The User Datagram Protocol (UDP) - PowerPoint PPT Presentation

About This Presentation
Title:

The User Datagram Protocol (UDP)

Description:

The User Datagram Protocol (UDP) IP delivers a datagram from one machine to another Parallel: delivering a letter to a house UDP delivers a message to a given program ... – PowerPoint PPT presentation

Number of Views:117
Avg rating:3.0/5.0
Slides: 30
Provided by: Bret123
Learn more at: https://users.cs.jmu.edu
Category:
Tags: udp | datagram | protocol | tftp | user

less

Transcript and Presenter's Notes

Title: The User Datagram Protocol (UDP)


1
The User Datagram Protocol (UDP)
  • IP delivers a datagram from one machine to
    another
  • Parallel delivering a letter to a house
  • UDP delivers a message to a given program on a
    machine
  • Parallel delivering a letter to one of the
    occupants of a house

2
Ethernet Frame Type
  • Ethernet frame

3
Datagram Type
  • Datagram format

4
Datagram Type (cont)

Datagram Arrives
Demultiplexing Based on Datagram Type
ICMP Module
5
The User Datagram Protocol (UDP)
  • IP datagram header identifies a destination host
  • How does the host determine which
    user/application program gets the datagram once
    it arrives?
  • UDP provides a mechanism to distinguish among
    multiple destinations within a given host

6
The Ultimate Destination of a Datagram
  • Simple answer a process
  • Sender probably doesnt know destinations pid
  • Would like to be able to contact a process even
    if its pid has changed
  • Sender probably only knows the name of the
    function (not the process)
  • One process can provide multiple functions

7
The Ultimate Destination of a Datagram
  • Real answer protocol ports
  • Ports identified by positive integers
  • Operating system provides processes with
    interface mechanisms for the ports
  • Basic functions (open, close, read, write)
  • Blocking
  • Buffering

8
Communicating with Ports
  • Sender needs to know
  • IP address of the destination machine
  • Port number (on the destination machine) of the
    desired service
  • Each message contains
  • Destination IP address and port number
  • Sender IP address and port number

9
The User Datagram Protocol (UDP)
  • Transport layer internetworking protocol
  • Uses IP to transport messages
  • Used by application programs to send messages to
    other application programs
  • Uses ports to distinguish among multiple programs
    executing on the destination machine

10
Format of UDP Messages
  • Called user datagrams

11
User Datagram Fields
  • Source port
  • Optional (0 if not used)
  • 16-bit UDP port number
  • Destination port
  • 16-bit UDP port number
  • Length
  • Number of octets in the user datagram

12
User Datagram Fields (cont)
  • Checksum
  • Optional (0 if not used)
  • Provides some reliability (IP wont)
  • Uses the same checksum algorithm as IP
  • 1s complement addition
  • What happens if the computed checksum is 0?

13
UDP Encapsulation
  • UDP is a transport protocol

14
The UDP Pseudo-Header
  • A pseudo-header is prepended to the user datagram
    for the checksum computation
  • Pseudo-header format

15
The UDP Pseudo-Header
  • The checksum in the UDP header is computed over
  • The pseudo-header
  • UDP header (with 0s in the checksum field)
  • UDP data area
  • The pseudo-header is not
  • Transmitted with the user datagram
  • Reflected in the length field in the UDP header

16
The UDP Pseudo-Header (cont)
  • Purpose - to verify that the user datagram has
    reached its correct destination
  • Recall - a correct destination includes
  • A specific machine
  • A specific port
  • The UDP header specifies the port
  • How can the IP address be checked?

17
Checking the IP Address with the Pseudo-Header
  • Checksum computed by sender covers the
    destination IP address in the pseudo-header
  • Receiver recreates pseudo-header using IP
    addresses from the header of the IP datagram that
    carried the UDP message
  • Receiver computes checksum and compares

18
UDP Layering Violation
  • Problems
  • How is the destination IP address known so it can
    be added to the pseudo-header?
  • How is the source IP address known so it can be
    added to the pseudo-header?
  • Layering violation - UDP must interact with IP to
    learn the source IP address

19
UDP Layering Violation (cont)
  • Solution 1 - the UDP software
  • Asks the IP software to compute the source (and
    possibly destination) IP addresses
  • Constructs the pseudo-header
  • Computes the checksum
  • Discards the pseudo-header
  • Passes the user datagram to IP for delivery

20
UDP Layering Violation (cont)
  • Solution 2 - the UDP software
  • Encapsulates a user datagram inside an IP
    datagram
  • Obtains a source (and dest) IP address from IP
  • Stores the IP address(es) in the datagram header
  • Computes the UDP checksum
  • Passes the datagram to the IP layer (IP will need
    to fill in a few fields in the IP header)

21
Demultiplexing at the UDP Layer
Queue

User Datagram
UDP Demultiplexing Based on Port Number
P14
IP Layer
P11
22
UDP Port Numbers
  • Universal assignment - central authority
    specifies which port will perform which service
  • Dynamic binding
  • Ports are assigned to services as requested
  • Mechanism provided to ask a remote computer What
    port is service X?

23
UDP Ports
  • TCP/IP - hybrid approach
  • Some port numbers are the preassigned
  • The rest are bound dynamically

24
UDP Security Issues
  • Fraggle a UDP attack similar to ICMP smurf
  • UDP port seven is an echo service
  • Attacker sends user datagrams to port seven of a
    broadcast address at an intermediate site
  • Spoofed source addresses pointing to victim
  • Random source ports (or port 7)
  • Each request generates replies from many machines
  • Result flood victims machine/network with UDP
    replies
  • Fix filtering out UDP echo requests (or anything
    else that might generate a response) sent to a
    broadcast addresses

25
Trinoo
  • Distributed denial of service attack tool that
    enables an attacker to inundate a victim with UDP
    traffic from many different hosts simultaneously
  • Daemon program
  • Setup
  • Search for machines and attempt to break into
    them using a number of different exploits
  • Install the trinoo daemon
  • Attack
  • When given a victim by a master server, sends a
    large number of UDP packets to random ports on
    the victim
  • Master server

26
Trinoo (cont)
  • Master servers
  • Each master server controls a number of daemons
    on different hosts (commands are password
    protected)
  • An attacker normally controls a number of master
    servers (on different hosts)
  • Commands are password protected
  • Start/stop it running
  • Test that it is alive/listening
  • Ask for a list of all the daemons that it
    controls
  • Instruct it to order its daemons to attack a
    given victim

27
Trinoo (cont)

28
Trinoo (cont)
  • August, 1999
  • Trinoo daemons running on over 200 different
    machines flooded a University of Minnesota host
    for several days
  • February, 2000
  • Trinoo (and other distributed denial of service
    tools) used to attack several major e-commerce
    sites on the Web

29
Summary
  • UDP is a transport layer internetworking protocol
  • Uses IP to transport messages
  • Used by application programs to send messages to
    other application programs
  • Uses ports to distinguish among multiple programs
    executing on the destination machine
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "The User Datagram Protocol (UDP)" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!