UDP Header Analysis
[!NOTE] This module explores the core principles of UDP Header Analysis, deriving solutions from first principles and hardware constraints to build world-class, production-ready expertise.
1. What is UDP?
User Datagram Protocol (UDP) is a connectionless, “best-effort” delivery protocol. It does not guarantee that data arrives in order, or even that it arrives at all.
2. The UDP Header (8 Bytes)
Unlike TCP’s 20-60 byte header, the UDP header is extremely small and simple.
| Field | Bits | Purpose |
|---|---|---|
| Source Port | 16 | The port of the sending application. |
| Dest Port | 16 | The port of the receiving application (e.g., 53 for DNS). |
| Length | 16 | Total size of the UDP segment (Header + Data). |
| Checksum | 16 | Optional error detection. |
3. Why use UDP?
If it’s unreliable, why do we use it? Speed and Low Latency.
- No Handshake: You start sending data immediately.
- No Retransmission: If a packet is lost, it’s NOT resent. This is better for live audio/video where a late packet is useless anyway.
- No Congestion Control: UDP doesn’t slow down if the network is busy; it just keeps blasting data.
4. Interactive: TCP vs UDP Latency
Watch the difference in startup time.
TCP
0ms Wait
UDP
0ms Wait
UDP starts immediately. TCP waits for handshake.
5. Common Use Cases
| Protocol | Best For… | Examples |
|---|---|---|
| TCP | Accuracy & Reliability | Web Browsing (HTTP), Email, File Transfer (FTP). |
| UDP | Speed & Real-time | Voice (VoIP), Video Gaming, Streaming, DNS Lookup. |