addressing prescribed only three possible subnet masks: Class A, 255.0.0.0 or /8; Class B, 255.255.0.0 or /16; and Class C, 255.255.255.0 or /24. For example, in the subnet 192.168.5.0/255.255.255.0 (192.168.5.0/24) the identifier 192.168.5.0 commonly is used to refer to the entire subnet. To avoid ambiguity in representation, the address ending in the octet 0 is reserved.
A broadcast address is an address that allows information to be sent to all interfaces in a given subnet, rather than a specific machine. Generally, the broadcast address is found by obtaining the bit complement of the subnet mask and performing a bitwise OR operation with the network identifier. In other words, the broadcast address is the last address in the address range of the subnet. For example, the broadcast address for the network 192.168.5.0 is 192.168.5.255. For networks of size /24 or larger, the broadcast address always ends in 255.
However, this does not mean that every address ending in 0 or 255 cannot be used as a host address. For example, in the case of a /16 subnet 192.168.0.0/255.255.0.0, equivalent to the address range 192.168.0.0–192.168.255.255, the broadcast address is 192.168.255.255. However, one may assign 192.168.1.255, 192.168.2.255, etc. 192.168.0.0 is the network identifier which should not be assigned to an interface,[4], but 192.168.1.0, 192.168.2.0, etc. may be assigned.
In the past, conflict between network addresses and broadcast addresses arose because some software used non-standard broadcast addresses with zeros instead of ones.[5]
In networks smaller than /24, broadcast addresses do not necessarily end with 255. For example, a CIDR subnet 203.0.113.16/28 has the broadcast address 203.0.113.31.
Hosts on the Internet are usually known by names, e.g., www.example.com, not primarily by their IP address, which is used for routing and network interface identification. The use of domain names requires translating, called resolving, them to addresses and vice versa.
The translation between addresses and domain names is performed by the Domain Name System (DNS), a hierarchical, distributed naming system which allows for subdelegation of name spaces to other DNS servers. DNS is often described in analogy to the telephone system directory information systems in which subscriber names are translated to telephone numbers.
Since the 1980s it was apparent that the pool of available IPv4 addresses was depleted at a rate that was not initially anticipated in the original design of the network address system.[6] The apparent threat of exhaustion was the motivation for remedial technologies, such as the introduction of classful networks, the creation of Classless Inter-Domain Routing (CIDR) methods, and network address translation (NAT), and finally for the redesign of the Internet Protocol, based on a larger address format (IPv6).
Several market forces have driven the acceleration of IPv4 address exhaustion:
A variety of technologies introduced during the growth of the Internet have been applied to mitigate IPv4 address exhaustion and its effects, such as:
The primary address pool of the Internet, maintained by IANA, was exhausted on 3 February 2011 when the last 5 blocks were allocated to the 5 RIRs.[7][8] APNIC was the first RIR to exhaust its regional pool on 15 April 2011, except for a small amount of address space reserved for the transition to IPv6, which will be allocated under a much more restricted policy.[9]
The accepted and standardized solution is the migration to Internet Protocol Version 6. The address size was increased in IPv6 to 128 bits, providing a vastly increased address space that also allows improved route aggregation across the Internet and offers large subnetwork allocations of a minimum of 264 host addresses to end-users. Migration to IPv6 is in progress but completion is expected to take considerable time.
An IP packet consists of a header section and a data section.
The IPv4 packet header consists of 14 fields, of which 13 are required. The 14th field is optional (red background in table) and aptly named: options. The fields in the header are packed with the most significant byte first (big endian), and for the diagram and discussion, the most significant bits are considered to come first (MSB 0 bit numbering). The most significant bit is numbered 0, so the version field is actually found in the four most significant bits of the first byte, for example.
bit offset | 0–3 | 4–7 | 8–13 | 14-15 | 16–18 | 19–31 | ||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
0 | Version | Header Length | Differentiated Services Code Point | Explicit Congestion Notification | Total Length | |||||||||||||||||||||||||||
32 | Identification | Flags | Fragment Offset | |||||||||||||||||||||||||||||
64 | Time to Live | Protocol | Header Checksum | |||||||||||||||||||||||||||||
96 | Source IP Address | |||||||||||||||||||||||||||||||
128 | Destination IP Address | |||||||||||||||||||||||||||||||
160 | Options ( if Header Length > 5 ) | |||||||||||||||||||||||||||||||
160 or 192+ |
Data |
Field | Size (bits) | Description |
---|---|---|
Copied | 1 | Set to 1 if the options need to be copied into all fragments of a fragmented packet. |
Option Class | 2 | A general options category. 0 is for "control" options, and 2 is for "debugging and measurement". 1, and 3 are reserved. |
Option Number | 5 | Specifies an option. |
Option Length | 8 | Indicates the size of the entire option (including this field). This field may not exist for simple options. |
Option Data | Variable | Option-specific data. This field may not exist for simple options. |
The data portion of the packet is not included in the packet checksum. Its contents are interpreted based on the value of the Protocol header field.
In a typical IP implementation, standard protocols such as TCP and UDP are implemented in the OS kernel for performance reasons. Other protocols such as ICMP may be partially implemented by the kernel, or implemented purely in user software. Protocols not implemented in-kernel, and not exposed by standard APIs such as BSD sockets, are typically implemented using a 'raw socket' API.
Some of the common protocols for the data portion are listed below:
Protocol Number | Protocol Name | Abbreviation |
---|---|---|
1 | Internet Control Message Protocol | ICMP |
2 | Internet Group Management Protocol | IGMP |
6 | Transmission Control Protocol | TCP |
17 | User Datagram Protocol | UDP |
41 | IPv6 encapsulation | ENCAP |
89 | Open Shortest Path First | OSPF |
132 | Stream Control Transmission Protocol | SCTP |
See List of IP protocol numbers for a complete list.
The Internet Protocol is the facility in the Internet architecture that enables different networks to exchange traffic and route traffic across one another. The design accommodates networks of diverse physical nature; it is independent of the underlying transmission technology used in the Link Layer. Link Layer networks of different hardware design usually vary not only in transmission speed, but also in the structure and size of valid framing methods, characterized by the maximum transmission unit (MTU) parameter. To fulfill the role of IP to traverse networks, it was necessary to implement a mechanism to automatically adjust the size of transmission units to adapt to the underlying technology. This introduced the need for fragmentation of IP datagrams. In IPv4, this function was placed at the Internet Layer, and is performed in IPv4 routers, which thus only require this layer as highest one implemented in their design.
In contrast, the next generation of the Internet Protocol, namely IPv6, does not require routers to perform fragmentation; instead, hosts must determine the path maximum transmission unit in advance of transmission and send conforming datagrams.
When a device receives an IP packet it examines the destination address and determines the outgoing interface to use. This interface has an associated MTU that dictates the maximum data size for its payload. If the data size is bigger than the MTU then the device must fragment the data.
The device then segments the data into segments where each segment is less-than-or-equal-to the MTU less the IP header size (20 bytes minimum; 60 bytes maximum). Each segment is then put into its own IP packet with the following changes:
For example, for an IP header of length 20 bytes and an Ethernet MTU of 1,500 bytes the fragment offsets would be: 0, (1480/8) = 185, (2960/8) = 370, (4440/8) = 555, (5920/8) = 740, etc.
By some chance if a packet changes link layer protocols or the MTU reduces then these fragments would be fragmented again.
For example, if a 4,500-byte data payload is inserted into an IP packet with no options (thus total length is 4,520 bytes) and is transmitted over a link with an MTU of 2,500 bytes then it will be broken up into two fragments:
# | Total length | More fragments (MF) flag set? |
Fragment offset | |
---|---|---|---|---|
Header | Data | |||
1 | 2500 | Yes | 0 | |
20 | 2480 | |||
2 | 2040 | No | 310 | |
20 | 2020 |
Now, let's say the MTU drops to 1,500 bytes. Each fragment will individually be split up into two more fragments each:
# | Total length | More fragments (MF) flag set? |
Fragment offset | |
---|---|---|---|---|
Header | Data | |||
1 | 1500 | Yes | 0 | |
20 | 1480 | |||
2 | 1020 | Yes | 185 | |
20 | 1000 | |||
3 | 1500 | Yes | 310 | |
20 | 1480 | |||
4 | 560 | No | 495 | |
20 | 540 |
Indeed, the amount of data has been preserved — 1480 + 1000 + 1480 + 540 = 4500 — and the last fragment offset (495) * 8 (bytes) plus data — 3960 + 540 = 4500 — is also the total length.
Note that fragments 3 & 4 were derived from the original fragment 2. When a device must fragment the last fragment then it must set the flag for all but the last fragment it creates (fragment 4 in this case). Last fragment would be set to 0 value.
When a receiver detects an IP packet where either of the following is true:
then the receiver knows the packet is a fragment. The receiver then stores the data with the identification field, fragment offset, and the more fragments flag. When the receiver receives a fragment with the more fragments flag set to 0 then it knows the length of the original data payload since the fragment offset multiplied by 8 (bytes) plus the data length is equivalent to the original data payload size.
Using the example above, when the receiver receives fragment 4 the fragment offset (495 or 3960 bytes) and the data length (540 bytes) added together yield 4500 — the original data length.
Once it has all the fragments then it can reassemble the data in proper order (by using the fragment offsets) and pass it up the stack for further processing.
The Internet Protocol is the protocol that defines and enables internetworking at the Internet Layer and thus forms the Internet. It uses a logical addressing system. IP addresses are not tied in any permanent manner to hardware identifications and, indeed, a network interface can have multiple IP addresses. Hosts and routers need additional mechanisms to identify the relationship between device interfaces and IP addresses, in order to properly deliver an IP packet to the destination host on a link. The Address Resolution Protocol (ARP) performs this IP address to hardware address (MAC address) translation for IPv4. In addition, the reverse correlation is often necessary. For example, when an IP host is booted or connected to a network it needs to determine its IP address, unless an address is preconfigured by an administrator. Protocols for such inverse correlations exist in the Internet Protocol Suite. Currently used methods are Dynamic Host Configuration Protocol (DHCP), Bootstrap Protocol (BOOTP) and, infrequently, reverse ARP.
Address exhaustion: