Understanding IP PDU Details For IPV4 And IPV6

IP was designed as a Layer 3 connectionless protocol. It provides the necessary functions to deliver a packet from a source host to a destination host over an interconnected system of networks. The protocol was not designed to track and manage the flow of packets. These functions, if required, are performed primarily by TCP at Layer 4.

What Is Covered

IP makes no effort to validate whether the source IP address contained in a packet actually came from that source. For this reason, threat actors can send packets using a spoofed source IP address. In addition, threat actors can tamper with the other fields in the IP header to carry out their attacks. Therefore, it is important for security analysts to understand the different fields in both the IPv4 and IPv6 headers.

The IPv4 Packet Header

The fields in the IPv4 packet header are shown in the figure.

IPv4 Packet Header

The table describes the IPv4 header fields.

IPv4 Header Field	Description
Version	Contains a 4-bit binary value set to 0100 that identifies this as an IPv4 packet.
Internet Header length	A 4-bit field containing the length of the IP header. The minimum length of an IP header is 20 bytes.
Differentiated Services or DiffServ (DS)	Formerly called the Type of Service (ToS) field, the DS field is an 8-bit field used to determine the priority of each packet. The six most significant bits of the DiffServ field are the Differentiated Services Code Point (DSCP). The last two bits are the Explicit Congestion Notification (ECN) bits.
Total length	Specifies the length of the IP packet including the IP header and the user data. The total length field is 2 bytes, so the maximum size of an IP packet is 65,535 bytes however packets are much smaller in practice.
Identification, Flag, and Fragment offset	As an IP packet moves through the internet, it might need to cross a route that cannot handle the size of the packet. The packet will be divided, or fragmented, into smaller packets and reassembled later. These fields are used to fragment and reassemble packets.
Time-to-Live (TTL)	Contains an 8-bit binary value that is used to limit the lifetime of a packet. The packet sender sets the initial TTL value, and it is decreased by one each time the packet is processed by a router. If the TTL field decrements to zero, the router discards the packet and sends an Internet Control Message Protocol (ICMP) Time Exceeded message to the source IP address.
Protocol	Field is used to identify the next level protocol. This 8-bit binary value indicates the data payload type that the packet is carrying, which enables the network layer to pass the data to the appropriate upper-layer protocol. Common values include ICMP (1), TCP (6), and UDP (17).
Header checksum	A value that is calculated based on the contents of the IP header. Used to determine if any errors have been introduced during transmission.
Source IPv4 Address	Contains a 32-bit binary value that represents the source IPv4 address of the packet. The source IPv4 address is always a unicast address.
Destination IPv4 Address	Contains a 32-bit binary value that represents the destination IPv4 address of the packet.
Options and Padding	This is a field that varies in length from 0 to a multiple of 32 bits. If the option values are not a multiple of 32 bits, 0s are added or padded to ensure that this field contains a multiple of 32 bits.

The IPv6 Packet Header

There are eight fields in the IPv6 packet header, as shown in the figure.

IPv6 Packet Header

The table describes the IPv6 header fields.

IPv6 Header Field	Description
Version	This field contains a 4-bit binary value set to 0110 that identifies this as an IPv6 packet.
Traffic Class	This 8-bit field is equivalent to the IPv4 Differentiated Services (DS) field.
Flow Label	This 20-bit field suggests that all packets with the same flow label receive the same type of handling by routers.
Payload Length	This 16-bit field indicates the length of the data portion or payload of the IPv6 packet.
Next Header	This 8-bit field is equivalent to the IPv4 Protocol field. It indicates the data payload type that the packet is carrying, enabling the network layer to pass the data to the appropriate upper-layer protocol.
Hop Limit	This 8-bit field replaces the IPv4 TTL field. This value is decremented by a value of 1 by each router that forwards the packet. When the counter reaches 0, the packet is discarded, and an ICMPv6 Time Exceeded message is forwarded to the sending host, indicating that the packet did not reach its destination because the hop limit was exceeded.
Source IPv6 Address	This 128-bit field identifies the IPv6 address of the sending host.
Destination IPv6 Address	This 128-bit field identifies the IPv6 address of the receiving host.

An IPv6 packet may also contain extension headers (EH) that provide optional network layer information. Extension headers are optional and are placed between the IPv6 header and the payload. EHs are used for fragmentation, security, to support mobility, and more.
Unlike IPv4, routers do not fragment routed IPv6 packets.

Fact Check Policy

CRMNIGERIA is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.

I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.