Networking & Protocols
The IP envelope
At the moment you click a link, your browser packages your request into an IP packet — an envelope with your address and the server’s address. Here is the radical part: no single router between you and that server knows the complete path. Each router just looks at the destination address, consults its own local map, and forwards the packet to the next hop.
What IP does in one sentence
IP is the addressed envelope every chunk of Internet traffic travels inside. Source address, destination address, payload, and a small header — that’s IP.
Every protocol you use — TCP, UDP, ICMP, every video chunk, every webpage — rides inside IP packets. The packet is the unit of routing for the entire Internet.
The postal metaphor
Imagine the postal system. Each letter has a from-address and a to-address. Local post offices don’t know where Tokyo is, but each one knows “anything for Asia goes via this truck.” Letters hop from local office to regional to national until they reach the destination’s local office. No single office holds a map of the whole world — only the next hop.
IP works the same way. Routers hold partial maps and make local decisions. At each hop the router reads the destination address, checks its routing table, and forwards the packet to whichever neighbour is the best next step. After 10–15 such hops the packet arrives.
One scenario end to end
Your browser already finished the physical link (it knows how to put bits on a wire). It now builds an IP packet for every segment it wants to send. Each packet travels independently. The layers above — TCP, TLS, HTTP — all hand bytes to IP, which adds the envelope.
- IPv4 address size
- 32 bits (4 bytes)
- IPv6 address size
- 128 bits (16 bytes)
- IPv4 address space
- ~4.3 billion
- Typical hop count
- 10–15 routers
- IPv4 header minimum
- 20 bytes
- IPv6 header (fixed)
- 40 bytes
IPv4 vs IPv6
IPv4 uses 32-bit addresses written as four decimal octets (e.g. 93.184.216.34). IPv6 uses 128-bit addresses written as eight 16-bit hex groups (e.g. 2001:db8::1). The practical differences:
- Address space. IPv4 has ~4.3 billion addresses — exhausted. IPv6 has 340 undecillion — effectively unlimited.
- Header. IPv4 has a variable header with a checksum computed at every hop. IPv6 has a fixed 40-byte header with no checksum (delegated to L2 and L4) and no router-level fragmentation.
- Adoption. Most new deployments run both (dual-stack). IPv6 reached ~45–50% of global Internet traffic by 2026.
Why this works
Why IP is connectionless. IP is best-effort: no acknowledgements, no retransmissions, no ordering. A router that runs out of buffer space drops packets without telling anyone. The decision was deliberate (RFC 791, 1981): keep the network layer simple so it scales to billions of devices, and push reliability to TCP. This design choice explains why every reliability mechanism lives in TCP or QUIC, not in IP itself.
What does an IP packet carry in its header?
What is the practical difference between IPv4 and IPv6?
Order what happens to a packet at one router hop:
- 1 Packet arrives on input interface
- 2 Router decrements TTL by 1; if it hits 0 the packet is dropped
- 3 Router looks up destination address in routing table
- 4 Router selects the next hop (longest prefix match)
- 5 Router re-encapsulates packet in a new link-layer frame
- 6 Router sends frame out the matching output interface
Fill in the blank: an IP packet is like an _______ — it has a from-address, a to-address, and contents inside.
- 01In one sentence: why is it remarkable that the Internet works given no router knows the full route?
- 02Why did the designers of IP choose best-effort delivery instead of reliable delivery?
- 03What happens to a packet whose TTL reaches zero?
IP is the universal addressed envelope: every chunk of Internet traffic — TCP segment, UDP datagram, ICMP message — travels inside an IP packet carrying source and destination address. No router knows the full path; each makes a local longest-prefix-match decision and hands the packet to the next hop. After 10–15 hops the packet arrives. IPv6 extends this model with 128-bit addresses (ending the address-space crisis) and a simpler fixed header. IP’s deliberate choice of best-effort, connectionless delivery is why TCP, TLS, and QUIC all live above it.
appears again in47
- Federation and lookahead: batching beyond DataLoadermiddle
- Senior GraphQL API: scheduling contract, tenant isolation, observabilitysenior
- Invalidation, dirty bits, and containmiddle
- Compositor layers: promotion, overlap, and GPU memorymiddle
- Production observability: LoAF, INP, and the full attack surfacesenior
- Hidden classes, transition trees, and memory layoutmiddle
- V8 in production: isolates, pointer compression, and real failuressenior
- What workers are and why they existjunior
- Web worker mechanics: dedicated, shared, and OffscreenCanvasmiddle
- Structured clone and transferablesmiddle
- SharedArrayBuffer, Atomics, and cross-origin isolationsenior
- Worker pools, Comlink, and production observabilitysenior
- Eight layers traced: from the service worker to the second navigationmiddle
- Five canonical breaks: where production reliably diessenior
- The three-track method: reading traces and building a monitored systemsenior
- Lock and single-flight: bounding concurrent rebuildsmiddle
- Stale-while-revalidate and CDN request coalescingmiddle
- Detecting stampedes and designing TTL for productionmiddle
- Metastable failure, fencing tokens, and production postmortemssenior
- What a relation is: tables, rows, keys, and constraintsjunior
- Constraints, keys, and Postgres data typesmiddle
- JSONB, arrays, and when a side table winsmiddle
- Schema integrity: deferral, versioning, and production failure modessenior
- Where data fetching happens — and why it decides LCPjunior
- React Server Components and Suspense streamingmiddle
- Senior internals: RSC payload, caching layers, and production failure modessenior
- What is OpenTelemetry: API, SDK, Collector, OTLPjunior
- OTel signals, Semantic Conventions, and the OTLP wire formatmiddle
- The OTel Collector: receivers, processors, exporters, and deployment patternsmiddle
- Vendor neutrality, eBPF instrumentation, the Operator, and browser/serverless OTelsenior
- Operating the OTel Collector: reliability, version skew, failure modes, and governancesenior
- What is trace propagation and why broken propagation is worse than nonejunior
- traceparent and tracestate: the W3C header format in fullmiddle
- Baggage and async boundaries: carrying context across queues and callbacksmiddle
- Async context per language, service mesh, B3 migration, and securitysenior
- Production propagation failures, span links, and platform designsenior
- The debugging funnel: SLO → RED → trace → profilejunior
- OTel architecture: one SDK, four signals, one wire formatmiddle
- The incident loop: from pager to postmortem to preventionmiddle
- Scale, security, and the ROI of observable systemssenior
- At-most-once, at-least-once, exactly-once: the three delivery contractsjunior
- Consumer-side dedup: the cheapest path to exactly-once processingmiddle
- Exactly-once in production: impossibility proof, hybrid patterns, and real incidentssenior
- What OAuth is and why passwords are not the answerjunior
- Authorization code flow with PKCEmiddle
- Sender-constrained tokens: DPoP and mTLSsenior
- OAuth in production: audience attacks, observability, and real failuressenior