In-depth understanding of UDP protocol

Compared with TCP, we know that UDP is an unreliable transmission protocol. We still have a lot to do with this Protocol. Because its transmission mode and speed are incomparable to TCP. Let's take a closer look at this agreement.

1. Brief Introduction to UDP

UDP is a transport layer protocol, which is in a layer with TCP protocol. However, unlike TCP, UDP does not provide timeout retransmission, error retransmission, and other functions, that is, it is an unreliable protocol.

2. UDP Header

The UDP port number is used by many software. Therefore, the UDP protocol must use a flag to distinguish the data packets required by different programs. This is the function of the port number. For example, if a udp program A registers port 3000 in the system, the UDP packet sent from the outside with the destination port 3000 will be handed over to the program. Theoretically, there can be so many port numbers as 2 ^ 16. Because it is 16 bits in length

UDP verification is an optional option. Not all systems test UDP packets and data (which is required by the TCP protocol). However, the standard requirements in RFC are as follows, the sender should calculate the verification.

UDP checks and overwrites the UDP protocol header and data, which is different from the IP address test. The IP protocol test only overwrites the IP address data header and does not overwrite all the data. Both UDP and TCP contain a pseudo header, which is produced for calculation test and. The pseudo-header even contains information in the IP protocol such as the IP address, so that UDP checks whether the data has arrived at the destination correctly twice. If the check and option are not enabled on the sender, And the acceptor calculates the check and has errors, UDP data will be quietly lost and cannot be delivered without any error packets.

UDP can be long and long, and can be 65535 bytes long. However, when the network is transmitting, a protocol that generally fails to transmit that long involves MTU), we have to partition the data. Of course, these are transparent to UDP and other superior protocols, UDP does not need to concern about how the IP protocol layer partitions data. The next chapter will discuss some sharding policies.

3. IP sharding

After the IP address receives data from the upper layer, it determines from which interface the data is sent by selecting the path) and performs MTU query. If the data size exceeds MTU, data is split. Data fragments are transparent to the upper and lower layers, and the data will be re-assembled when it reaches the destination. However, you don't have to worry. The IP layer provides enough information for data re-assembly.

In the IP header, the 16bit identification number uniquely records the ID of an IP package. IP segments with the same ID will be reassembled; the 13-bit slice offset records the position of an IP slice relative to the entire package, and the 3-bit sign in the middle indicates whether there are new slice after the slice. The three tags constitute all the information of the IP segment. The receiver can use this information to re-organize the IP data, even if the subsequent parts are first served than the previous parts, this information is sufficient ).

Due to the frequent use of the sharding technology on the network, software and people who forge IP sharding packets for rogue attacks are also emerging.

You can use the Trancdroute program to perform simple MTU detection. Please refer to the teaching materials.

3. interactive use between UDP and ARP

This is a detail that is not often noticed. It is intended for some system implementations. When the ARP cache is still empty. Before sending a UDP packet, you must send an ARP request to obtain the MAC address of the target host. If the UDP packet is large enough, it must be split to the IP layer, imagine that the first shard of the UDP packet will send an ARP query request, and all the shards will be sent after the query is complete. Is that actually true?

As a result, some systems send an ARP query for each shard. All shards are waiting, but when the first response is received, the host only sends the last data piece and discards others. This is incredible. In this way, because the fragmented data cannot be assembled in time, the accept host will discard IP data packets that will never be assembled within a period of time, in addition, many systems do not generate this error when sending the assembled timeout ICMP packet. This ensures that the receiving host's own acceptor cache is not filled with fragments that will never be assembled.

4. ICMP Origin Site suppression Error

When the processing speed of the target host cannot keep up with the data receiving speed, the host sends an ICMP message "I cannot stand" because the IP layer cache of the host is full.

5. UDP Server Design

Some features of UDP will affect the design of our server program, which is summarized as follows:

About the customer IP address and address: the server must have the ability to determine whether the data packet is valid based on the customer IP address and port number. This seems to require every server to have)

Target address: the server must be able to filter broadcast addresses.

About data input: Generally, every port number in the server system corresponds to an input buffer. Incoming input is waiting for processing by the server based on the principle of first-in-last-in. Therefore, the buffer overflow is inevitable, in this case, UDP packets may be discarded, but the application server itself does not know this problem.

The server should restrict the local IP address, that is, it should be able to bind itself to a port of a network interface.