Home

UDPICMP

UDPICMP is a term used to describe a method for carrying UDP datagrams inside ICMP messages to create a UDP-like channel over an ICMP network layer. It is not part of a formal standard; rather, it appears in networking discussions and experimental tools as a way to bypass UDP restrictions or NATs by piggybacking UDP data on ICMP.

How it works: An endpoint encodes UDP datagrams into the payload of ICMP messages (commonly echo request

Use cases and motivation: UDPICMP is typically discussed in contexts such as tunneling in restricted networks,

Limitations and considerations: ICMP is not designed for reliable transport, so UDP datagrams carried this way

Security and policy: UDPICMP can create covert communication channels, raising security concerns in monitored networks. Many

See also: UDP, ICMP, network tunneling, covert channels, NAT traversal.

and
echo
reply,
or
occasionally
ICMP
error
messages).
Each
encapsulation
includes
a
small
header
with
session
identifiers,
source
and
destination
UDP
ports,
and
a
sequence
number
to
aid
reassembly.
A
receiving
endpoint
decodes
the
ICMP
payload
to
reconstruct
UDP
datagrams
and
deliver
them
to
the
target
UDP
port,
producing
a
stream
that
resembles
conventional
UDP
traffic.
NAT
traversal
experiments,
or
censorship
circumvention
research.
It
can
enable
UDP-like
communication
where
UDP
traffic
is
blocked
or
heavily
filtered,
though
it
relies
on
the
permissiveness
of
ICMP
handling
in
the
network.
may
suffer
from
data
loss,
duplication,
or
out-of-order
delivery.
ICMP
traffic
is
frequently
rate-limited,
filtered,
or
inspected
by
network
operators,
which
can
degrade
performance
or
result
in
visibility
and
blocking.
Payload
sizes
are
constrained
by
ICMP
and
network
MTU,
and
many
devices
perform
strict
validation
that
can
hinder
such
tunneling.
environments
discourage
or
block
ICMP
traffic
or
implement
deep
packet
inspection
to
detect
tunneling
patterns.