What Is UDP?

A transport layer communication protocol, UDP is a very common protocol for voice and video traffic.

Common DDoS Attacks
DDoS Attack Tools
DDoS Glossary of Terms


Learning Objectives

After reading this article you will be able to:

  • Define UDP/IP
  • Describe some use cases for UDP

What is User Datagram Protocol (UDP/IP)?

UDP is a communication protocol used across the Internet for especially time-sensitive transmissions such as video playback or DNS lookups. It speeds up communications by not requiring what’s known as a “handshake”, allowing data to be transferred before the receiving party agrees to the communication. This allows the protocol to operate very quickly, and also creates an opening for exploitation.

TCP vs UDP Communication

A TCP connection, which is used commonly used for loading web page content, requires a handshake in which the receiver agrees to the communication before the data is sent. UDP will send data without confirmation, even if the request is fraudulent.

UDP doesn’t have the error checking and ordering functionality of TCP and is best utilized when error checking is not needed and speed is important. This built-in lack of reliability is why UDP is sometimes referred to as ‘Unreliable Datagram Protocol’.

Introduced in 1980, UDP is among the oldest network protocols still in use. Applications that utilize UDP must be able to tolerate errors, loss, and duplication. While this sounds less than ideal, there are several applications where a faster and less reliable protocol is the best choice.

What Kind Of Services Rely On UDP?

UDP is commonly used in time-sensitive communications where occasionally dropping packets is better than waiting. Voice and video traffic are sent using this protocol because they are both time-sensitive and designed to handle some level of loss. For example VOIP (voice over IP), which is used by many internet-based telephone services, operates over UDP. This is because a staticy phone conversation is preferable to one that is crystal clear but heavily delayed. This also makes UDP the ideal protocol for online gaming. Similarly, because DNS and NTP servers both need to be fast and efficient, they operate though UDP. Volumetric DDoS attacks including DNS amplification and NTP amplification make use of vulnerable instances of these servers with the aim of flooding a target with UDP traffic.