TCP/IP Study Notes (6)-UDP protocol

1. Brief Introduction to UDP

UDP is a transport layer protocol, which is in a layer with TCP protocol. However, unlike TCP, UDP does not provide timeout retransmission, error retransmission, and other functions, that is, it is an unreliable protocol.

2. UDP header 2.1.udp port number

Because many software applications require the UDP protocol, the UDP protocol must use a flag to distinguish the data packets required by different programs. This is the function of the port number. For example, if a UDP program A registers port 3000 in the system, the UDP packet sent from the outside with the destination port 3000 will be handed over to the program. Theoretically, there can be so many port numbers as 2 ^ 16. Because it is 16 bits in length

2.2.udp test and

This is an optional option. Not all systems verify UDP data packets (which is a must of the TCP protocol). However, according to the standard requirements in RFC, the sending end should calculate the verification.

UDP checks and overwrites the UDP protocol header and data, which is different from the IP address test. The IP protocol test only overwrites the IP address data header and does not overwrite all the data. Both UDP and TCP contain a pseudo header, which is produced for calculation test and. The pseudo-header even contains information in the IP protocol such as the IP address, so that UDP checks whether the data has arrived at the destination correctly twice. If the check and option are not enabled on the sender, And the acceptor calculates the check and has errors, the UDP data will be quietly lost (not guaranteed delivery) without generating any error packets.

2.3.udp Length

UDP can be long and long, and can be 65535 bytes long. However, when the network is transmitting data, a protocol that generally fails to transmit that long (involving MTU issues) will have to be split into data. Of course, these are transparent to UDP and other upper-level protocols. UDP does not need to care about how the IP protocol layer partitions data. The next chapter will discuss some sharding policies.

3. IP sharding

After the IP address receives data from the upper layer, it determines from which interface the data is sent (by selecting routes) based on the IP address and performs MTU query. If the data size exceeds the MTU, data is split. Data fragments are transparent to the upper and lower layers, and the data will be re-assembled when it reaches the destination. However, you don't have to worry. The IP layer provides enough information for data re-assembly.

In the IP header, the 16bit identification number uniquely records the ID of an IP package. IP segments with the same ID will be reassembled; the 13-bit slice offset records the position of an IP slice relative to the entire package, and the 3-bit sign in the middle indicates whether there are new slice after the slice. The three tags constitute all the information of the IP segment, and the receiver can use this information to re-organize the IP data (even if the subsequent parts are first served than the previous parts, this information is sufficient ).

Due to the frequent use of the sharding technology on the network, software and people who forge IP sharding packets for rogue attacks are also emerging.

You can use the trancdroute program to perform simple MTU detection. Please refer to the teaching materials.

3. interactive use between UDP and ARP

This is a detail that is not often noticed. It is intended for some system implementations. When the ARP cache is still empty. Before sending a UDP packet, you must send an ARP request to obtain the MAC address of the target host. If the UDP packet is large enough, it must be split to the IP layer, imagine that the first shard of the UDP packet will send an ARP query request, and all the shards will be sent after the query is complete. Is that actually true?

As a result, some systems send an ARP query for each shard. All shards are waiting, but when the first response is received, the host only sends the last data piece and discards others. This is incredible. In this way, because the fragmented data cannot be assembled in time, the accept host will discard IP data packets that will never be assembled within a period of time, and send the assembled timeout ICMP packet (in fact, many systems do not produce this error), to ensure that the receiving host's own acceptor cache is not filled with fragments that will never be assembled.

4. ICMP Origin Site suppression Error

When the processing speed of the target host cannot keep up with the data receiving speed, the host sends an ICMP message "I cannot stand" because the IP layer cache of the host is full.

5. UDP Server Design

Some features of UDP will affect the design of our server program, which is summarized as follows:

1. About the customer IP address and address: the server must be able to determine whether the data packet is valid based on the customer IP address and port number (this seems to require every server to have)
2. Target address: the server must be able to filter broadcast addresses.
3. About data input: Generally, every port number in the server system corresponds to an input buffer. Incoming input is waiting for processing by the server based on the principle of first-in-last-in. Therefore, the buffer overflow is inevitable, in this case, UDP packets may be discarded, but the application server itself does not know this problem.
4. The server should restrict the local IP address, that is, it should be able to bind itself to a port of a network interface.