Why DNS takes udp packet….. Why not TCP ??

Now you might be wondering why an application developer would ever choose to build an application over UDP rather than over TCP. Isn’t TCP always preferable to UDP since TCP provides a reliable data transfer service and UDP does not? The answer is no, as many applications are better suited for UDP for the following reasons:

* No connection establishment. As we aware tcp uses a three-way handshake before it starts to transfer data. UDP just blasts away without any formal preliminaries. Thus UDP does not introduce any delay to establish a connection. This is probably the principle reason why DNS runs over UDP rather than TCP — DNS would be much slower if it ran over TCP. HTTP uses TCP rather than UDP, since reliability is critical for Web pages with text. But, , the TCP connection establishment delay in HTTP is an important contributor to the “world wide wait”.
* No connection state. TCP maintains connection state in the end systems. This connection state includes receive and send buffers, congestion control parameters, and sequence and acknowledgment number parameters. We will see that this state information is needed to implement TCP’s reliable data transfer service and to provide congestion control. UDP, on the other hand, does not maintain connection state and does not track any of these parameters. For this reason, a server devoted to a particular application can typically support many more active clients when the application runs over UDP rather than TCP.
* Small segment header overhead. The TCP segment has 20 bytes of header overhead in every segment, whereas UDP only has 8 bytes of overhead.
* Unregulated send rate. TCP has a congestion control mechanism that throttles the sender when one or more links between sender and receiver becomes excessively congested. This throttling can have a severe impact on real-time applications, which can tolerate some packet loss but require a minimum send rate. On the other hand, the speed at which UDP sends data is only constrained by the rate at which the application generates data, the capabilities of the source (CPU, clock rate, etc.) and the access bandwidth to the Internet. We should keep in mind, however, that the receiving host does not necessarily receive all the data – when the network is congested, a significant fraction of the UDP-transmitted data could be lost due to router buffer overflow. Thus, the receive rate is limited by network congestion even if the sending rate is not constrained.

1Comment

Add yours

1

zahan on August 31, 2013 at 8:44 PM

Just bumped into this article. I’m writing my comment for those who don’t know the cons of UDP.

I prefer TCP over UDP any time. UDP is haven on earth for DoS attackers because the source address of a packet can be forged. I was recently involved in such a scenario: my DNS server was receiving requests with the source IP forged to the targets being attacked, thus my DNS server participating unwillingly in a DDoS attack targeting a couple of hundreds IPs. Since the real source of the packets was unknown, there was no way of dropping them.

Security wise UDP is a disaster. And nowadays the networks are getting faster and faster, fiberglass is being used everywhere, so delay and overhead are no longer an issue. Ping time between Europe (where I live) and US, for example, is under 5 ms.

I would very much like to have DNS standardized over TCP. And any other service using UDP for that matter. Security is paramount today.

LikeLiked by 1 person

Share:

Like this:

Related