【计算机网络】实验五 UDP



To look at the details of UDP (User Datagram Protocol). UDP is a transport protocol used throughout the Internet as an alternative to TCP when reliability is not required. It is covered in §6.4 of your text. Review that section before doing this lab.




Wireshark: This lab uses the Wireshark software tool to capture and examine a packet trace. A packet trace is a record of traffic at a location on the network, as if a snapshot was taken of all the bits that passed across a particular wire.  The packet trace records a timestamp for each packet, along with the bits that make up the packet, from the lower-layer headers to the higher-layer contents. Wireshark runs on most operating systems, including Windows, Mac and Linux. It provides a graphical UI that shows the sequence of packets and the meaning of the bits when interpreted as protocol headers and data. It color-codes packets by their type, and has various ways to filter and analyze packets to let you investigate the behavior of network protocols. Wireshark is widely used to troubleshoot networks. You can download it from www.wireshark.org if it is not already installed on your computer. We highly recommend that you watch the short, 5 minute video “Introduction to Wireshark” that is on the site.  

ifconfig / ipconfig: This lab uses the “ipconfig” (Windows) or “ifconfig” (Mac/Linux) command-line utility to inspect the state of your computer’s network interface. ifconfig/ipconfig is installed as part of the operating system on Windows, Linux, and Mac computers.

Browser: This lab uses a web browser to find or fetch pages as a workload. Any web browser will do.





Step 1: Capture a Trace

There are many ways to cause your computer to send and receive UDP messages since UDP is widely used as a transport protocol. The easiest options are to:

  • Do nothing but wait for a while. UDP is used for many “system protocols” that typically run in the background and produce small amounts of traffic, e.g., DHCP for IP address assignment and NTP for time synchronization.
  • Use your browser to visit sites. UDP is used by DNS for resolving domain names to IP addresses, so visiting fresh sites will cause DNS traffic to be sent. Be careful not to visit unsafe sites; pick recommended sites or sites you know about but have not visited recently. Simply browsing the web is likely to cause a steady stream of DNS traffic.
  • Start up a voice-over-IP call with your favorite client. UDP is used by RTP, which is the protocol commonly used to carry media samples in a voice or video call over the Internet.

Proceed as follows to capture a trace of UDP traffic; alternatively, you may use a supplied trace:

  1. Launch Wireshark and start a capture with a filter of “udp“. Press ctrl+k to set up capture options. Your option window should be similar to the one pictured below. Select the interface from which to capture as the main wired or wireless interface used by your computer to connect to the Internet. If unsure, guess and revisit this step later if your capture is not successful. Switch “capture packets in promiscuous mode(混杂模式)” to off. This mode is useful to overhear packets sent to/from other computers on broadcast networks. We only want to record packets sent to/from your computer. Leave other options at their default values. The capture filter, if present, is used to prevent the capture of other traffic your computer may send or receive.
  2. When the capture is started, perform some activities that will generate UDP traffic. We described several options above, e.g., browse the web.
  3. Wait a little while (say 60 seconds) after you have stopped your activity to also observe any background UDP traffic. It is likely that you will observe a trickle of UDP traffic because system activity often uses UDP to communicate. We want to see some of this activity.
  4.  Use the Wireshark menus or buttons to stop the capture. You should now have a trace with possibly many UDP packets. Our example is shown below. We have selected a packet and expanded the detail of the UDP header.











Step 2: Inspect the Trace

Different computers are likely to capture different kinds of UDP traffic depending on the network setup and local activity. Observe that the protocol column is likely to show multiple protocols, none of which is UDP. This is because the listed protocol is an application protocol layered on top of UDP. Wireshark gives the name of the application protocol, not the (UDP) transport protocol unless Wireshark cannot determine the application protocol. However, even if the packets are listed as an application protocol, they will have a UDP protocol header for us to study, following the IP and lower-layer protocol headers.

Select different packets in the trace (in the top panel) and browse the expanded UDP header (in the middle panel). You will see that it contains the following fields:

  • Source Port, the port from which the UDP message is sent. It is given as a number and possibly a text name; names are given to port values that are registered for use with a specific application.
  • Destination Port. This is the port number and possibly name to which the UDP message is destined. Ports are the only form of addressing in UDP. There computer is identified using the IP address in the lower IP layer.
  • Length. The length of the UDP message.
  • Checksum. A checksum over the message that is used to validate its contents. Is your checksum carrying 0 and flagged as incorrect for UDP messages sent from your computer? On some computers, the operating system software leaves the checksum blank (zero) for the NIC to compute and fill in as the packet is sent. This is called protocol offloading. It happens after Wireshark sees the packet, which causes Wireshark to believe that the checksum is wrong and flag it with a different color to signal a problem. You can remove these false errors if they are occurring by telling Wireshark not to validate the checksums. Select “Preferences” from the Wireshark menus and expand the “Protocols” area. Look under the list until you come to UDP. Uncheck “Validate checksum if possible”. 

That is it.  The UDP header has different values for different messages, but as you can see, it is short and sweet. The remainder of the message is the UDP payload that is normally identified the higher-layer protocol that it carries, e.g., DNS, or RTP.









Step 3: UDP Message Structure

To check your understanding of UDP, sketch a figure of the UDP message structure as you observed. It should show the position of the IP header, UDP header, and UDP payload. Within the UDP header, show the position and size of each UDP field you can observe using Wireshark. Your figure can simply show the message as a long, thin rectangle.

Try not to look at the figure of a UDP segment in your text; check it afterwards to note and investigate any differences. To work out sizes, observe that when you click on a protocol block in the middle panel (the block itself) then Wireshark will highlight the bytes it corresponds to in the packet in the lower panel and display the length at the bottom of the window.

By looking at the details of the UDP messages in your trace, answer these questions:

  1. What does the Length field include? The UDP payload, UDP payload and UDP header, or UDP payload, UDP header, and lower layer headers?
  2. How long in bits is the UDP checksum?
  3. How long in bytes is the entire UDP header?

Turn-in: Hand in your drawing of a UDP message and the answers to the questions above.









Step 4: UDP Usage

To complete our understanding of UDP, we will look at how UDP is used in practice as a transport by applications. Beginning with IP, the next lower protocol layer, there are several issues we can consider. A first issue is how IP knows that the next higher protocol layer is UDP. The answer is that there is a Protocol field in the IP header that contains this information.



  1. Give the value of the IP Protocol field that identifies the upper layer protocol as UDP.


A second issue is how UDP messages are typically addressed at the IP layer. You might be surprised to find UDP messages in your trace that neither come from your computer or are sent only to your computer. You can see this by sorting on the Source and Destination columns. The source and destinations will be domain names, if Network layer name resolution is turned, and otherwise IP addresses. (You can toggle this setting using the View menu and selecting Name resolution.) You can find out the IP address of your computer using the “ipconfig” command (Windows) or “ifconfig” command (Mac/Linux). Simply type this command into a terminal window and look for the IPv4 address of the main interface. We have given examples below.


The reason you may find UDP messages without your computer’s IP address as either the source or destination IP address is that UDP is widely used as part of system protocols.

These protocols often send messages to all local computers who are interested in them using broadcast and multicast addresses.

In our traces, we find DNS (the domain name system), MDNS (DNS traffic that uses IP multicast), NTP (for time synchronization), NBNS (NetBIOS traffic), DHCP (for IP address assignment), SSDP (a service discovery protocol), STUN (a NAT traversal protocol), RTP (for carrying audio and video samples), and more. Your trace may have other protocols you have not heard about; it is OK, as there are a lot of protocols out there.

You can look them up on the web for fun.






2.Examine the UDP messages and give the destination IP addresses that are used when your computer is neither the source IP address nor the destination IP address. (If you have only your computer as the source or destination IP address then you may use the supplied trace.)


Finally, let us look at the lengths of typical UDP messages. We know that UDP messages can be as large as roughly 64Kbytes. But as you browse you should see that most UDP messages are much shorter than this maximum, so that UDP messages fit in a single packet.


3.What is the typical size of UDP messages in your trace?


Turn-in: Hand in your answers to the questions above.


Explore on your own

We encourage you to keep exploring on your own, but there is not much more to UDP.

Instead, you might examine the traffic of UDP-based applications to look at packet sizes and loss rates.

Voice-over-IP and its companion protocols like RTP (Real-Time Protocol) are good candidates.

Similarly, you might explore streaming and real-time applications to see which use UDP and which use TCP as a transport.







【计算机网络】实验五 UDP 的相关文章

  • 合肥工业大学编译原理实验三 LR(1)分析法

    前言 刚开始的时候觉得这个东西不好写 估计花的时间比前一个LL1更长 但后来转念一想 UI可以挪用上次的 改个标题 换点控件 换个总控程序不就可以了吗 剩下的问题就是用python的哪个数据结构来表示和存储LR文法的一些东西 比如项目怎么表
  • 合肥工业大学编译原理实验二 LL1分析

    写在开头 当老师说这个实验最好写成图形界面时 我笑了 滑稽 心想终于可以用到python了 python真香 用python的数据结构可以很方便的表示LL1的某些东西 当然有利也有弊 方便的同时也会有一些坑 当然Java也牛逼 Java的图
  • 《深入理解计算机系统》怎样学?个人看法和资源分享

    前言 我与 深入理解计算机系统 有三次接触吧 真有缘 第一次 在我读专科大二的时候 自己就看过一遍 深入理解计算机系统 想想就是放寒假前看完的 和现在的时间也差不了多少 第二次 在专科大三下学期又重新重头看起了本书 其主要原因为第一遍看的比
  • 实验 :OSPF综合应用场景

    R1 interface GigabitEthernet0 0 0 ip address 12 1 1 1 255 255 255 0 interface GigabitEthernet0 0 1 interface GigabitEthe
  • Spark Streaming(组件、updateStateByKey、Windows)总结

    Spark Streaming 1 SparkStreaming 是什么 2 实时计算框架对比 3 Spark Streaming组件 4 Spark Streaming 编码实战 无状态 4 1 Spark Streaming编码步骤 4
  • AutoSAR系列讲解(实践篇)7.7-实验:配置SWC&RTE(下)

    AutoSAR系列讲解 实践篇 7 7 实验 配置SWC RTE 下 实验 配置SWC RTE 下 三 步骤二 配置Runnable及其Tasks映射 1 添加及配置Runnable 2 打开Cfg并同步工程 3 导入DBC文件 4 创建T
  • 【管理篇 / 配置】❀ 06. 日志与监控 ❀ FortiGate 防火墙

    简介 在这个实验里 你将在FortiGate飞塔防火墙本地配置日志设置 配置警告邮件和显示日志 在防火墙上配置日志 为了记录网络活动 你必须在FortiGate配置日志 在这人练习里 你将配置日志设置 包括威胁权重以及在防火墙启用日志 使用
  • 【计算机网络】实验五 UDP

    Objective To look at the details of UDP User Datagram Protocol UDP is a transport protocol used throughout the Internet
  • 【管理篇 / 配置】❀ 02. 常用设置 ❀ FortiGate 防火墙

    简介 这个实验提供FortiGate飞塔防火墙命令及图形管理入门 此外 这个实验将指导你怎样正确的备份和恢复一个配置文件 建立一个新的管理员帐号和改变管理员访问权限 工作在命令行界面 你可以使用命令行界面 CLI 访问一台FortiGate
  • shell练习2

    要求 1 取出 etc inittab文件的第6行 2 取出当前系统上所有用户的shell 要求 每种shell只显示一次 并且按顺序进行显示 使用cut sort结合管道实现 3 如果 var log messages文件的行数大于100
  • 吉首大学_编译原理实验题_基于预测方法的语法分析程序的设计【通过代码】

    一 实验要求 实验二 基于预测方法的语法分析程序的设计 一 实验目的 了解预测分析器的基本构成及用自顶向下的预测法对表达式进行语法分析的方法 掌握预测语法分析程序的手工构造方法 二 实验内容 1 了解编译程序的基于预测方法的语法分析过程 2
  • EMOTIVE EPOC和EPOC + 快速入门指南

    EMOTIVE EPOC AND EPOC Quick Start Guide EMOTIVE EPOC和EPOC 快速入门指南 1 charge your headset Set your headset to off position
  • 操作系统-在分页式管理方式下采用位示图来表示主存分配情况,实现主存空间的分配和回收。

    实验六 一 实验题目 在分页式管理方式下采用位示图来表示主存分配情况 实现主存空间的分配和回收 二 实验内容 1 分页式存储器把主存分成大小相等的若干块 作业的信息也按块的大小分页 作业装入主存时可把作业的信息按页分散存放在主存的空闲块中
  • 合肥工业大学数值分析(计算方法)满分实验代码(python实现)

    用到的库 所有实验一共用到了numpy matplotlib pandas这几个常用的科学计算库 以及内置的数学库 正文开始 所有代码如下图 链接在文末 实验一 实验一的第一个实验主要是比较三种差值方法的差异 书上的差不多忘完了 直接上运行
  • “数据压缩实验之LZW 编解码算法实现与分析”实验报告_201810413045_陈诚

    文章目录 1 实验项目名称 2 实验目的 3 什么是LZW编解码算法与它的原理 3 1 LZW编解码算法介绍 3 2 LZW编解码算法原理 3 2 1 编码流程图及为了便于理解和期末复习举实例说明 3 2 2 解码流程图及举实例说明 重点说
  • 数据压缩实验之 JPEG原理分析及JPEG解码器的调试

    文章目录 1 实验名称 2 实验目的 3 主要设备 4 实验内容 4 1 JPEG文件格式 4 2 JPEG编解码原理 4 2 1 编码流程 4 2 2 解码流程 5 实验步骤 5 1 逐步调试JPEG解码器程序 5 1 1 理解程序设计的
  • shell第3次练习

    要求 1 ping主机测试 2 判断一个用户是否存在 3 判断当前内核主版本是否为3 且次版本是否大于10 4 判断vsftpd软件包是否安装 如果没有则自动安装 5 判断httpd是否运行 6 判断指定的主机是否能ping通 必须使用 1
  • 合肥工业大学编译原理实验一词法分析

    基本思路 词法分析是对输入语句串中一个个单词符号进行分析 最后格式化输出种别码 类型 位置等信息 那么 就可以考虑一次读入一个字符将它们拼接成一个字符串 当碰到空格或者分界符 时 就把前面已读的字符串格式化输出 再输出当前分界符 然后再往后
  • 合肥工业大学 汇编语言程序设计 高分实验代码

    感觉最困难的就是写汇编代码了 当时成功完美运行的时候兴奋的像当年第一次 Hello World 一样 且几乎所有关键之处都有注释 需要的朋友自取 链接 https pan baidu com s 1q4nVJ7aK4JEPQ F6PH45R
  • 数据压缩实验之 H.264编解码实验

    文章目录 1 将两个 264文件进行解码 得到相应的YUV文件 2 将上述两个视频序列编码为 264文件 2 1 固定码率 以不同的GOP长度及形状编码 2 1 1 GOP 15 2B帧 2 1 2 GOP 12 2B帧 2 1 3 GOP


  • 大数据分析——云南的花样之旅

    认真阅读过小伙伴们的评论 最终将我们此行的目的地定在了山清水秀的云南了 对于从小生活在北方的小编 对云南还是抱着不小的憧憬呢 下面就来看看数据人员给出的官方数据吧 首先我们就来说说久负盛名的云南大理吧 先看一下数据 看了下数据结果 小编才知
  • 【好工具】不需要知道地址,一个命令就能下载任何文件,它不香吗?

    今天介绍一款浏览器插件 可以直接将文件的下载链接直接转换成 Linux 命令 方便无操作界面的电脑下载无直链的文件 作者 编辑 Leong 导言 使用过 Linux 的朋友可能知道 大部分软件都是不支持 Linux 系统的 Windows系
  • List及String类的Contains方法底层源码解析

    public boolean Contains Object o 此处的o即为contains方法中的参数对象 return indexOf o gt 0 如果数值 gt 0 则返回true public int indexOf Objec
  • mysql中的Date日期格式的问题:只有日期没有时间及格式化时间

    只有日期没有时间 把xml中的date改为timestamp 格式化最简单的方法 JsonFormat pattern yyyy MM dd HH mm ss timezone GMT 8 转载于 https www cnblogs com
  • day7pyecharts制图-组合图

    Pyecharts制图 标题一 柱状图 导入柱状图的类 from pyecharts charts import Bar 导入图标配置类 from pyecharts import options 基本的柱状图 1 创建图标对象 bar B
  • 在Linux上部署KVM和使用

    实验前 我们关闭防火墙 systemctl stop firewalld systemctl enable firewalld 如果我们之前安装过KVM或者有残余 可以先执行以下命令来清除一下 yum remove rpm qa egrep
  • oracle中常用的set命令

    time 2008 2 1author skate oracle中常用的set命令 前一阵在做数据库数据的转移 所以就写个shell脚本来自动化完成 用shell脚本生成sql脚本时 就要用到oracle的set的命令来去掉一些不需要的提示
  • JVM内存划分

    1 程序计数器 每一个线程都有自己的一个程序计数器 创建线程时被一起创建 用于记录当前字节码执行位置 例如一个线程在执行过程中被挂起 一定时间片后 又继续执行 此时需要进行现场恢复 那么就可以在对应的程序记录器中找到被挂起时的下一条指令将要
  • java中mybatis原理,mybatis的工作原理

    由以上图可以看出 mybatis框架在操作数据库时大致经过了8个步骤 对这8个步骤分析如下 1 读取mybatis配置文件mybatis config xml mybatis config xml配置文件作为mybatis的全局配置文件 配
  • C++多态

    多态是C 面向对象三大特性之一 多态分为两类 静态多态 函数重载 和 运算符重载属于静态多态 复用函数名 动态多态 派生类和虚函数实现运行时多态 静态多态和动态多态区别 静态多态的函数地址早绑定 编译阶段确定函数地址 动态多态的函数地址晚绑
  • 图像处理:摩尔纹

    文章目录 1 什么是摩尔纹 2 怎样消除摩尔纹 总结 1 什么是摩尔纹 什么是摩尔纹 当我们对着电脑屏幕拍照时 会发现规则的彩色条纹 那就是我们常说的摩尔纹 它是由于采样不足 离散图像数据混淆产生的 刚才说的在空域上的混淆产生的摩尔纹 时域
  • 2021-05-14 thread已经退出析构qtcreator中仍显示thread正在运行

    threadobject已经析构 thread isrunning 是false thread isfinishing 也是true 说明thread退出了 但是qtcreator调试窗口中还是可见Qthread状态竟然是正在运行 什么鬼
  • python的22个基本语法

    人生苦短 我用Python Python编程语言是最容易学习 并且功能强大的语言 只需会微信聊天 懂一点英文单词即可学会Python编程语言 但是很多人声称自己精通Python 然后自己却写不出Pythonic的代码 对很多常用的包不是很了
  • 使用QT对MYSQL数据库进行简单操作

    include 在这里插入代码片 QtMySql h include
  • Transformer之编码器

    Bert是从transformer中衍生出来的预训练的模型 transformer模型已经得到广泛应用 应用的方式是先进行预训练语言模型 然后把预训练的模型适配给下游任务 以完成各种不同的任务 比如分类 生成 标记等 1 transform
  • windows10配置自己的深度学习、机器学习工作站

    活动地址 CSDN21天学习挑战赛 1 anaconda3 官网 下载速度超级慢 查找镜像源 Windows Python 3 9 64 Bit Graphical Installer的传到了csnd下载链接 右键 管理员身份运行 否则有的
  • 前端js数据加密解密

    一 最简单的加密解密 函数escape 和unescape 二 base64加密 1 introduction base64是网络上最常见的用于传输8bit字节码的编码方式之一 base64就是一种基于64个可打印字符来表示二进制数据的方法
  • MaskRcnn(二)实例分割的图像与标签同时进行增强

    实例分割数据增强 一 增强原因 1 防止过拟合 1 1 过拟合的定义 1 2 过拟合出现的原因 1 3 解决方法 2 增强结果模型的鲁棒性和泛化能力 2 1 鲁棒性 2 2 泛化性 3 提高识别精度 二 常用数据增强方法 1 平移 2 缩放
  • Pytorch史上最全torch全版本离线文件下载地址大全(9月最新)

    以下为pytorch官网的全版本torch文件离线下载地址 torch全版本whl文件离线下载大全https download pytorch org whl torch 其中的文件版本信息如下所示 部分版本信息 根据需要仔细寻找进行下载
  • 【计算机网络】实验五 UDP

    Objective To look at the details of UDP User Datagram Protocol UDP is a transport protocol used throughout the Internet