Network packets explained

A network packet is a small unit of data transmitted over a computer network. It is the fundamental unit of data in network communication and plays a crucial role in delivering information between devices on the network. Think of a network packet as a digital envelope containing information to be sent from one device to another.

Each network packet consists of several parts:

  1. Header: The header contains essential information about the packet, such as the source and destination addresses, protocol type, packet length, and other control information needed for the proper delivery of the data.
  2. Payload: The payload, also known as the data segment, contains the actual information being transmitted. This can include web pages, emails, files, images, audio, video, or any other data exchanged between devices.
  3. Footer: The footer, also known as the trailer, is an optional part of the packet that contains error-checking information, such as checksums or cyclic redundancy checks (CRC). It helps ensure the integrity of the packet during transmission and detect any errors that may have occurred.

When data is sent from one device to another, it is broken down into smaller packets to be transmitted across the network. Each packet is then sent individually, and the receiving device reassembles the packets into the original data stream.

Imagine sending a long letter through the postal service. Instead of sending the entire letter as one piece, you divide it into smaller envelopes (packets), each containing a portion of the letter. Each envelope has the recipient’s address (destination address) and the sender’s address (source address) written on it, along with a sequence number to ensure the correct order of reassembly. Once all the envelopes reach their destination, the recipient can reassemble the original letter using the sequence numbers.

This packet-based communication is the foundation of data transmission in computer networks. It allows for efficient and reliable data transfer, even over large and complex networks, as each packet can take different routes to reach its destination. If a packet is lost or corrupted during transmission, the receiving device can request a retransmission of that specific packet, minimizing the impact of errors on the overall communication.

Network packets are the building blocks of modern communication and enable the internet, local area networks (LANs), and wide area networks (WANs) to function, allowing devices to exchange data and connect with each other across vast distances.

Anatomy of a network packet

Header: The header is the first part of the network packet and contains crucial information needed to route and deliver the packet to its destination. It typically includes:

  • Source IP Address: The IP address of the sender (source) device. It is typically 32 bits long and uniquely identifies the sender. For example, 192.168.1.10.
  • Destination IP Address: The IP address of the recipient (destination) device. It is also 32 bits long. For example, 8.8.8.8.
  • Protocol: A 1-byte field that indicates the type of protocol being used for the data transmission. Common protocols include:
    • TCP (Transmission Control Protocol) – Protocol number: 6
    • UDP (User Datagram Protocol) – Protocol number: 17
    • ICMP (Internet Control Message Protocol) – Protocol number: 1
    • HTTP (Hypertext Transfer Protocol) – Protocol number: 80
    • HTTPS (Hypertext Transfer Protocol Secure) – Protocol number: 443
    • SMTP (Simple Mail Transfer Protocol) – Protocol number: 25
    • POP3 (Post Office Protocol version 3) – Protocol number: 110
    • IMAP (Internet Message Access Protocol) – Protocol number: 143
    • DNS (Domain Name System) – Protocol number: 53
    • FTP (File Transfer Protocol) – Protocol number: 21
    • SSH (Secure Shell) – Protocol number: 22
    • RDP (Remote Desktop Protocol) – Protocol number: 3389
  • Source Port Number: A 2-byte field that represents the port number used by the sending application on the source device. For example, 8080.
  • Destination Port Number: A 2-byte field that represents the port number used by the receiving application on the destination device. For example, 80 for HTTP.

Payload: The payload contains the actual data being transmitted. Its size and structure depend on the application-layer protocol in use. For example:

  • In a Hypertext Transfer Protocol (HTTP) packet, the payload would contain the requested web page or data.
  • In a File Transfer Protocol (FTP) packet, the payload would contain the file being transferred.
  • In a Voice over IP (VoIP) packet, the payload would contain the audio data of the voice call.

Footer (Optional):

  • Checksum: A value calculated from the contents of the packet used to detect errors during transmission. It is used for error-checking purposes to ensure the integrity of the packet. The checksum is typically placed at the end of the header. For example, 0x2E35.
  • Padding: Extra bits added to the end of the packet to ensure it meets the required size. Padding is often used to align the packet to a specific boundary or to meet hardware requirements. It is not always present in every packet.

Let’s visualize the position of each component in a network packet:

    0               16              32              48
    +-------------------------------------------------+
    |                  Header (40-60 bytes)           |
    +-------------------------------------------------+
    |                                                 |
    |                  Payload (variable size)        |
    |                                                 |
    +-------------------------------------------------+
    |                    Footer (optional)            |
    |                                                 |
    +-------------------------------------------------+

Example of a TCP packet:

   0               16              32              48
   +-------------------------------------------------+
   |          Source IP Address (32 bits)            |
   +-------------------------------------------------+
   |        Destination IP Address (32 bits)         |
   +-------------------------------------------------+
   |Protocol (1 byte)| Src Port (2 bytes)| Dest Port |
   +-------------------------------------------------+
   | Sequence Number (32 bits) | Acknowledgment Num.|
   +-------------------------------------------------+
   | Data Offset |Reserved|   Control Flags  |Window|
   +-------------------------------------------------+
   |        Checksum (16 bits)       |  Urgent Ptr  |
   +-------------------------------------------------+
   |                 Options (if any)                |
   +-------------------------------------------------+
   |                                                 |
   |               TCP Payload (variable size)       |
   |                                                 |
   +-------------------------------------------------+
   |                      TCP Footer                 |
   +-------------------------------------------------+

Example: HTTP Packet

   0               16              32              48
   +-------------------------------------------------+
   |       192.168.0.10 (Source IP Address)          |
   +-------------------------------------------------+
   |        151.101.65.69 (Destination IP Address)   |
   +-------------------------------------------------+
   |   6 (Protocol - TCP)  | Src Port: 49152       |
   +-------------------------------------------------+
   | Dest Port: 80 (HTTP)   | Sequence Number: 12345|
   +-------------------------------------------------+
   | Data Offset |Reserved|  Control Flags (e.g., SYN)|Window|
   +-------------------------------------------------+
   |        Checksum (16 bits)       |  Urgent Ptr  |
   +-------------------------------------------------+
   |                 Options (if any)                |
   +-------------------------------------------------+
   |                                                 |
   |      HTTP Payload (e.g., GET /index.html HTTP/1.1)|
   |                                                 |
   +-------------------------------------------------+
   |                      TCP Footer                 |
   +-------------------------------------------------+

Example: HTTPS Packet

   0               16              32              48
   +-------------------------------------------------+
   |       192.168.0.10 (Source IP Address)          |
   +-------------------------------------------------+
   |        151.101.65.69 (Destination IP Address)   |
   +-------------------------------------------------+
   |   6 (Protocol - TCP)  | Src Port: 49152       |
   +-------------------------------------------------+
   | Dest Port: 443 (HTTPS)| Sequence Number: 67890|
   +-------------------------------------------------+
   | Data Offset |Reserved|  Control Flags (e.g., SYN)|Window|
   +-------------------------------------------------+
   |        Checksum (16 bits)       |  Urgent Ptr  |
   +-------------------------------------------------+
   |                 Options (if any)                |
   +-------------------------------------------------+
   |                                                 |
   |    Encrypted HTTPS Payload (e.g., TLS Handshake) |
   |                                                 |
   +-------------------------------------------------+
   |                      TCP Footer                 |
   +-------------------------------------------------+

Detailed explanation for each of the fields in an HTTP packet – PS You’ll see a lot of repetition below that was already covered

  1. Source IP Address: This 32-bit field indicates the IP address of the sender (source) of the packet.
  2. Destination IP Address: This 32-bit field indicates the IP address of the receiver (destination) of the packet.
  3. Protocol: This 1-byte field specifies the type of protocol being used for the data transmission. Common values include:
    • 6: Transmission Control Protocol (TCP)
    • 17: User Datagram Protocol (UDP)
    • 1: Internet Control Message Protocol (ICMP)
  1. Src Port (Source Port): This 2-byte field represents the port number used by the source device for the communication.
  2. Dest Port (Destination Port): This 2-byte field represents the port number used by the destination device for the communication.
  3. Sequence Number: In TCP packets, this 32-bit field indicates the sequence number of the first data byte in the current TCP segment.
  4. Acknowledgment Number: In TCP packets, this 32-bit field indicates the sequence number of the next expected data byte from the other party.
  5. Data Offset: This 4-bit field represents the size of the TCP header in 32-bit words (i.e., 4 bytes per word). It helps identify the start of the TCP data.
  6. Reserved: These 6 bits are reserved for future use and currently have no specified function.
  7. Control Flags: These 6 bits, known as TCP flags, carry control information for the TCP session. Common flags include:
    • SYN (Synchronize): Used to initiate a connection.
    • ACK (Acknowledgment): Confirms the receipt of data.
    • FIN (Finish): Used to terminate a connection.
    • RST (Reset): Resets a connection in case of an error.
  8. Window: This 2-byte field represents the number of data bytes that the sender can accept before receiving an acknowledgment.
  9. Checksum: This 16-bit field contains a checksum value used for error detection during packet transmission.
  10. Urgent Pointer: This 16-bit field is used in conjunction with the URG (Urgent) flag to indicate that the data in the packet requires immediate attention.
  11. Options: This field, if present, can contain additional TCP header options, such as window scaling, selective acknowledgment, and timestamps.
  12. TCP Payload: The actual data being transmitted in the TCP segment, such as HTTP requests, email contents, etc.
  13. TCP Footer: The last part of the TCP packet, which is typically not used for regular communication.

Note: The actual size and structure of the packet may vary depending on the specific protocol, headers, and options used. Additionally, some fields, such as the options, might not always be present in every packet.

Overall, network packets play a fundamental role in data communication across networks, enabling the reliable and efficient transfer of data between devices and applications.

Scroll to Top