Let’s talk about this really funny protocol, funny is a weird word for a networking protocol, but I’ll try to make my point. I will try the same approach as my last post on TCP, making a simple python script and taking a look to Wireshark. Let’s start.


  1. Pyton 3
  2. Wireshark

The UDP handshake, the what?

Yep in my opinion UDP(User Datagram Protocol) is barely a protocol, I know I’m a not a computer science guy, but still it doesn’t seems to fit on that category of protocol. Let me clarify that UDP is extremely useful, I’m just saying that the parts involved on the communication doesn’t follow too many rules, like in TCP. Instead of just saying this I will try to show you why I said this, let’s make our simple Pyton script. Again this can be made with any programming language, I choose Pyton for simplicity.

Our server.py will contain our extremely simplified UDP server:

# [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) server.py

import socket

def main():
	# creating the socket
    sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    # binding the socket to the address, in our case the localhost
    sock.bind(('localhost', 7456))
    print("Just here on 7456...")
    # start reading data,
    # I'm just interested on a single message from the client and it will be
    # pretty short so don't need more than this
    data, address = sock.recvfrom(1024)
    print(f"FROM: {address} DATA: {data}")

if __name__ == "__main__":

Note the difference here with TCP, in this case he just start listening without the need to call socket.listen() or socket.accept(), take a look at this question on Stackoverflow, yes I use Stackoverflow as reference.

What about the client, here we go:

# [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) client.py

import socket

def main():
	# create the socket
    sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    print("Sending data...")
    # and ready to go
    sock.sendto(b"Hello Lola", ('localhost', 7456))

if __name__ == "__main__":

We create a socket and ready to send message, take into account that you don’t care if the server is listening, if there’s a server, you just send and hope for the best.

How this look like on Wireshark?

In the last post we saw that a single TCP connection with only one message generate several back and forward between the client and the server. I recommend you to take a look at the steps that you take to sniff the traffic in that case, in this case the only difference is that the filter in this case is udp.port == 7456.

TCP on Wireshark

Now let’s look this but with UDP, this is going to be funny because well…let’s see:

UDP Wireshark

Wait what? Just one message, the client just literally sent the message, he doesn’t care if the server is listening because again there’s not such a thing as listening on UDP.

Balls on your face, [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol)

Yep this picture explains really well the situation, also was made with exalidraw, you know promoting open source projects 😀.

So there’s no handshake in UDP, looking at the packet sent we can see that there’s no too much to see:

UDP packet

Only Destination port, Source port, UDP length and Checksum and good to go, sent that message!!

Uses cases of UDP

You may be wondering, “So why do I need this?”. Well given that UDP has low latency it has some pretty interesting uses cases. I’ll let you these two links below, so you can explore them:

That’s all for today :wave:.


  1. Stackoverflow