Universal Plug and Play (UPnP) is a networking protocol or a set of networking protocols which enables devices like personal computers, WiFi, Mobile devices, printers etc. to discover each other and establish connections for sharing services and data and also entertainment purposes. UPnP is intended to be used on residential networks.UPnP can be considered as an extension of Plug and Play which enables users to connect devices directly to a computer without any manual configurations to the device or to the computer.
UPnP allows direct networking between home appliances like printers, personal computers, mobile devices, and many more. It uses established standard industry protocols like TCP/IP, XML, Simple Object Access Protocol (SOAP), UDP, DHCP (Dynamic Host Configuration Protocol), DNS (Domain Name System). UPnP technology was initially promoted by UPnP forum which was an initiative by various vendors.
UPnP assumes that a device is compatible with Internet Protocol (IP) Addressing, for using protocols built on it, like Hyper Text Transfer Protocol (HTTP), Extensible Markup Language (XML), Transmission Control Protocol (TCP), User Datagram Protocol (UDP). It uses these protocols to advertise the device’s presence and for data transfer.It uses port 1900 on UDP.
- UPnP uses IP addressing. Hence, when it is initiated it acts as a Dynamic Host Configuration Protocol (DHCP) client to assign itself an IP and searches for a DHCP server.
- If no DHCP server is found, the device assigns itself an IP using a process known as AutoIP, which assigns an IP unique to its local network.
- If during DHCP transaction, device gets a domain name through a Domain Name Server(DNS), it uses that domain name, else it uses it’s IP.
Simple Service Discovery Protocol (SSDP):
SSDP is the protocol used by UPnP devices to discover each other.
- When device is added to the network, it allows the device to advertise it’s services to other devices on the network, by sending SSDP alive messages.
- SSDP also allows a device to passively listen to SSDP alive messages from other devices on the network.
- When two devices discover each other, a discovery message is exchanged, it contains essential information like the device type and it’s services.
When devices discover each other, for the devices to learn more about each other they exchange information in XML format. These messages contain information like Manufacturer name, Model Name, Manufacturer Websites, services provided by device, parameters or arguments to be passed to the device for a service, etc.
After getting information about the device and it’s services, the control point can call for the service to the URL provided by manufacturer, this call is much like a programming function call. This is done by a protocol known as Simple Object Access Protocol(SOAP) which passes XML messages.
General Event Notification Architecture (GENA):
GENA is the architecture used for event notification in UPnP. This is used by services to respond to service calls. A control point can subscribe to a device’s event notification, each device has a set of Model variables, when there is a change in them, control point gets notified. These messages are also sent in XML format.
A device may contain a manufacturer website URL for presentation, this can be used by a control point to retrieve information and also can be used by the user to customize the device settings on a web browser.
Advantages of UPnP:
- It can be used for NAT traversal or Firewall punching.
- It allows real Plug and Play compatibility.
- It is backed by various big vendors and companies like Microsoft and Intel, which makes it an industry standard.
- It is an ideal architecture for home devices and networks.
Disadvantages of UPnP:
- Control points do not require any authentication, hence any program on your computer can ask to forward a UPnP port
- UPnP has no official implementation, hence every router has its own implementation, many implementations have bugs or give a open passage to malware
- Any malicious program on your network can use UPnP, in the same way a legitimate program uses it.
- Universal Serial Bus (USB) in Computer Network
- Web Jacking
- Comparison Networks
- Traditional TCP
- Role of Computers in Crime
- How to validate an IP address using Regular Expressions in Java
- Cryptography and Network Security Principles
- Internet of Things and careers in IoT
- Early Evidence of Steganography
- Difference between Terrestrial Microwave and Satellite Microwave Transmission System
- Difference between URL and URI
- What is a Dictionary Attack?
- Avalanche Effect in Cryptography
- What is SNORT ?
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.