UDP flood
High-rate UDP datagrams to ports and services that must inspect or respond to each packet (VoIP, gaming, DNS, custom protocols).
How it works
- UDP is connectionless β each datagram is handled independently.
- Bandwidth and PPS limits on NICs, firewalls, and apps are stressed.
- Reflection is out of scope here; Engarde focuses on direct simulation to your target.
Packet flow (illustrative)
Engarde node Target
βUDP :5000 β :2701564 B
βUDP :5001 β :2701564 B
βUDP :5002 β :2701564 B
ββ¦
Illustrative flow β not a live capture.
Typical pattern Sustained UDP PPS
Engarde metric Bandwidth, packet loss
Layer L4 transport
What to watch in Engarde
- Packet loss and jitter on Target Monitor.
- Firewall sessionless rule hit counts.
- Service-specific degradation (e.g. game server tick delay).
Running this simulation
Set UDP target port and intensity in Engarde DDoS. Useful for VoIP, gaming, and custom UDP services behind your perimeter.
Mitigation perspective
Port-based ACLs, UDP rate limiting, and upstream filtering; measure headroom with controlled Engarde runs.