Every packet traveling across a network starts with something essential: its header.
Before any data can move from one device to another, routers need instructions.
Those instructions are stored inside the IPv4 Packet Header, right at the beginning of the packet.
Figure 1 – IPv4 Packet Header Structure
This small section of information guides the router on how to handle the packet.
It tells the router where the packet came from, where it should go, how long it can stay, and how to check for any corruption during its journey.When you open Wireshark or troubleshoot a network, you’re constantly looking at these headers.
Without them, data wouldn’t reach its destination or might loop forever in the network.Why the IPv4 Header Matters
Each field inside the IPv4 header has a clear, technical purpose.
Some are used by routers to forward packets, others to detect errors or handle congestion.
And even though the header looks complex, you’ll see that only a few fields truly matter in real-world troubleshooting.Now that you understand why the header exists, let’s explore its structure field by field.
→ This will make it much easier to read and interpret IPv4 packets later in Wireshark.
Answer the question below
Now that you know why the IPv4 header exists, let’s look at what it contains.
Each field plays a specific role in how routers handle and forward packets through the network.
Figure 2 – IPv4 Packet Header (20 Bytes)
Source IP Address and Destination IP Address
These fields indicate where the packet comes from and where it is going.
Routers use them to forward packets toward their correct destination, based on entries in the Routing Table.Time to Live (TTL)
The TTL field defines how long a packet can remain in the network. Each router decreases the TTL by 1 before forwarding the packet. When it reaches 0, the packet is discarded, and an ICMP Time Exceeded message is sent back to the source host. This prevents packets from looping endlessly.
Protocol
The Protocol field identifies the transport-layer protocol encapsulated inside the packet.
Common values include:1→ ICMP6→ TCP17→ UDP
This tells the receiving device which upper-layer process should handle the data.
Answer the question below
Which IPv4 field identifies the IP version being used?
DSCP and ECN
These fields belong to the Differentiated Services (DiffServ) model.
They are used for Quality of Service (QoS) to mark packets for priority or congestion handling.DSCP defines the packet’s priority level.
ECN indicates congestion without dropping packets.
Header Checksum
The Header Checksum ensures the IPv4 header hasn’t been corrupted in transit.
When a router modifies the header (for example, when it decreases TTL), it recalculates the checksum before forwarding the packet.40 % Complete: you’re making great progress
Unlock the rest of this lesson
If you’d like to continue your CCNA journey, simply create your free account.
Access all CCNA lessons
Practice with hands-on labs
Train with Practice exams and Quizzes
Progress tracking in your dashboard
Made by network engineers - CCNP certified
learners globally