Ethernet TCP IP Packet Format and header fields

Introduction : In today’s high-speed digital world, efficient and reliable data communication hinges on understanding how information travels across networks. Whether you’re streaming a video, browsing a website, or syncing files in the cloud, your data moves through multiple layers. The data packets go through the link layer, moving through the network layer and then the transport layer. At each of these layers an essential structure called the header carries metadata that governs routing, addressing, integrity, segmentation and delivery. In this page, we explore in depth the header fields of Ethernet, IP (Internet Protocol) and TCP (Transmission Control Protocol). We will explain the purpose of each field, how the fields interplay across layers.

TCP/IP Packet Structure & header fields

The following table breaks down the fields within a typical TCP/IP packet, including their sizes, types, and descriptions. Following are as per old RFCs.

• After “*Urgent Pointer” Options field will follow as per latest RFC of TCP header ( RFC 9293).
• If DF (Don’t Fragment) = 1 and the packet encounters a link with too small an MTU, the packet must be dropped rather than fragmented
• When fragmentation occurs: MF (More Fragments) = 1 for all fragments except the last one, which has MF = 0 This ‘MF’ bit, when set to 0, indicates that this packet is not followed by more fragments of the same original datagram — i.e., it’s either the only fragment or the last fragment.

Example (FTP upload with fize size of 2020 bytes)

Assume there are two hosts, i.e. client (Host#1) and server (Host#2) communicating using FTP protocol. As per Old RFC, we have IP header of 20 bytes size and TCP header of 20 bytes size. We are left with (1500-40)=1460 bytes of payload data in packet-1. Rest of the payload data i.e. 2020-1460 = 560 bytes are carried by packet#2. Following table mentions actual values for this example for both the packets.

• On a standard Ethernet network, the MTU (Maximum Transmission Unit) at the IP layer is typically 1500 bytes.

Ethernet Header

IP Header

TCP Header

During Connection Establishment (Three-way Handshake)

Following flags are set during initial tcp/ip connection establishment process.

1. Client → Server: SYN = 1, ACK = 0, other flag bits (FIN, RST, PSH, URG) = 0
2. Server → Client: SYN = 1, ACK = 1, other flag bits (FIN, RST, PSH, URG) = 0
3. Client → Server: ACK = 1, other flag bits (SYN, FIN, RST, PSH, URG) = 0

For both the example, packets during data phase following are the setting of 6 flags.

1. Packet 1 (data): SYN=0, ACK=1, FIN=0, RST=0, PSH=1, URG=0
2. Packet 2 (data): SYN=0, ACK=1, FIN=0, RST=0, PSH=1, URG=0

If the receiver sends an ACK only (no data) back to the sender, flags are set as follows.

• ACK packet: SYN=0, ACK=1, FIN=0, RST=0, PSH=0, URG=0

TCP Header as defined in RFC9293

Image Courtesy (IETF) : RFC 9293

Following are the changed fields compared to previous RFCs.

Data Offset (4 bits) :

• Indicates the size of the TCP header in 32‐bit words. In other words, it tells where the data payload begins. Minimum value is 5 (i.e. 20 bytes) for a header with no options.

• Example : If data offset = 5, then header is 5 × 32 bits = 160 bits = 20 bytes.

• Because of this field, the header may include optional fields (so header length can vary).

Options (variable length, optional):

• Immediately follows the fixed header fields. Because the Data Offset field sets the header length, options may or may not be present and may be of varying length.
• Options must align on 32‐bit word boundaries (padding may be required) so that the header ends at a 32‐bit boundary.
• The maximum header length (with options) is typically 60 bytes. For which, data offset maximum value can be 15 (15 × 4 = 60 bytes).

Conclusion: From the source and destination MAC addresses in the Ethernet header, to the version, protocol identifier and TTL in the IP header, and onward to the ports, sequence and acknowledgment numbers in the TCP header; these fields together ensure that data is delivered, in order, intact and to the right place.