Technology is changing the world around us. The use of video streaming is growing steadily as the average number of connected devices is predicted to skyrocket by 2023. And with change come challenges. Users are now expecting seamless data transmissions without failures, delays, or buffering. How can, learning more about the UDP protocol, help you address these challenges? Let’s find it out

In the era of live streaming and real-time applications, an uninterrupted and fast internet information exchange has become essential. Nearly everything in today’s life depends on speed — from DNS queries ensuring that your website loads in a matter of seconds to streaming services, from education and voice over IP (VoIP) to online meetings and gaming.

This is where the UDP protocol (user datagram protocol) shines. With 86% of interviewed businesses using video as one of the most effective marketing tools, understanding the basis of UDP, one of the most popular data transport protocols, has never been so important.

This article will give you a brief introduction to the user datagram protocol, or what’s known as UDP. You’ll learn about its key features, functions, benefits, challenges and more. We won’t dig too deep into the nitty-gritty this time, however. If you’re interested in learning more about how UDP works from the technical point of view, stay tuned, as we’ll dive into all that in our next article.

The ABCs of the User Datagram Protocol (UDP)

Did you know that internet protocols facilitate virtually all messages and transactions sent over the internet? Even now, you’re reading this article thanks to a networking protocol that made the exchange of information between your device and the internet possible. (In this case, you’re using the secure HTTPS protocol.)

Several different connection protocols — TCP, UDP, HTTPS, SSH, etc. — operate at different layers of the TCP/IP network model. Each one has its own features, functions, advantages, and challenges. And, frankly, there’s a lot of overlap as well as you’ll see some protocols — for example, HTTPS — can use HTTPS, TCP or UDP, according to the Internet Assigned Numbers Authority (IANA).

This article will focus on the user datagram protocol (UDP), which was designed by the computer scientist David P. Reed in 1980 and officially defined by the Internet Engineering Task Force (IETF) in RFC 768. This protocol works at the transport layer of the model.

A UDP Protocol Definition: What Is It?

Before going into the basics of the user datagram protocol, let’s have a look at its definition. UDP is a simple, connection-less communication standard protocol used to exchange data over the internet. Sometimes known as an unreliable data protocol due to its simplicity and lack of verification checks (which can lead to errors), it’s delay-free and very efficient in terms of latency and bandwidth. It works similarly to the more reliable transmission control protocol (TCP), but without the need for authenticity and error checks. It’s part of the internet protocol suite.

User datagram protocol graphic that illustrates the basic concept of what UDP does
A basic representation of the user datagram protocol

What Is UDP Used For?

The user datagram protocol is suitable for those applications where data loss doesn’t affect the perceived quality of the service or for those that are configured to correctly arrange the packets once received. Let’s have a look at some typical cases:

Multiplayer Online Games, VoIP, and Video Live Streaming

When playing a game online, watching a web streaming, or talking to your boss using VoIP, small hiccups or dropped frames now and then usually go unnoticed. When you play Fortnite, for example, UDP is the most used protocol during the game (although not the only one — TCP is used initially). Why? Because when you’re playing, everything is about speed and getting a huge amount of data delivered in real-time. It doesn’t matter if there is a small glitch during the game as you probably won’t even notice it. The same goes for VoIP and media streaming: in all these cases, speed and continuity come first.

Check out this great video by Gary Explains on the use of TCP and UDP protocols in games like Fortnite:

Tunneling/VPN

If you’ve used a virtual private network (VPN) service when working from home or for leisure, you may have noticed that it supports both TCP and UDP ports. If you need to check your mail or download the latest software update for your favorite app, TCP is your best option. If you’re getting ready to attend your one-to-one monthly call with your boss, use UDP to ensure that the call goes smoothly. You don’t want to miss a word when they tell you about your pay rise!   

Multicasting and Broadcasting

You’ve been invited to a live streaming where your CEO will make an important announcement about the future of the company. The event starts and, suddenly, the video streaming pauses when the CEO is introducing the hot topic to the audience. After a few minutes, packets start to get through again, and you manage to get the missing bits of the conversation. However, the delay means you’ve received the information a couple of minutes after your colleagues and some info might be missing.

Can you imagine what impact this would have, say, during a shareholder meeting? Not only would this be annoying, but it could have serious repercussions for your company. However, it’s important to note that UDP also supports packet switching, which can come in handy. 

Domain Name System (DNS)

When you typed cheapsslsecurity.com/blog/ in your browser, your device had to first find the related IP address before sending a GET request to the server. This must happen in no time, or you’ll get frustrated and go to another site. This is the reason why in these cases protocols like DNS and DHCP use UDP: they need to get the results quickly.

These are just a few examples of the applications of UDP. There are many others, like record route, timestamp, traceroute, and more. Now that we’ve answered the question, “what is UDP used for?” we can move on to the next one.

How Does UDP Work? A Quick Overview

Compared to other networking protocols, UDP’s process is very simple. Data packets (datagrams) are simply transferred across the internet without bothering about a handshake, ordering process, data integrity, or guaranteed delivery. In other words, it’s a no-frills service transferring data from A to B as quickly as possible.

Its characteristics make the process ideal for transmitting data to many clients with low overhead and when data integrity is unimportant. It’s a bit like a company using the cheapest United States Postal Service (USPS) to distribute advertising flyers and catalogs. It’s fast (relatively), doesn’t require too many resources, and enables the organization to reach its primary goal: to get the word out about your business, products or services.

Being bulk advertising, usually, there’s no need for the company to know if every single flyer has been delivered successfully, or if they’d been delivered in a specific order. Therefore, when some of them are undelivered (for whatever reason), instead of being automatically forwarded or returned, they’re usually disposed of. The same happens with UDP.

A graphic that illustrates how the user datagram protocol (UDP) works to transmit data
A basic illustration of the UDP protocol in action

Interested in learning the technical nuts and bolts of the UDP protocol’s process? Stay tuned for our next article, which will explore in depth how the user datagram protocol works from a technical perspective.

UDP Protocol vs. TCP: Understanding the Difference

UDP and TCP are widely used protocols for data transmission over the internet. But what are the main differences between them? Let’s find it out.

 UDP: When Speed MattersTCP: When Accuracy Matters
Connection TypeConnectionless protocolConnection-based protocol that includes a handshake and authentication.
Connection Model(s) SupportedOne to one, one to all, one to many (multicast, unicast, broadcast).One to one (unicast).
Transfer MethodDatagrams are sent as individual packets.The sequence of bytes.
Data Transfer SequenceNo fixed order as data is processed in order of arrival.Ordered and numbered as the packet’s sequence is always verified.
SpeedFast — The integrity of data is only checked at the arrival with a checksum. Broken packets are discarded.Slow due to reordering, error checking, and recovery.
AccuracyLow — The delivery of data can’t be guaranteed.High — It always guarantees the delivery of data to the destination.
OverheadLow — It’s very lightweight as it has no tracking connections and minimal headers.High — It’s resource-intensive due to its heavy headers.
AcknowledgmentNo acknowledgment.Acknowledgment is sent by the recipient when all the data have been delivered.
Typical ApplicationsLive streaming, Online games, Chats, VoIP, DNS check, and All applications for which delivery time is crucial.File Transfer Protocol (FTP) Web browsing (HTTP) Email, and All applications where data loss is unacceptable.

To summarize, any TCP connection requires a handshake between the sender and the receiver. Why? This enables the two parties to exchange synchronization and acknowledgment packets before beginning the communication. Once done, the data is sent in a specific order, received, and nothing is lost along the way. The transmission takes more time, but it’s more consistent.

On the other hand, with UDP the data are simply sent to the receiver — unordered and without conditions. This means no handshake, no synchronization — nothing.

UDP is like your favorite fast-food restaurant: you know that you’ll get a no-frill service and basic food, but it’s fast and convenient. You usually choose it when speed matters, like when you just need to grab a bite in a hurry before a meeting.

TCP is more like a fancy restaurant: you go there, order, and let the staff take care of everything else while you enjoy your evening without worrying about time. The food is accurately presented, and every detail is carefully taken handled. For example, this is the kind of restaurant you choose for a date, when accuracy and quality are more important than speed.

Check back in the next couple of weeks for an article that compares and covers the differences between the TCP and UDP protocols.

Insight Into the UDP Protocol: Pros, Cons, Benefits, and Risks

Following the ancient Chinese philosophy, yin and yang, the positive and the negative are in everything. This concept also applies to the user datagram protocol. While it can be useful in some cases, some drawbacks could have a negative impact when utilized with some applications. Which ones? Let’s find it out.

Pros and Cons of the User Datagram Protocol

To make things easier, we’ve summarized the main advantages and disadvantages of UDP on a table:

Pros of the User Datagram ProtocolCons of the User Datagram Protocol
It’s connectionless, making the startup delay of an application very short.A datagram may be delivered twice, not delivered at all, or delivered in the wrong order.
It supports unicast transmission and the more efficient and cost-effective multicast and broadcast transmissions.There’s no guarantee that the recipient will receive all transmitted bytes. However, it does provide a checksum to verify an individual datagram’s integrity.
It’s ideal for applications using a lot of bandwidth where data loss is unimportant. (E.g., for real-time video and audio streaming.)The receiver’s readiness is not verified.
It speeds up DNS lookup as this kind of query and the related response are small enough to fit in a single package.Being connectionless, it has no congestion control.
The datagrams received are unmanaged. This gives the receiver’s application complete freedom of choice on how to handle them.It has no flow control; therefore, the receiver may be overloaded with incoming messages. This can be avoided, ensuring that the application sending the datagrams has a kind of flow control policy installed.
It’s efficient in terms of latency and bandwidth, making it a very fast connection.Like other connections (e.g., TCP), UDP can be vulnerable to DDOS attacks.

UDP Protocol’s Benefits

Never judge a book from its cover. Therefore, even if you might have been put off by the list of cons mentioned above, before crossing out the user datagram protocol from your options for good, you should take into consideration the following valuable features:

Feature 1 — No Retransmission Delays, Ever, Guaranteed

We’ve already mentioned that if you use VoIP, media streaming, or play multiplayer games, UDP may be your best choice. As lost packets are discarded (remember the example with the USPS?) UDP is stellar for time-sensitive applications with real-time requirements that can’t bear retransmission delays for dropped packets.

Feature 2 — Low Resource Intensive, Non-Stop Communication, Great For Your Broadcast

UDP broadcasted datagrams can be transmitted to a large number of clients on the internet without the need for too much server overhead. Isn’t it an excellent feature to consider for a flawless live conference with your employees or colleagues?

Feature 3 — It’s Fast, Much Faster Than TCP

In the internet world, where every second counts, a second saved is a second earned. When your customer enters your website’s URL into their browser, their device performs a DNS query. The longer it takes for the server to respond, the longer your customer will have to wait to view your website. As DNS requests tend to be small and speed is an important factor (nobody wants to wait for ages for a website to load), they fit well with the UDP protocol.

What do you think now? Don’t you think that you should reevaluate UDP when using specific real-time applications or for DNS queries?

User Datagram Protocol Threats and Vulnerabilities

Another point listed under the UDP’s “cons” column mentioned that this specific protocol can be vulnerable to denial of service attacks (DDOS) due to its lack of verification mechanism and end-to-end connection. This kind of attack is usually launched by compromised devices part of a botnet and, if successful, it can easily make an online service temporarily unavailable. HTTP Error 503, anyone?

The main DDOS attacks targeting the UDP protocol are the following:

User Datagram Protocol Flood Attack

A UDP attack exploits the steps that a server takes when responding to a datagram sent to one of its ports:

  • Because UDP has no handshake in its process, an attacker sends a large number of spoofed packets to multiple ports on a single server without waiting for communication permission.
  • The attacked server responds to each packet with a “Destination Unreachable” message.
  • The server’s resources are overwhelmed, resulting in a denial of service to legitimate traffic.
A graphic illustrating the concept of a UDP flood attack

DNS Amplification Attack

As described in an alert published by CISA (the U.S. Cybersecurity & Infrastructure Security Agency), DNS amplification attacks rely on DNS servers’ vulnerabilities to flood a target with a huge amount of datagrams:

  • Numerous datagrams with spoofed IP addresses (the victims’ real IP addresses) are sent to an open DNS resolver, once again through one or more botnets.
  • The DNS resolver sends out much larger and disproportionate replies to each request (this is known as amplification) in the direction of the spoofed IP address using specific techniques.
  • The victim’s network is saturated with responses.
A graphic illustrating the concept of a DNS amplification attack
Image caption: DNS amplification attack

UDP Port Scan

Sometimes also used for benevolent scopes by administrators to verify security policies on their own networks, a port scan allows to identify open ports:

  • An attacker sends datagrams to a server to determine which ports are listening.
  • If the port replies with the message “Destination unreachable,” the attacker will know that they will have to move on to another port.
  • If there is no response, the port is open and the hacker can exploit the vulnerable port to attack the target (i.e., your network/server/service).
A graphic illustrating the concept of a UDP port scan

As we all very well know, the internet is never going to be perfect; bad guys will always be there, lurking and waiting for us to fall into their traps. However, we’ve made another important step forward today by learning how to get the best out of UDP despite its flaws.

Knowledge is power. If you want to learn more about the user datagram protocol, don’t miss our next article that will explore the technology behind it. 

Final Thoughts Answering the Question: What Is the UDP Protocol?

The simple user datagram protocol can be highly valuable for real-time services like online gaming, VoIP, live conferences, streaming, where speed is the primary concern. From a business perspective, any organization using virtual communication and collaboration can gain from its advantages in many use cases.

UDP can help your organization avoid slow and clogged networks and provide your users and customers with a smooth streaming experience. Yes, when using it, you’ll have to make some concessions on reliability and data delivery, but nothing comes for free in this world. And when the benefits are greater than the costs, it’s easy to choose. But your choice of whether to use UDP or TCP should be made based on your organization’s needs and what you’re trying to accomplish. Depending on your specific situation, UDP may (or may not) be the best option.

Now that you understand the UDP protocol better, start using it and say goodbye to annoying interruptions during your web conferences, broadcasting, and why not, when playing your favorite online game!

Author

Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24/7 security teams.

bold
Close