Differences between revisions 2 and 3
Revision 2 as of 2004-09-14 13:16:57
Size: 1729
Editor: UlfLamping
Comment: add a link to the RFC
Revision 3 as of 2004-09-14 13:51:30
Size: 1870
Editor: UlfLamping
Comment: some more content
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
The ["UDP"] layer provides datagram based connectionless transport layer (layer 4) functionality in the InternetProtocolFamily. It provides not much more than the described UDP port multiplexing.
The ["UDP"] layer provides datagram based connectionless transport layer (layer 4) functionality in the InternetProtocolFamily.

UDP is only a thin layer and provides not much more than the described UDP port multiplexing.
Line 6: Line 9:

There are a lot of protocols on top of UDP, including: ["BOOTP"], ["DNS"], ["NTP"], ["SNMP"], ...
Line 21: Line 26:
UDP dissector is fully functional. There are two statistical menu items for UDP available: ''Statistics/Endpoints'' which contains a tab showing all UDP endpoints (combination of IP address and UDP port) and ''Statistics/Conversations'', which contains a tab showing all UDP conversations (combination of two endpoints). The UDP dissector is fully functional.

There are two statistical menu items for UDP available: ''Statistics/Endpoints'' which contains a tab showing all UDP endpoints (combination of IP address and UDP port) and ''Statistics/Conversations'', which contains a tab showing all UDP conversations (combination of two endpoints).

User Datagram Protocol (UDP)

The ["UDP"] layer provides datagram based connectionless transport layer (layer 4) functionality in the InternetProtocolFamily.

UDP is only a thin layer and provides not much more than the described UDP port multiplexing.

Just like ["IP"], UDP also doesn't provide any mechanism to detect duplicated packets, loss of packets and alike.

There are a lot of protocols on top of UDP, including: ["BOOTP"], ["DNS"], ["NTP"], ["SNMP"], ...

History

XXX - add a brief description of UDP history

Protocol dependencies

  • ["IP"]: Typically, UDP uses ["IP"] as it's underlying protocol. The well known protocol id for UDP on IP is 0x11.

Example traffic

XXX - Add example traffic here (as plain text or Ethereal screenshot).

Ethereal

The UDP dissector is fully functional.

There are two statistical menu items for UDP available: Statistics/Endpoints which contains a tab showing all UDP endpoints (combination of IP address and UDP port) and Statistics/Conversations, which contains a tab showing all UDP conversations (combination of two endpoints).

Preference Settings

(XXX add links to preference settings affecting how UDP is dissected).

Example capture file

XXX - Add a simple example capture file. Keep it short, it's also a good idea to gzip it to make it even smaller, as Ethereal can open gzipped files automatically.

Display Filter

A complete list of UDP display filter fields can be found in the [http://www.ethereal.com/docs/dfref/u/udp.html display filter reference]

  • Show only the UDP based traffic:

     udp 

Capture Filter

  • Capture only the UDP based traffic:

     udp 

Discussion

User_Datagram_Protocol (last edited 2011-07-24 15:08:04 by LorenKellogg)