UDP packets enigma
Hi all,
Maybe someone would be so kind and enlighten me a bit.
What's the mechanism that allows to pass the UDP packets from internet through the router to local computer without port redirecting ?
I am thinking now about those online games, that are using UDP packets to synchronise game action.
For example Team Fortress 2, it gets UDP packages from the game engine server, and there is no port redirected on the router.
Also the UDP is a connectonless protocol, so there is no session that could be initialized from the computer inside the network.
My knowledge about insights of a router algorithms is pretty poor, but I am wondering about the security issues here.
I would appreciate any info about it.
Regards
Pawel
Maybe someone would be so kind and enlighten me a bit.
What's the mechanism that allows to pass the UDP packets from internet through the router to local computer without port redirecting ?
I am thinking now about those online games, that are using UDP packets to synchronise game action.
For example Team Fortress 2, it gets UDP packages from the game engine server, and there is no port redirected on the router.
Also the UDP is a connectonless protocol, so there is no session that could be initialized from the computer inside the network.
My knowledge about insights of a router algorithms is pretty poor, but I am wondering about the security issues here.
I would appreciate any info about it.
Regards
Pawel
Comments
I'm a little unsure why you would think that port redirection is required in general. TCP traffic doesn't get port redirected between router hops either (unless there's an intentional configuration on a firewall or router to perform port redirection).
This way the incoming connection goes to correct computer.
Port redirections is also for UDP ports, if I have listening sockets on a computer in my local network.
However the game engine server somehow sends UDP packets to my computer and those packets go through the router without port redirection.
My question is how those packets go through the router, and how the router determines to which computer to send this packet ?
Pawel
When you send packets out onto the internet, your router basically remembers all of the details of your packet - Source/Dest IP addresses, source/dest port numbers, etc. This information is stored in a stateful database. Additionally, the router dyanmically anticipates what the return traffic will look like. It will essentially be looking for return traffic that is a mirror image of the outgoing traffic you sent earlier. If the gaming server replies, and that return traffic matches what your router is looking for, the router will allow the traffic and forward it out the interface attached to your computer; because it has been keeping track of your connection to the gaming server all along, with the help of NAT.
But the traffic being UDP or TCP does not affect this process. I believe the only reason your gaming server would be using UDP is because real-time communications would not benefit from the error-recovery TCP provides, and like docrice said it features less overhead as a result. Also, I don't perform port forwarding at home, but my understanding is port forwarding is really for when you have initiated a connection from the outside and need to poke a hole in your routers firewall to allow that traffic to a specific computer. But when going in-to-out, and requiring a response, stateful packet inspection does the work for you.
In short, there are two things making this happen: Stateful Packet Inspection, and NAT.