• Transport protocols - UDP. See what "UDP" is in other dictionaries

    Hello everyone, today I’ll tell you how the TCP protocol differs from UDP. Transport layer protocols, next in the hierarchy to IP, are used to transfer data between application processes running on network nodes. A data packet received from one computer to another via the Internet must be transferred to a handler process, and precisely for a specific purpose. The transport layer takes responsibility for this. At this level there are two main protocols – TCP and UDP.

    What do TCP and UDP mean?

    TCP– transport protocol for data transfer in TCP/IP networks, which preliminarily establishes a connection to the network.

    UDP– a transport protocol that transmits datagram messages without the need to establish a connection on an IP network.

    Let me remind you that both protocols operate at the transport layer of the OSI or TCP/IP model, and understanding how they differ is very important.

    Difference between TCP and UDP protocols

    The difference between the TCP and UDP protocols is the so-called “delivery guarantee”. TCP requires a response from the client to whom the data packet was delivered, confirmation of delivery, and for this it needs a pre-established connection. Also, the TCP protocol is considered reliable, while UDP has even received the name “unreliable datagram protocol.” TCP eliminates data loss, duplication and packet mixing, and delays. UDP allows all this, and does not require a connection to work. Processes that receive data via UDP must make do with what they receive, even with losses. TCP controls the congestion of the connection, UDP does not control anything other than the integrity of the received datagrams.

    On the other hand, due to such non-selectivity and lack of control, UDP delivers data packets (datagrams) much faster, therefore for applications that are designed for a wide throughput And quick exchange,UDP can be considered the optimal protocol. These include network and browser games, as well as streaming video viewing programs and applications for video communication (or voice): the loss of a package, complete or partial, does not change anything, it is not necessary to repeat the request, but the download is much faster. The TCP protocol, being more reliable, is successfully used even in mail programs, allowing you to control not only traffic, but also the length of the message and the speed of traffic exchange.

    Let's look at the main differences between tcp and udp.

    1. TCP guarantees the delivery of data packets in an unchanged form, sequence and without loss, UDP does not guarantee anything.
    2. TCP numbers packets as they are transmitted, but UDP does not.
    3. TCP works in duplex mode, in one package you can send information and confirm receipt of the previous package.
    4. TCP requires in advance established connection, UDP does not require a connection, it is just a data stream.
    5. UDP provides more high speed data transfer.
    6. TCP is more reliable and controls the data exchange process.
    7. UDP is preferable for programs that play streaming video, videophony and telephony, and network games.
    8. UPD does not contain data recovery functions

    Examples of UDP applications include, for example, the transfer of DNS zones, Active Directory, there is no requirement for reliability. Very often they like to ask such questions during interviews, so it is very important to know the differences between tcp and udp.

    TCP and UDP headers

    Let's look at what the headers of the two transport protocols look like, since here too the differences are fundamental.

    UDP header

    • 16-bit source port > Specifying the source port for UDP is optional. If this field is used, the recipient can send a response to this port.
    • 16 bit destination port > Destination port number
    • 16-bit UDP length > Length of the message, including header and data.
    • 16 bit checksum > Header and data checksum for verification

    TCP header

    • 16 bit source port > Source port number
    • 16 bit destination port > Destination port number
    • 32 bit sequence number > The sequence number is generated by the source and used by the destination to reorder packets to create the original message and send an acknowledgment to the source.
    • 32-bit acknowledgment number > If the ACK bit of the Control field is set, this field contains the next expected sequence number.
    • 4 bit header length > Information about the start of the data packet.
    • reserve > Reserved for future use.
    • 16-bit checksum > Header and data checksum; it determines whether the packet was corrupted.
    • 16-bit urgency indicator > In this field, the target device receives information about the urgency of the data.
    • Options > Optional values ​​that can be specified as needed.

    The window size allows you to save traffic, let's consider when its value is 1, then for each response sent, the sender waits for confirmation, not entirely rational.

    With a window size of 3, the sender already sends 3 frames, and waits from 4, which implies that he has all three frames, +1.

    I hope you now have an idea about the differences between tcp and udp protocols.

    TCP and UDP protocols

    TCP-Transmission Control Protocol

    Connection-oriented communication can use reliable communication, whereby the Layer 4 protocol sends acknowledgments when data has been received and requests retransmission if data is not received or corrupted. The TCP protocol uses just such reliable communication. TCP is used in such application protocols like HTTP, FTP, SMTP and Telnet.

    The TCP protocol requires that a connection be opened before a message can be sent. The server application must do what is called passive open to create a connection to a known port number, and instead of sending the call to the network, the server waits for incoming requests. The client application must do active open by sending the server application a synchronization sequence number (SYN) identifying the connection. The client application can use a dynamic port number as the local port.

    The server must send an acknowledgment (ACK) to the client along with a server sequence number (SYN). In turn, the client responds with ACK, and the connection is established.

    After this, the process of sending and receiving messages can begin. When a message is received, an ACK message is always sent in response. If the timeout expires before the sender receives the ACK, the message is queued for retransmission.

    The TCP header fields are listed in the following table:

    TCP header
    Field Length Description
    Source port 2 bytes Source port number
    Port of destination 2 bytes Destination port number
    Serial number 4 bytes The sequence number is generated by the source and used by the destination to reorder packets to create the original message and send an acknowledgment to the source.
    Confirmation number 4 bytes If the ACK bit of the Control field is set, this field contains the next expected sequence number.
    Data offset 4 bits Information about the start of a data packet.
    Reserve 6 bits Reserved for future use.
    Control 6 bits The control bits contain flags indicating whether the acknowledgment (ACK), urgency (URG) fields, whether the connection should be reset (RST), whether the synchronization serial number (SYN) has been sent, etc. are valid.
    Window size 2 bytes This field specifies the size of the receive buffer. Using confirmation messages, the recipient can inform the sender of the maximum amount of data that he can send.
    Checksum 2 bytes Header and data checksum; it determines whether the packet was corrupted.
    Urgency indicator 2 bytes In this field, the target device receives information about the urgency of the data.
    Options variable Optional values ​​that are specified if necessary.
    Addition variable Enough zeros are added to the padding field so that the header ends on a 32-bit boundary.

    TCP is a complex, time-consuming protocol due to its connection establishment mechanism, but it takes care of guaranteed packet delivery without us having to enable it. functionality into the application protocol.

    The TCP protocol has built-in reliable delivery capabilities. If the message is not sent correctly, we will receive an error message. The TCP protocol is defined in RFC 793.

    UDP - User Datagram Protocol

    Unlike TCP, UDP is a very fast protocol because it defines the bare minimum mechanism required for data transfer. Of course, it has some disadvantages. Messages arrive in any order, and the one sent first may be received last. Delivery of UDP messages is not at all guaranteed, the message may be lost, and two copies of the same message may be received. The last case occurs if two different routes are used to send messages to one address.

    UDP does not require opening a connection, and data can be sent as soon as it is prepared. UDP does not send acknowledgment messages, so data may be received or lost. If reliable data transmission is required when using UDP, it should be implemented in a protocol more high level.

    So what are the advantages of UDP, why might such an unreliable protocol be needed? To understand the reason for using UDP, you need to distinguish between unidirectional transmission, broadcast transmission and multicast transmission.

    Unicast message sent from one node to only one other node. This is also called point-to-point communication. The TCP protocol only supports unidirectional communication. If a server needs to communicate with multiple clients using TCP, each client must establish a connection because messages can only be sent to single hosts.

    Broadcast means that the message is sent to all nodes on the network. Group distribution (multicast) is an intermediate mechanism: messages are sent to selected groups of nodes.

    UDP can be used for unidirectional communication when fast transmission is required, such as for delivering multimedia data, but the main advantages of UDP relate to broadcasting and multicasting.

    On channel and network level protocols TCP/IP packet, which deal with the basic mechanism for transferring blocks of data between countries and between networks, are the basics TCP/IP. They use the protocol stack, but they are not used directly in applications that run on the protocol TCP/IP. In this article, we'll look at two protocols that are used by applications: User Datagram Protocol (UDP) and Transmission Control Protocol (TCP).

    User Datagram Protocol
    User Datagram Protocol is a very simple protocol. Like IP, it is a reliable connectionless protocol. You don't need to establish a connection to the host to exchange data with it using UDP, and there is no mechanism to ensure the transmitted data.
    Block of data transmitted using UDP called a datagram. UDP adds four 16-bit header fields (8 bytes) to the transmitted data. These fields are: field length, field checksum, as well as the source and destination port number. "Port", in this context, represents the port software, not hardware port.
    The port number concept is common to both UDP and TCP. Port numbers determine which protocol module forwards (or receives) data. Most protocols have standard ports that are commonly used for this. For example, the Telnet protocol typically uses port 23. Simple Mail Transfer Protocol (SMTP), uses port 25. Usage standard rooms ports allows clients to communicate with the server without pre-installation which port to use.
    Port and protocol number in the header field IP duplicate each other to some extent, although the protocol fields are not available to higher-level protocols. IP uses the protocol field to determine where data should be sent to UDP or TCP modules. UDP or TCP use the port number to determine which application layer protocol should receive data.
    Despite, UDP is not reliable, it is still suitable choice for many applications. It is used by real-time applications such as streaming audio and video, where if data is lost, it is better to do without it than to send it again in order. It is also used by protocols such as Simple Network Management Protocol (SNMP).
    Broadcast
    UDP Suitable for information broadcasting because it does not require an open connection connection. The targets of a broadcast message are determined by the sender, to the specified destination IP address. UDP datagrams with destination IP address are all binary 255.255.255.255) and will be received by every host in local network. Pay attention to the word local: datagrams with such an address will not be accepted by the router to the Internet.
    Transfers can be sent to specific networks. UDP datagrams from the host and subnet parts of the IP address set as binary are broadcast to all hosts on all subnets of the network that corresponds to the pure part of the IP address. If only the receiving end (in other words, all the bits that are zero in the subnet mask) is set to binary, then broadcasting is restricted to all hosts in the subnet that matches the rest of the address.
    Multicast is used to transmit data among a group of hosts that have expressed a desire to receive it. Multicast UDP the datagram has a destination address in which the first four bits are 1110, providing addresses in the range 224.xxx to 239.xxx The remaining bits of the address are used to designate the multicast group. It's more like a radio or TV channel. So, for example, 224.0.1.1 is used for the NTP protocol. If TCP/IP applications want to receive a multicast message, they must join the appropriate multicast group, which it does by passing the group's address into the protocol stack.
    Broadcasters essentially filter the transmission. Multicaster does not consider individual messages for each host that joins the group. Instead, messages are broadcast, and drivers on each host decide whether to ignore them or pass the contents on to the protocol stack.
    This means that multicast messages must be broadcast across the entire Internet, since the multicaster does not know which hosts want to receive the messages. Fortunately, this is not necessary. IP uses a protocol called Internet Group Management Protocol (IGMP) to tell routers which hosts want to receive multicast group messages so that messages are sent only where they are needed.
    Transmission Control Protocol
    Transmission Control Protocol is a transport layer protocol and is used by most Internet applications such as Telnet, FTP and HTTP. This is a connection-oriented protocol. This means that two computers - one a client, the other a server - need to establish a connection between them before data can be transferred between them.
    TCP provides reliability. Application that uses TCP knows that he is sending data received at the other end, and that he received it correctly. TCP uses checksums on both headers and data. When receiving data, TCP sends confirmation back to the sender. If the sender does not receive confirmation within a certain period of time, the data is resent.
    TCP includes mechanisms to ensure data arrives in reverse order in the order it was sent. It also implements flow control so that the sender cannot overwhelm the receiver of the data.
    TCP transmits data using IP in blocks called segments. The length of the segment is determined by the protocol. In addition to the IP header, each segment consists of 20 bytes of header. Heading TCP begins with a 16-bit source and destination port number field. Like UDP, these fields define the application level that is aimed at receiving data. The IP address and port number, taken together, uniquely identify the services running for the host, and a pair known as a socket.
    Next in the header is a 32-bit sequence number. This number specifies the position in the data stream that the first byte of data in the segment should occupy. Serial number TCP allows you to maintain data flow in in the right order, although segments can be derived from a sequence.
    The next field is a 32-bit field that is used to convey back to the sender that the data was received correctly. If ACK is a flag, which it usually is, then this field contains the position of the next byte of data that the sender of the segment expects to receive.
    IN TCP there is no need for every data segment to be recognized. The value in the confirmation field is interpreted as “all data received OK so far.” This saves bandwidth when all data is routed in one direction, reducing the need for segment recognition. If data is sent simultaneously in both directions, as in full duplex communication, then stamps are not associated with costs, since a data segment one way can contain an acknowledgment for data sent the other way.
    Next in the header is a 16-bit field containing the header length and flags. TCP headers may contain additional fields, so the length can vary from 20 to 60 bytes. Flags: URG, ACK (which we already mentioned), PSH, RST, SYN and FIN. We'll look at some other flags later.
    The header contains a field called window size, which gives the number of bytes the receiver can receive. There is also a 16-bit checksum covering both the header and data. Finally (before additional data) there is a field called the “urgency indicator”. When the URG flag is set, this value is interpreted as an offset serial number. It identifies the start of data in a stream that needs to be processed urgently. This data is often referred to as "out-of-group" data. An example of its use is when the user presses the break key to interrupt exiting the program during a Telnet session.

    IN computer networks The port is the communication end point in the operating system. The term is also used for hardware devices, but in software it is a logical construct that identifies a specific process or type of service.

    A port is always associated with a host IP address and type and thus completes the session address assignment. It is identified for each address and protocol using a 16-bit number, commonly known as the port number. Specific port numbers are often used to identify specific services. Of the thousands listed, 1024 well-known port numbers are protected by convention to identify specific types of services on the host. Protocols that primarily use ports are used to control processes (for example, Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) from the Internet protocol suite).

    Meaning

    TCP ports are not needed over direct point-to-point links where the computers at each end can only run one program at a time. They became necessary after machines became capable of executing more than one program at a time and were connected to modern networks with packet switching. In the model client-server architecture applications, ports, and network clients connect to service initiation, provide multiplexing services after the initial communication is associated with a known port number, and it is released by switching each request service instance to a dedicated line. A connection is made to a specific number, and thanks to this additional clients can be served without waiting.

    Details

    Data transfer protocols - Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) - are used to indicate the destination port number and source in their segment headers. The port number is a 16-bit unsigned integer. So it can be in the range from 0 to 65535.

    However, TCP ports cannot use the number 0. The source port for UDP is optional, and a value of zero means it is not present.

    A process communicates its input or output channels through an Internet socket (a type of file descriptor) using a transport protocol, port number, and IP address. This process is known as binding, and it enables data to be sent and received across a network.

    The operating system is responsible for transmitting outgoing data from all application ports to the network, as well as forwarding incoming network packets (by mapping the IP address and number). Only one process can be bound to a specific IP address and port combination using the same transport protocol. Common application crashes, sometimes called port conflicts, occur when multiple programs try to communicate with the same port numbers on the same IP address using the same protocol.

    How are they used?

    Applications implementing shared services often use a specially reserved and well-known list of TCP and UDP ports to accept service requests from clients. This process is known as listening, and it involves receiving a request from a well-known port and establishing a one-to-one conversation between the server and client using the same local port number. Other clients can continue to connect - this is possible because the TCP connection is identified as a chain consisting of local and remote addresses and ports. Standard TCP ports and UDP are determined by agreement under the control of the Internet Assigned Numbers Authority (IANA).

    The core network services (primarily WorldWideWeb) tend to use small port numbers - less than 1024. In many operating systems special privileges are required for applications to bind to them because they are often considered critical to the functioning of IP networks. On the other hand, the end client of the connection usually uses a large number of them, allocated for short-term use, which is why there are so-called ephemeral ports.

    Structure

    TCP ports are encoded in the transport protocol packet header, and they can be easily interpreted not only by the sending and receiving computers, but also by other components network infrastructure. In particular firewalls, are typically configured to distinguish packets based on their source or destination port numbers. Redirection is a classic example of this.

    The practice of trying to connect to a range of ports sequentially on a single computer is known as port scanning. This is usually due to either malicious glitch attempts or network administrators looking for possible vulnerabilities to help prevent such attacks.

    Activities that focus on how often computers are monitored and recorded. This technique uses a number of spare connections to ensure an uninterrupted connection to the server.

    Examples of use

    The most important example where TCP/UDP ports are actively used is the Internet mail system. The server is used to work with email (sending and receiving), and in general requires two services. The first service is used for transport via email and other servers. This is achieved by using Typically, the SMTP service application listens on TCP port number 25 for the purpose of processing incoming requests. The other service is POP (all Post Office Protocol) or IMAP (or Internet Message Access Protocol) which are necessary for client applications in email on user machines to receive messages from the server email. POP services listen for numbers on TCP port 110. The above services can both run on the same host computer. When this happens, the port number distinguishes the service requested remote device- User’s PC or any other mail server.

    While the server's listening port number is correctly defined (IANA calls them well-known ports), this parameter client is often selected from dynamic range. In some cases, clients and server separately use specific TCP ports assigned in IANA. A good example is DHCP, where the client uses UDP 68 in all cases, and the server uses UDP 67.

    Usage in URLs

    Port numbers are sometimes clearly visible on the Internet or other uniform indexes information resources(URL). By default, HTTP uses and HTTPS uses 443. However, there are other variations. For example, the URL http://www.example.com:8080/path/ indicates that the web browser is connecting to 8080 instead of the HTTP server.

    List of TCP and UDP ports

    As noted, the Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of DNS-Root, IP addressing, and other Internet Protocol resources. This includes logging frequently used port numbers for well-known Internet services.

    Port numbers are divided into three ranges: well-known, registered, and dynamic or private. Well-known (also known as system) are those numbered from 0 to 1023. The requirements for new appointments in this range are more stringent than for other registrations.

    Well-Known Examples

    Examples found in this list, include:

    • TCP 443 port: HTTP Secure (HTTPS).
    • 22: Secure Shell (SSH).
    • 25: Simple Mail Transfer Protocol (SMTP).
    • 53: Domain Name System (DNS).
    • 80: Hypertext Transfer Protocol (HTTP).
    • 119: Network News Transfer Protocol (NNTP).
    • 123: Network Time Protocol (NTP)..
    • 143: Internet Message Access Protocol (IMAP)
    • 161: Simple Network Management Protocol (SNMP)1.
    • 94: Internet Relay Chat (IRC).

    Registered ports range from 1024 to 49151. IANA supports official list known and registered ranges. Dynamic or Private - 49152 to 65535. One use of this range is for temporary ports.

    History of creation

    The port number concept was created by early ARPANET developers through informal collaboration between the authors. software and system administrators.

    The term "port number" was not yet used at that time. The number sequence for the remote host was a 40-bit number. The first 32 bits were similar to today's IPv4 address, but the first 8 bits were the most significant. The smallest part of the number (bits 33 to 40) represented another object called AEN. This is the prototype of the modern port number.

    On March 26, 1972, the creation of a socket number directory was first proposed in RFC 322, which called for each persistent number to be described in terms of its functions and network services. This directory was subsequently published in RFC 433 in December 1972 and included a list of hosts, their port numbers, and the corresponding function used on each node on the network. In May 1972, official port number assignments were first documented, network services, and also proposed a special administrative function for maintaining this registry.

    The first TCP port list had 256 AEN values, which were divided into the following ranges:

    • 0 to 63: standard functions of the entire network
    • 64 to 127: Host-specific functions
    • 128 to 239: Reserved for future use
    • 240 to 255: Any experimental feature.

    The Telnet service received the first official assignment of the value 1. In the early days of the ARPANET, the term AEN also referred to the name of the socket that was used with the original connection protocol (MSP) and the network control program (NCP) component. Moreover, NCP was the predecessor of modern Internet protocols using TCP/IP ports.

    User Datagram Protocol (UDP)(User Datagram Protocol) is a TCP/IP standard protocol defined in RFC 768, "User Datagram Protocol (UDP)". UDP is used instead of TCP to transport data quickly and unreliably between TCP/IP hosts.

    UDP protocol provides connectionless service, so UDP does not guarantee delivery or sequence checks for any datagram. A host that needs reliable communication must use either the TCP protocol or a program that will itself monitor the sequence of datagrams and acknowledge the receipt of each packet.

    Time-sensitive applications often use UDP (video data) because it is preferable to drop packets rather than wait for delayed packets, which may not be possible in real-time systems. Also, the loss of one or more frames when transmitting video data via UDP is not as critical as when transmitting binary files, where the loss of one packet can lead to corruption of the entire file. Another advantage of the UDP protocol is that the UDP header length is 4 bytes, and TCP protocol- 20 bytes.

    UDP messages are encapsulated and transmitted in IP datagrams.

    UDP header

    The figure shows the fields present in the UDP header.

    • Sender Port - This field specifies the sender port number. This value is supposed to specify the port to which a response will be sent if necessary. Otherwise, the value should be 0. If the source host is a client, then the port number will most likely be ephemeral. If the source is a server, then its port will be one of the "well known".
    • Recipient Port - This field is required and contains the recipient port. Similar to the source port, if the client is the destination host, then the port number is ephemeral, otherwise (the server is the recipient) it is a "well-known port".
    • Datagram length is a field that specifies the length of the entire datagram (header and data) in bytes. The minimum length is equal to the length of the header - 8 bytes. Theoretically, maximum size fields - 65535 bytes for a UDP datagram (8 bytes for header and 65527 for data). The actual limit for data length when using IPv4 is 65507 (in addition to the 8 bytes per UDP header, another 20 bytes per IP header are required).
    • Checksum - The checksum field is used to check the header and data for errors. If the amount is not generated by the transmitter, then the field is filled with zeros.

    Let's look at the header structure UDP by using network analyzer Wireshark:

    UDP ports

    Since several programs can be running on the same computer, to deliver a UDP packet specific program, each program's unique identifier or port number is used.

    Port number is a conditional 16-bit number from 1 to 65535 indicating which program the package is intended for.

    UDP ports provide the ability to send and receive UDP messages. A UDP port functions as a single message queue to receive all datagrams destined for the program specified by the protocol port number. This means that UDP programs can receive more than one message at a time.

    All UDP port numbers that are less than 1024 are reserved and registered with the Internet Assigned Numbers Authority (IANA).
    UDP and TCP port numbers do not overlap.

    Each UDP port is identified by a reserved or known port number. The following table shows a partial list of known UDP port numbers that are used by standard UDP programs.

    Read more: