X
Akamai
Login
Login Close
Control Center
Access the Akamai platform
Login Close
Cloud Manager
Manage your cloud resources

What Are Packets?

What are packets and how are they delivered

We’re now going to look at the Internet Protocol, IP. We’ll first look at IP packets. Then we’ll look at how packets are addressed, and then finally we’ll look at naming, which is the mechanism by which names are converted into addresses. I am assuming that you have already viewed the presentations on the Web Protocol.

Recall that when we looked earlier at the Web Protocol, HTTP, and HTTPS, and we saw that the Web Protocol involves request and response messages. In order for those messages to traverse the internet, they have to be put into envelopes, and those envelopes have to be addressed. This process is analogous to the postal mail that we’re all familiar with. If I want to send a letter to my sister, I can’t just write “To Joanna” at the top of the letter and hand it to the post office. Instead I have to put the letter into an envelope, and I have to address that envelope in the proper way. When it comes to the internet, these envelopes are called packets. Soon we will look at how packets are addressed. Note also that packets have a fixed maximum size, so long messages have to be broken into multiple packets.

To see how this works, let’s revisit our example. Recall that we started by entering the address in the address bar or clicking on a link, and then the browser sends an encrypted request message to the web server. Let’s now look more closely at this step: sending the encrypted request message.

First, we have to create a new packet and address it. In this case, it is going to the Apple web server, and it is coming from my laptop. Of course, real internet addresses don’t look quite like this, but we’ll get to that. Now, we can place the encrypted request message into the packet. Then we can send the packet to its destination: the Apple web server.

Upon receiving the packet, the Apple web server can then remove the message from the packet and then continue on with decrypting it and reading it.

The exact same process is followed for the encrypted response. In this example, the encrypted response is too big to fit into one packet, so it is broken into two.

A key point is that IP is what’s called a network-layer protocol. Its job is to move data in packets through the internet from source to destination.

  • IP specifies how the packets are addressed.

  • IP specifies the maximum packet size.

  • But IP does not specify or restrict what goes inside the packet. This is a key point.

Things you find inside an IP packet include:

  • Web request and response messages

  • Voice over IP (VoIP)

  • Real-time streaming

  • Email messages

  • Domain Name System (DNS) request and response messages

All of these are examples of application-layer protocols.

Layering is a critical concept in communication protocols. Application endpoints speak and understand their application protocols. For example:

  • Web browsers and servers speak and understand HTTP and HTTPS

  • Email readers and servers speak and understand the email transfer protocol, which is called (Simple Mail Transfer Protocol, or SMTP)

But network elements such as routers don’t have to speak or understand any of these protocols! They only need to speak and understand the Internet Protocol. Applications look inside the packets whereas network elements look at the outside. Compare this again to postal mail. I could write a letter to my sister using a secret language that only we know, but so long as I put that letter into an envelope that is addressed in the proper way, then the postal service can deliver that letter — no problem. My sister and I look inside the envelope, but the postal service only looks at the outside.

This separation of layers has fueled tremendous innovation. At this point, there are thousands of application-layer protocols, and there are many link-layer protocols. Think of the link layer as the physical connection, such as Ethernet, Wi-Fi, and cellular. But there is only one network-layer protocol, and that is IP.  

New applications can easily be layered on top of IP. Anyone can invent a new application protocol, and as long as the messages can be put into IP packets, it will work on the internet. No changes to any network elements, such as routers, are needed. The WWW [World Wide Web] is a great example. When IP and the internet were first created, the WWW didn’t even exist. Then, when Tim Berners-Lee created the WWW, he just had to put his newly invented request and response messages into IP packets. No changes to IP or the internet were needed. The whole thing just worked.

Likewise, new link technologies can be layered below. Anyone can invent a new link technology, and so long as it can carry IP packets, it can be part of the internet and carry any applications. Examples are Wi-Fi and IPoAC.

You haven’t heard of IPoAC? Well, it stands for IP Over Avian Carriers. This was a real proposal, and despite the notable dating of this proposal, it actually makes an important point. If you can get pigeons to carry IP packets, then you could run WWW applications with pigeons. Slow, for sure, but it would work.

What are IP packets?

The internet used to be known as the “information superhighway.” This name described how computers could communicate with each other at super-fast speed across the distributed computer network.

An IP packet is a small unit of data formatted for transmission across an IP network using the TCP/IP (Transmission Control Protocol/Internet Protocol) protocol suite. Large files, messages, or media streams are divided into a number of packets so they can travel efficiently across networks and be reassembled at their final destination.

Each packet contains both data and control information. The data portion (payload) contains the actual content being transmitted — such as text, images, or video — while the control information in the packet header includes details such as the source and destination IP addresses, time to live, packet length, and routing instructions.

Breaking data into small packets allows networks to use available bandwidth efficiently and manage large volumes of network traffic across the internet. The total number of packets required to send information depends on the size of the data being transmitted.

 

How are IP packets delivered?

 

The internet is a “packet switching network.”, a term is used to describe how networking equipment processes data packets and routes them dynamically through the network. Packet switching differs from circuit switching, an older networking method used in traditional telephone systems where a dedicated communication path is reserved for the duration of a call.

Each packet is transmitted using  Internet Protocol (IP). Higher-layer protocols such as TCP, UDP, or ICMP may be encapsulated inside the IP packet to provide additional functionality like reliability or messaging. IP operates at the network layer of the OSI model and is responsible for routing packets across the IP network, while the Transmission Control Protocol operates at the transport layer to help ensure reliable delivery.

 

IP networks use a connectionless approach, meaning packets are sent independently and may travel along different routes through routers and network infrastructure before arriving at their final destination. To give you an idea of an IP packet’s size, an IPv4 packet can be as small as 20 bytes (the minimum header size) and up to 65,535 bytes in total length, including both header and payload.

As packets move across the network, they may be encapsulated in link-layer frames such as Ethernet frames that include hardware identifiers like a MAC address and the destination network interface.

What does IP specify?

 

The Internet Protocol (IP) is a network layer protocol within the OSI model used to specify the following concerning IP packets:

  • How the packets are addressed

  • The maximum size of a packet

  • Routing information used to deliver packets across an IP network

IP does not define the structure of application data inside the packet, but it does include a protocol field in the header that identifies the encapsulated transport protocol, such as TCP, UDP, or ICMP.

What is inside an IP packet?

 

IP packets can be compared to a physical letter. For example, if you want to send a letter to a friend, you place the letter in an envelope, then address the envelope so the letter can be routed to the correct person. 

An IP packet consists of a header and a payload. The header contains routing and control information used by network devices, while the payload carries the actual data being transmitted.

Included within an IP packet as it is routed to the website are the following elements:

  • Web request and response messages

  • Voice over Internet Protocol (VoIP)

  • Real-time streaming

  • Email messages

  • Domain Name System (DNS) request and response messages

All of the above are application-layer protocols, whereas the IP is a network layer.

 

IP packet communication

 

In our related glossary page on HTTPS the secure version of the web protocol HTTP), we described how the request-response flow of the HTTPS protocol allowed information to be transmitted between a client (browser) and a web server. The IP packet enters during steps 2 and 3 of the HTTPS flow.

Follow the full request-response flow of HTTPS

Step 2 of HTTPS flow

Starting at step 2 of the HTTPS request-response flow, the following process occurs:

The browser sends a request to the web server. This request is first encrypted, and an IP packet is created; the encrypted message is then placed into the IP packet.

Before being transmitted across the network, the packet is encapsulated in a link-layer frame — often an Ethernet frame — that contains the MAC address of the sending and receiving devices and identifies the appropriate network interface.

This packet is then sent to its destination (web server).

Step 3 of HTTPS flow

The IP packet from the client reaches the web server; the message it contains is decrypted and read. A response message is generated and encrypted before being placed into an IP packet and returned to the client.

 If the encrypted response is too big to fit into one packet, it is broken into smaller packets. Protocols such as TCP track packets using identifiers like a sequence number to ensure packets are received in the correct order and without missing data.

What are payloads and headers in an IP packet?

 

An IP packet comprises a header and a payload.

  • The payload: This is the actual data that the packet or packets contain, e.g., text, image, etc. This is the equivalent of a physical letter you’d send to a friend.

  • The header: This is equivalent to the envelope that contains the letter. The packet header or IP header is at the beginning of the packet. It contains the source and destination IP addresses along with other fields such as the packet length, protocol identifier, time to live (TTL), and fragmentation information.

Additional fields in the header may include:

  • Time to live (TTL), which prevents packets from circulating indefinitely in a network.
  • Type of service (ToS) fields used to prioritize certain types of network traffic.
  • Quality of service indicators that help manage bandwidth and latency for specific application.

Integrity checking at the IP layer is handled by the IPv4 header checksum. When transmitted over networks such as Ethernet, the IP packet is encapsulated in a frame that may include a trailer (such as a CRC) at the link layer.

 

The network layer protocol and application-layer protocols

 

Layering is an essential concept in communication protocols. Application endpoints speak and understand application protocols. For example, web browsers and servers communicate using HTTP and HTTPS, and email readers and servers communicate using the email transfer protocol (Simple Mail Transfer Protocol, SMTP).

However, there is only one network protocol — the Internet Protocol (IP). The thousands of application-layer protocols and many link-layer protocols — such as Ethernet, Wi-Fi, and cellular — communicate over this single network protocol. 

In the OSI model, IP operates at the network layer, while protocols like TCP and UDP operate at the transport layer to coordinate packet delivery and reliability.

This separation of layers, with a standardized IP backbone, has fueled innovation. Having a single network-layer facilitates the development of applications that can be easily layered on top of IP; if the application supports messages that can be placed in IP packets, it will work on the internet — the whole system working symbiotically. No changes to any network elements, such as routers, are needed.

The World Wide Web (WWW) is an example of this innovation. When IP and the internet were first created, the WWW didn’t exist. Tim Berners-Lee used this layer separation to build the WWW, as the request and response messages could be placed in IP packets. No IP or internet changes were needed: The whole thing just worked. 

Akamai, packets, and cloud computing

 

Akamai’s authority in cybersecurity was built upon a deep understanding of how protocols such as IP, HTTP, and HTTPS work. Because packets are the fundamental unit of data transmission across the internet, Akamai’s edge network is designed to optimize packet delivery, manage network traffic efficiently, and reduce packet loss across distributed infrastructure.

As well as security, Akamai optimizes cloud computing with our suite of cloud computing solutions; provides security, scalability, and visibility; and is agnostic to the cloud service provider. Our cloud computing product suite includes the Download Delivery product line that optimizes large HTTP file downloads flawlessly, every time, at a global scale.

Akamai’s internet attack protection

 

Cloud-based cyberattacks are ubiquitous. Akamai is dedicated to eradicating internet-borne web exploits. IP packet loss can be caused by distributed denial-of-service (DDoS) attacks against a web server. Our dedicated infrastructure provides DDoS prevention to stop attacks in the cloud before they reach applications, data centers, and internet-facing infrastructure — public or private. Akamai’s unique architecture segments DNS resources across dedicated, non-overlapping clouds. More than 225 frontline SOCC responders back Akamai; our fully managed solution filters out attack traffic and stops even the most significant attacks, freeing your defenders to focus on high-priority security programs. Akamai protects the modern enterprise from vulnerabilities introduced by the cloud and a distributed workforce.

Frequently Asked Questions

IP packets are small units of data used to transmit information across an IP network using the Internet Protocol. Each packet contains a header with routing and control information and a payload containing the actual data. Large files and messages are divided into multiple packets so they can travel efficiently across networks and be reassembled at their final destination.

Yes. Packet loss occurs when IP packets fail to reach their destination during transmission across a network. Packet loss is typically caused by network congestion, insufficient bandwidth, hardware failures, misconfigured network devices, or cyberattacks such as distributed denial-of-service (DDoS) attacks. Lost packets can slow applications, disrupt streaming, or cause connection issues.

A datagram is a unit of data transmitted across a packet-switched network. An IP packet is a type of datagram used in IP networks to deliver data between devices. Some datagrams are sent using UDP (User Datagram Protocol), a connectionless transport protocol that sends packets without guaranteeing delivery or ordering.

Packet switching is a networking method that divides data into small packets and sends them independently across a network. Each packet can travel along different routes to its destination, where the packets are reassembled. Packet switching allows networks to use bandwidth efficiently and is the core technology behind how the internet transmits data.

A packet is a unit of data used at the network layer of the OSI model, while a frame is a unit of data used at the link layer. Packets contain IP addressing and routing information, while frames include hardware-level identifiers such as MAC addresses used to transmit data between devices on a local network.

Why customers choose Akamai

Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence.

Related Blog Posts

DNSSEC helps protect your domain against cache poisoning and answer forgery. It’s a crucial addition to your domain.
DNSSEC helps protect your domain against cache poisoning and answer forgery. It’s a crucial addition to your domain.
What Is DNSSEC, and How Does It Work?
Read how DNSSEC enhances security by adding cryptographic signatures to DNS records, ensuring data is securely transmitted over Internet Protocol (IP) networks.
Read more
The observed attacks sparked conversations both publicly and privately among several organizations, including Akamai.
The observed attacks sparked conversations both publicly and privately among several organizations, including Akamai.
Anatomy of a SYN-ACK Attack
Learn how the TCP SYN-ACK attack vector reflection works, why it’s uncommon, and concerns it raises for security.
Read more
Web applications and APIs will continue to proliferate, fuel innovation, and deliver the experiences that define our modern world.
Web applications and APIs will continue to proliferate, fuel innovation, and deliver the experiences that define our modern world.
Why (and How) APIs and Web Applications Are Under Siege
Read a summary of the latest SOTI report, which tackles the security risks in web applications and APIs, and the infrastructure that powers them
Read more

Related Customer Stories

Explore all Akamai Security Solutions

Start your free trial and see what a difference having the world’s largest and most trusted cloud delivery platform can make.

Take me there