Hi,
On 23.05.21 12:23, Jonathan Morton wrote:
On 21 May, 2021, at 9:01 am, Taraldsen Erik <[email protected]> wrote:
I'm getting some traction with my colleges in the Mobile department on
measurements to to say something about user experience. While they are coming
around to the idea, they have major gaps in tcp/udp/ip understanding. I don't
have the skill or will to try and educate them.
[...]
I don't have a video link to hand, but let's tease out the major differences
between these three protocols:
[...]
It's common to use UDP for simple request-response applications (where both the
request and response are small) and where timeliness of delivery is far more
important than reliability (eg. multiplayer games, voice/video calls).
As an additional point to consider when pondering whether to
use TCP or UDP:
To mitigate that simple request-response protocols using UDP
lend themselves to being abused for reflection and amplification
(DDoS) attacks, either the response should be smaller than the
request, or the protocol should require authentication, with
either silent discard of packets that are not correctly
authenticated, or at least a smaller error message (with rate
limit, please) to indicate an authentication failure.
Especially if the response needs to be larger than the request,
e.g., with DNS, a response rate limit should be applied.
Since basic TCP first establishes a connection using small
packets (SYN, SYN+ACK, ACK), it is less useful for reflection
attacks than UDP.
Thanks,
Erik
_______________________________________________
Bloat mailing list
[email protected]
https://lists.bufferbloat.net/listinfo/bloat
