UDP: User Datagram Protocol

UDP (User Datagram Protocol) is a simple transport layer protocol defined in RFC 768. It is designed to run on top of IP and is assigned IP protocol number 17.

Key Properties of UDP

  • Connectionless and ‘unreliable’;
  • Minimal overhead;
  • Multiplexing.

UDP is a Connectionless and ‘unreliable’ protocol.

Instead of initiating a connection, UDP splits data into discrete segments and sends them independently. Because there is no sequencing information, the recipient cannot guarantee whether all of the data sent has been received. UDP does still have a checksum, so corrupted data can be discarded, but it is not resent if there is an issue.

It is still possible for applications to perform error checking and correction at the application layer if necessary. For example, if transferring files, you could run a checksum against the fully received file.

Minimal overhead

Because UDP does not establish connections or implement flow control, far fewer packets need to be sent to transfer data. The UDP header is also much more basic, with just 4 fields and no options.

Multiplexing

Multiplexing is used to allow multiple connections simultaneously and to differentiate between the connections for different applications.

When a host receives data, it needs to work out who that data is for – is it HTTP traffic for a web browser, VOIP for Skype or FTP data being transferred. UDP does this using ports.

Hosts manage network connections using sockets which are defined by:

  • IP Address
  • Transport Protocol (UDP)
  • Port number

Source Ports

When a client sets up a connection for an application, it will assign an unused port as the source port. A port number from the ephemeral/dynamic range is used for the connection – it is just assigned for the duration of the connection. All data received on this port is sent on to that application until the connection is terminated.

Destination Ports

The destination port that data is sent to is more specific. Popular applications have been assigned port numbers which clients set as the destination port. For example, DNS traffic uses port 53. The server side of the connection can then differentiate between clients using the combination of IP address and the client source port.

Port Numbers

There are three ranges of port numbers. IANA (the Internet Assigned Numbers Authority) maintain a registry of port numbers and suggested ranges:

  • Well known ports (0 – 1023)
  • Registered ports (1024 – 49151)
  • Dynamic / Private Ports (49152 – 65535)

Well Known UDP Port Numbers

53 Domain Name System DNS

67 and 68 Dynamic Host Configuration Protocol DHCP

69 Trivial File Transfer Protocol TFTP

123 Network Time Protocol NTP

161 Simple Network Management Protocol

514 Syslog

UDP Header

Source Port (16 bits)

UDP port number from which the data is being sent.

Destination Port (16 bits)

UDP port number which the data is being sent to.

Length (16 bits)

Length in bytes of the datagram (header and data). The minimum is 8 bytes – just a UDP header with no data.

Checksum (16 bits)

The checksum is calculated over a ‘pseudo-header’ consisting of the source IP address, destination IP address, 8 bits of zero padding, transport protocol (17 for UDP) and the UDP length.

References

RFC-768 User Datagram Protocol

Internet Engineering Task Force

Prerequisite Skills

lesson

How does IPv4 work?

IPv4 Functions IPv4 (Internet Protocol version 4) operates at the Internet layer in the TCP stack (or layer 3 in the OSI model). It has two…

lesson

Same layer and adjacent layer interactions

When we look at data in a network we can look ‘horizontally’ at a single layer in the network stack or ‘vertically’ as data moves up and…

lesson

Summary of the TCP/IP Model

Introduction The TCP/IP suite of protocols is what most modern computer networks, including the Internet, are built upon. It can be viewed…

Follow On Cyber Learning

lesson

Access Control Lists for Beginners

Access control lists (ACLs) provide a simple but effective layer of security in modern networks.

lesson

NAT: Network Address Translation

NAT is the mapping of one address to another. It is a useful tool for conserving IP address space.

lesson

Netcat Field Guide

Netcat (nc) is a simple but versatile utility for TCP and UDP communication.

lesson

Network Sockets and Ports

Network sockets are software structures that represent the endpoints of a network connection. A pair of sockets fully specify a network connection, and these connections enable communication in both directions. There are three main types of network socket: datagram, stream and raw.

Related Training Courses

course

Computer Networking Foundations

Understand how modern computer networks work.