2

  • DTLS-UDP is used between client and server.

    If the client ends abnormally,how does the server know that the client is gone?

    i have read rfc6347 and find nothing about that. thanks in advance.

43h
  • 25
  • 5
  • 2
    DTLS like UDP is connectionless and does not attempt to detect peer failure. The optional heartbeat extension (rfc6520) was intended to provide this (especially in DTLS but possibly TLS also) but due to a catastrophic vulnerability in OpenSSL's implementation (https://HeartBleed.com) it is now in very bad repute and often forbidden. – dave_thompson_085 Aug 19 '17 at 03:41
  • @dave_thompson_085 I'd write that as an answer, since it's the truth despite being unfortunate. – Polynomial Aug 19 '17 at 11:07

1 Answers1

2

As commented by dave_thompson_085, DTLS is connectionless.

In order to detect a client which has stopped communicating you would have use a method of detecting a client is no longer sending traffic, such as a heartbeat or keep alive. RFC6520 was written exactly for this purpose.

The reason it's not in the DTLS RFC is because the protocol is connectionless by design.

It's also worth noting that although Heartbleed was a bad bug, it's now been patched and it shouldn't discourage you from using OpenSSL. There are also OpenSSL alternatives such as LibreSSL

(Note: I would have put this as a comment but I don't have enough reputation at the moment)

Community
  • 1
Stu
  • 186
  • 5