First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Firewall Problems with UDP

  • retag add tags

Hello I had a problem with a discord server today. One of our coworker wanted to use discord for business meetings. While Chat was possible voice and video wasn't. I looked at the tracefile with the syntax "frame contains discord". I found some TCP 443 and DNS queries. I looked at every TCP stream and i found no issues with it.

I googled a little bit and found the information that discord is using udp for voice and video so i checked our firewall and obviously everything else then TCP 80 and 443 was blocked. But what makes me wonder is why no icmp destination unreachable was found in the trace. I thought when a UDP connection fails that a icmp destination unreachable packet is sent but i didn't find any icmp packets except 2 from a workstation which tried to ping my client at the same time like i did a capture. Wireshark UDP PCAP File

fly_agaric's avatar
1
fly_agaric
asked 2020-10-21 15:35:11 +0000, updated 2020-10-21 15:35:56 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

A 'well behaved' intermediate system would do that, but these are becoming scarce. So the packets are simply dropped, without a peep.

Jaap's avatar
13.7k
Jaap
answered 2020-10-21 15:43:33 +0000
edit flag offensive 0 remove flag delete link
more

Comments

okay so how can I see these dropped packets in wireshark? is there a similar mechanism like syn tcp retransmission or rst ack after syn?

fly_agaric's avatar fly_agaric (2020-10-21 16:15:07 +0000) edit
more
  • delete

For UDP? No, it's a 'send of and hope for the best' protocol. This is useful for time sensitive data streams, like voice, in which retransmission is not feasible. So the overhead of acknowledgments is not needed.

In case of packet drops the only direct indication of this should be ICMP messages. Usually protocols running over UDP, like for voice that could be RTP, have some form of quality metrics, in case of RTP that would be RTCP. But since that is also transported over UDP you won't see that either.

Jaap's avatar Jaap (2020-10-21 17:38:38 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer