What is a network packet?

How network packets work and are sent through the internet

Each network packet uses the best route available to its destination. This means that even adjacent packets in the same message can follow different paths as the optimal route changes constantly. This makes network traffic more efficient in terms of balancing the load across various pieces of equipment. For instance, if one router is heavily congested during message transmission, packets can be redirected to a different path to ensure the entire message gets to its destination. However, this also means that packets can sometimes arrive out of order, get lost in transit or be duplicated due to accidental retransmission.

Each packet is a small part of the larger message that is to be sent from a source to a destination over the internet. It contains certain contents, known as its payload, as well as information about those contents, placed in what is known as the packet header. The header is placed at the front of the packet. This enables the receiving router or switch to know where the packet comes from (source), what to do with it and where to send it (destination). Thus, along its journey, every packet goes through the process of encapsulation, which adds information to it as it travels toward its destination and marks where it begins and ends.

Intermediate routers or switches direct each packet to its destination, while the receiving router or switch reassembles all the packets to display the full message. The intermediate devices use packet switching, which is a method to process packets independently from each other. This prevents a few large transmissions from dominating the network. It also enables multiple devices to simultaneously communicate with each other over the same network without having to wait and without suffering any deterioration in communication quality or speed.

Why use packets?

The underlying network structure and protocol used dictate the packet size and structure that can be supported. Generally, most networks today operate on the TCP/IP protocol stack, which enables devices connected to the internet to communicate with one another across different networks. Here's where packets come in.

Packets are used for efficient and reliable transmission of data. Instead of transferring a huge file as a single data block, sending it in smaller packets improves transmission rates and also increases the likelihood that the message is successfully delivered. While it's possible to transfer data without using packets, it is highly impractical and time-consuming to send the data without first dividing it into smaller segments.

Packets also enable multiple computers to share the same connection. For example, the same server can transmit different files to multiple computers at the same time. Such flexibility means that different types of data can be transmitted over the same network simultaneously and without data losses.

There are other benefits to using packets:

• Packets use the best route available for delivery. This enables them to be routed across congested parts of the network without slowing them down in a specific spot. If a particular path is unavailable or congested, rerouting increases the probability that the packets are correctly delivered to the destination.
• The different paths can be dynamically chosen and used to route packets to their destinations based on current network conditions. This process, known as packet switching, reduces network congestion and improves network reliability.
• If an error occurs, the packets can be stored and retransmitted later.
• Packet headers can include information that enables routers to identify and retransmit lost packets. This boosts data integrity and minimizes the potential for data loss.
• To ensure secure delivery, packets can be encrypted.
• Packet switching is a cost-effective method of data transmission compared to other methods, like circuit switching. The latter requires a dedicated channel between the sender and the receiver, which increases costs. Also, the line may remain idle between transmissions, resulting in wasted bandwidth. For these reasons, packet switching is preferred over circuit switching for transmitting data.

Parts of a network packet in IPv4

IPv4 is the most widely used version of the Internet Protocol. It incorporates a set of rules that enables devices to connect to the internet, with each connecting device assigned a unique, 32-bit identifier called an IP address. When data is sent between devices, the network packets include the IP addresses of both devices. Routers and switches use this information to route packets across the network from the source device to the destination device.

In IPv4, network packets are similar in function to a postal package. Each packet can contain three components: the packet header, payload and trailer. The header is akin to an envelope, the payload is like the content inside and the trailer is comparable to a signature.

Packet header

The header is the beginning or front part of a packet. It contains instructions related to and identifying information about the data in the packet, such as its origin IP address, destination IP address and contents. Any processing or receiving device, such as a router or a switch, sees the header first, which enables it to properly direct that packet to the intended destination.

The following fields are included in an IPv4 protocol header:

• Version. This field indicates the IP version (v4).
• Internet header length. IHL is the length of the internet header in 32-bit increments and points to the beginning of the data. It is a 4-bit field.
• Type of service. This 8-bit field marks the packet to indicate the quality of service desired.
• Total length. This is the length of the datagram measured in octets and includes the internet header and data. This 16-bit field allows the length of a datagram to be up to 65,535 octets.
• Identification. The sender assigns a 16-bit identifying value to aid in assembling the fragments of a datagram.
• Flags. These are various control flags used for fragmentation. The first bit of the flag is always set to 0.
• Fragment offset. This 13-bit field indicates where in the datagram this fragment belongs. The fragment offset is measured in units of eight octets, or 64 bits. The first fragment has offset zero.
• Time-to-live. The TTL field indicates the maximum time the IP packet is allowed to remain in the network before being discarded. It is needed to prevent packets from looping around forever. Every time the packet goes through a router, the TTL field is reduced by one. Once the field contains the value 0, the packet is dropped.
• Protocol. This 8-bit field indicates the next-level protocol used in the data portion of the packet.
• Header checksum. A checksum is used by the receiver to detect any corruption or errors in the packet header. It is a 16-bit field.
• Source address. This is the 32-bit source IP address.
• Destination address. This is the 32-bit destination IP address.
• Options. This field is optional, and its length can be variable. A source route option is one example, where the sender requests a certain routing path. If an option is not 32 bits in length, it uses padding options in the remaining bits to make the header an integral number of 4-byte blocks.

Payload

The IP packet payload is the data the packet carries to its destination. This data may be the contents of an email, webpage, video or other form of digital media. The receiving device interprets the payload depending on the protocol used. The payload is padded with zero bits to ensure that the packet ends on a 32-bit boundary. This ensures efficient packet processing by the network hardware.

Trailer

Sometimes, certain network protocols also attach an end part or trailer to the packet. An IP packet doesn't contain trailers, but Ethernet frames do, either to indicate the end of the packet or to perform error correction.

Network packets in IPv6

IPv6 is the newer version of IPv4. When IPv4 was developed in the early 1980s, it was difficult to conceive the world would fully deplete its 4.3 million addresses. Work on its successor, IPv6, began in 1994, yet adoption has only recently gained momentum. IPv6 is a more streamlined version of IPv4 and provides better support for real-time traffic by eliminating rarely used or unnecessary fields. The two coexist, as IPv4 is still used to route much of today's internet traffic. As of January 2025, Google reported that 42.75% of its traffic occurs over IPv6 connections.

The structure of data packets differs between IPv6 and IPv4. Notably, IPv6 packet headers contain more fields, as an IPv6 address is four times larger than an IPv4 address. The header fields in an IPv6 packet are the following:

• Version. This 4-bit field indicates the IP version (IPv6). The bit sequence is 0110.
• Traffic class. This field indicates the packet priority so that routers handle it properly. Packets with the lowest priority are discarded if there is network congestion to prevent the destination from being overwhelmed with an excessive amount of data. Traffic class is an 8-bit field, with bits 0 to 7 assigned to congestion-controlled traffic.
• Flow label. The source device uses a 20-bit flow label to control the packet flow and request special handling by intermediate IPv6 routers. Flow is controlled by labeling the packets with a nonzero value.
• Payload length. This 16-bit field indicates the payload size, i.e., the amount of information contained in a particular packet's payload.
• Next header. This defines what extension header comes immediately after the IPv6 header. The field contains 8 bits.
• Hop limit. This field, which is the same as TTL in IPv4, indicates how many intermediate routers a packet is allowed to travel before it is discarded.
• Source address. As with IPv4, this field indicates the 128-bit IP address of the packet source.
• Destination address. This indicates the packet destination. In IPv6, both the source address and destination address fields are 128 bits in length.

In addition to the header, an IPv6 packet may also contain an authentication header (AH) and an Encapsulating Security Payload (ESP). The AH -- introduced in IPv6 and, therefore, not present in IPv4 -- provides data origin authentication for IP datagrams. It also calculates an Integrity Check Value over the payload to provide protection from replay attacks. The ESH encrypts the payload of the IPv6 packet to increase its confidentiality and ensure its privacy.

What is packet loss?

As the term suggests, packet loss refers to situations where a packet gets lost in the network and never arrives at its intended destination. Packet loss is expressed as the percentage of lost packets compared to the total number of packets sent.

Packet loss can cause performance issues during digital communications. For example, users may experience loss of network connectivity or slow service, or they may receive incomplete data, such as incomprehensible text, skipped video or missing images. These issues can affect user experience and disrupt business operations that rely on the internet. In some cases, packet loss may create backdoors that threat actors can exploit to gain unauthorized access to the network and to steal sensitive or mission-critical data.

There are several causes of packet loss:

• Network congestion.
• Data transmission errors.
• Use of outdated network hardware.
• Malfunctioning or buggy software.
• Denial-of-service (DoS) attacks.

One way to minimize packet loss, especially when due to network congestion, is to increase network bandwidth. Techniques that streamline traffic flows, such as deep packet inspection, can also reduce congestion. Updating hardware and software and using wired connections instead of wireless can also reduce instances of packet loss.

Learn more about packet loss and ways to detect and address it.

Packet switching vs. circuit switching

In the world of telecommunications, both circuit switching and packet switching are popular methods of interconnecting communicating devices. However, they accomplish this differently. Packet switching is used for grouping data into packets for transmission over a digital network. It's an efficient way to handle transmissions on a connectionless network, such as the internet.

On the other hand, circuit-switched transmission is used for voice networks. In circuit switching, lines in the network are shared among many users as with packet switching. However, each connection requires a dedicated path for the duration of the connection.

The following highlights the major benefits and drawbacks of both technologies.

Packet switching

• It is a connectionless service and doesn't require a dedicated path between the sender and the receiver.
• Since there is no dedicated connection, packet switching cannot be used in applications that require little delay and higher service quality, such as voice.
• Each packet carries pertinent information, such as source, destination and protocol identifiers, which help the packet select the best available route to its destination and thus maximize the likelihood of delivery.
• The grouping of data into packets in a packet-switched network enables interoperability across different networks and devices. For example, a host in a packet-switched network, such as Ethernet, can send data that traverses its local area network without having any information about the destination's LAN or any of the devices or networks between its LAN and the destination's LAN.
• While packet-switched networks can't guarantee reliable delivery, they do minimize the risk of data loss, as the receiving device can request the missing packet upon detection and the originating device can then resend it.
• No bandwidth reservation is required in advance, and no call setup is required.
• Protocols used in packet switching are complex.
• If strong security measures, like encryption, firewalls, authentication (devices and users) and access control lists, are not used during packet transmission, the connection can be insecure, exposing the packets to interception, access and even tampering. Other issues may also arise, such as man-in-the-middle attacks, DoS attacks and data breaches.

Circuit switching

• It reserves the entire bandwidth in advance, so a connection setup is required for data transfers.
• The reserved bandwidth improves the quality of the connection and network performance due to the reduced congestion.
• It requires a dedicated path before the data can travel between the source and the destination, making it suitable for long and continuous communication applications, such as voice.
• At the same time, the dedicated nature of circuit switching makes it impossible to transmit other data even when the channel is free. For example, even if there's no transfer of data, the link is still maintained until it's terminated by users.
• As a result, bandwidth gets wasted because other senders can't use the same path during periods of congestion.
• Circuit switching is fully transparent; the sender and receiver can use any bit rate format or framing method.
• It is less reliable than packet switching, as it doesn't have the means to resend lost packets.

Learn how TCP/IP and the Open Systems Interconnection model differ when it comes to network communications.