The internet layer or IP layer is a group of internetworking methods in the Internet protocol suite, commonly also called TCP/IP, which is the foundation of the Internet. It is the group of methods, protocols, and specifications that are used to transport datagrams (packets) from the originating host across network boundaries, if necessary, to the destination host specified by a network address (IP address) which is defined for this purpose by the Internet Protocol (IP). The internet layer derives its name from its function of forming an internet (uncapitalized), or facilitating internetworking, which is the concept of connecting multiple networks with each other through gateways.
Internet-layer protocols use IP-based packets. The internet layer does not include the protocols that define communication between local (on-link) network nodes which fulfill the purpose of maintaining link states between the local nodes, such as the local network topology, and that usually use protocols that are based on the framing of packets specific to the link types. Such protocols belong to the link layer.
A particularly crucial aspect in the internet layer is the robustness principle: "Be liberal in what you accept, and conservative in what you send" (RFC 1122), as a misbehaving host can deny Internet service to many other users.
The internet layer has three basic functions: For outgoing packets, select the next-hop host (gateway) and transmit the packet to this host by passing it to the appropriate link layer implementation; for incoming packets, capture packets and pass the packet payload up to the appropriate transport-layer protocol, if appropriate. In addition it provides error detection and diagnostic capability.
In Version 4 of the Internet Protocol (IPv4), during both transmit and receive operations, IP is capable of automatic or intentional fragmentation or defragmentation of packets, based, for example, on the maximum transmission unit (MTU) of link elements. However, this feature has been dropped in IPv6, as the communications end points, the hosts, now have to perform path MTU discovery and assure that end-to-end transmissions don't exceed the maximum discovered.
In its operation, the internet layer is not responsible for reliable transmission. It provides only an unreliable service, and "best effort" delivery. This means that the network makes no guarantees about packets' proper arrival (see also Internet Protocol#Reliability). This was an important design principle and change from the previous protocols used on the early ARPANET. Since packet delivery across diverse networks is inherently an unreliable and failure-prone operation, the burden of providing reliability was placed with the end points of a communication path, i.e., the hosts, rather than on the network. This is one of the reasons of the resiliency of the Internet against individual link failures and its proven scalability.
In IPv4 (not IPv6), a checksum is used to protect the header of each datagram. The checksum ensures that the information in a received header is accurate, however, IP does not attempt to detect errors that may have occurred to the data in each packet.
Internet Protocol Security (IPsec) is a suite of protocols for securing Internet Protocol (IP) communications by authenticating and/or encrypting each IP packet in a data stream. IPsec also includes protocols for cryptographic key establishment. IPsec was originally designed as a base specification in IPv6 (RFC 1825, RFC 1829) in 1995, but later updated. The protocol was adapted for use in IPv4 and found widespread adoption in securing virtual private networks.
The internet layer of the TCP/IP model is often compared directly with the network layer (layer 3) in the Open Systems Interconnection(OSI) protocol stack. Although they have some overlap, these layering models represent different classification methods. In particular, the allowed characteristics of protocols (e.g., whether they are connection-oriented or connection-less) placed in these layers are different between the models. OSI's network layer is a "catch-all" layer for all protocols that facilitate network functionality. The internet layer, on the other hand, is specifically a suite of protocols that facilitate internetworking using the Internet Protocol.
Strict comparison between the TCP/IP model and the OSI model should be avoided. Layering in TCP/IP is not a principal design criterion and is in general considered to be harmful (RFC 3439, section 3: "Layering Considered Harmful").
Despite clear primary references (see References below) and normative standards documents the internet layer is still sometimes improperly called network layer, in analogy to the OSI model.