It’s common knowledge in the games design industry that many online multiplayer games transfer data via UDP instead of TCP, but why?
To answer this, we’ll have to dig deeper into how TCP & UDP work, and the specific scenarios that online gaming has to deal with. To start with, TCP is slower than UDP; this is because UDP is a continuous data-stream and doesn’t care if the other end exists or not, meaning that UDP doesn’t have to wait for a response from the other end in order to send the next packet. TCP is ‘polite’ and waits for a response from the other end of the connection, and as a result is more reliable as data is guaranteed to arrive(with UDP there’s no guarantee that data will reach its destination) from one end of the connected socket to the other.
In an online game, do players with high latency seem to jump around the place? That’s UDP. What’s happening here is that the data the player’s client is sending isn’t complete (or packets are congested), and as a result the server makes it seem like the player is ‘teleporting’ in the world. With TCP, this wouldn’t happen but on-wait sockets will consume CPU time and as such it is theoretically possible to crash a server that uses TCP in this way. Remember that the number one rule is to never assume the client is well-behaved- program in some protection!
With TCP, the operating system handles the connection in its entirety; if the destination is unreachable the connection is instantly dropped. This is practically useless for online gaming as connection hiccups are common; if TCP was used just a single ‘dead’ packet will result in a disconnection. In UDP, the application decides when to ‘drop’ the connection; this is useful as it allows the game to wait for more data if the connection is intermittent. This however turns into a disadvantage as it is possible for an unprotected server to crash if a client sends a packet of greater than 65,535 bytes. Implement DDoS protection to scan the size of a packet before it enters the server properly.
This vulnerability exists in Crytek’s Crysis 1 and Wars online multiplayer games (unsure about Crysis 2 and 3); this meant that any UDP packet sent to the server’s IP and port resulted in the server crashing. With online gameserver trackers this lead to a widespread spree of attacks in 2010-2011 where someone (might add that I know exactly who this person is…) kept crashing Crysis servers via this vulnerability,
Via the game SDK I was able to patch this by adding a function that dropped packets greater than 65,535 bytes, which instantly protected my servers from this attack. Please, if you’re going to develop an online multiplayer game, ensure this vulnerability is patched.
Also remember that if we had 16 players connected to a gameserver, every time something happens to a player the 15 other players need to know about it; imagine if we were using TCP and one of the packets dropped. Yes exactly, we’d have to wait until that packet is resent and the server gets a reply for the gameserver to continue processing data, and this in turn holds up all the other players. The packets coming in while the dead packet is dealt with will have to be dealt with too, resulting in congestion. With UDP, we have none of that (the most recent packet is dealt with, and the older ones are simply dropped).