RTP stands for real-time transport protocol, which is useful for delivering live media streams over TCP/IP networks. These streams are usually set up to be viewed by many users simultaneously, though not always.
In addition to being used in one-to-many and many-to-many (multicast) communications for transferring data to multiple destinations, RTP is used for one-on-one calls (unicast) in video communication, telephony, and Voice over IP (VoIP) services.
RTP is also used with signaling protocols like the session initiation protocol (SIP), which creates, modifies, and terminates communication sessions of various types—including video conferencing, instant messaging, and other forms of media distribution.
As a communications protocol, RTP uses a broad range of ports to optimize the delivery of audio and video streams. The default value for RTP port ranges is between 16384 and 32767, with various vendors choosing different ports.
For reference, SIP communications are commonly in the 5060 to 5082 UDP port range, and the port used for your SIP trunk or VoIP will vary depending on the provider.
In any case, RTP is not your run-of-the-mill beginner topic, especially when it comes to ports.
RTP Ports Always Come In Pairs
RTP is a powerful protocol adopted in many applications like VoIP phone services, video conferencing, and simulation data. In order to provide end-to-end delivery of real-time media streams, it requires a pair of open ports for data delivery.
This is because RTP uses one port to implement audio/voice traffic and another port for what is known as the RTP control protocol (RTCP). In other words, while RTP carries the media streams, RTCP carries the necessary information for the RTP session to function properly.
As such, RTCP works together with RTP data streams to accomplish many things.
- It provides control information and out-of-band statistics for the RTP session.
- It monitors the quality of service (QoS) with regard to data traffic.
- It conveys information about the participants in the ongoing session, like the sender’s identity, in case an app wants to display it on a user interface.
- It synchronizes and correlates the various media streams from the same sender.
What Numbers are RTP Ports?
Ports are software-based connection endpoints that direct or send data to a particular service. Although a port is a virtual point, they are essential to network communications and are assigned a uniquely identifiable port number. The port number is a specific address or location where data or messages from the internet or other networks are forwarded once they reach the server.
RTP specifications recommend using even port numbers for RTP, while odd-numbered ports are used for RTCP. In practice, while RTP is delivered to an even-numbered port, the corresponding RTCP must be the next higher odd-numbered port.
For example, if an RTP application transmits media on port 1024, the RTCP port should send data on port 1025. Remember, this is just an illustration because any port can be used with RTP. However, it’s advisable to use high-order port numbers between 1024 and 65535.
The computer’s operating system manages ports, and port numbers are normally divided into the following three three ranges.
- Well-known ports fall between 0 and 1023 inclusively. These are reserved for specific protocols, such as the HTTP protocol that uses port 80.
- System or registered ports span from ports 1024 to ports 49151. These are designated for use with a particular application or protocol and are currently assigned by the Internet Assigned Numbers Authority (IANA).
- Dynamic or private ports are in the range of 49152 to 65535. These ports are not registered, assigned, or controlled by any entity.
Meanwhile, IANA has registered port 5004 for RTP and 5005 for RTCP.
TCP and UDP and RTP, oh my!
Transmission Control Protocol (TCP) and UDP (User Datagram Protocol) are transport layer protocols foundational to internet communications. Besides paying no attention to the man behind the curtain, these protocols make your online activities possible simply by facilitating data transmission from a network source to its destination.
TCP is more secure and reliable, while UDP sacrifices these features for speed. While TCP is connection-oriented, UDP is a connectionless protocol that can’t sequence data and doesn’t guarantee data delivery.
Since UDP doesn’t bother with complete data delivery, it performs no data retransmission and has minimal error-checking to fix bugs. While these characteristics may seem unfavorable to data transfers, they are ideal for real-time, live communications.
However, UDP is better suited for RTP’s live, multicast nature because it’s built for faster data transmission due to how it doesn’t need to ensure data delivery.
Although IP networks have provided us with many benefits, they have some significant drawbacks. For instance, IP networks aren’t super reliable because they are plagued by out-of-order delivery issues, meaning time discrepancies and de-sequencing delays cause “jitters” when delivering packets.
In other words, TCP/IP is not designed for low-latency data environments.
Fortunately, RTP compensates or counteracts these shortcomings by providing the following:
- A sequence number (to detect lost packets)
- Frame indication (marking the start and end of an IP frame)
- Payload type identification
- Delivery monitoring
By placing a higher emphasis on quicker delivery of packet streams rather than ensuring all the data is received, RTP is better at keeping video streams up and running instead of annoyingly buffering or pausing to prepare further playback.
Although the missing data packets may cause the audio to lose a fraction of a second or the video a frame or two, it’s often too brief to be noticeable to the user.
While RTP applications can use TCP, they usually run on UDP because they perform faster data delivery. As a result, many businesses favor RTP for live streaming, online gaming, and video chat applications.
On the other hand, TCP is more reliable and secure because it has an in-built packet delivery guarantee. Therefore, TCP is suited for web browsing, file transfers, email messaging, and SMS texting, which require reliable data transmission.
RTP Port Ranges Depend on Your Provider
As mentioned, RTP ports are assigned in the UDP range of 16384 and 32767. Different vendors tend to use different ports within this range. For example, Cisco Unified Communications Manager (CUCM) uses UDP ports in the range of 24576 and 32767.
In cybersecurity, unprotected ports are well-known attack vectors that criminals use to compromise data. RTP is vulnerable primarily because of its contactless feature, as it doesn’t require establishing a connection between two points for data transfer. This leaves it somewhat susceptible to hackers who can launch man-in-the-middle (MITM) attacks.
Additionally, because RTP lacks native encryption, its data is also susceptible to sniffing and snooping attacks to eavesdrop on its data. Plus, because of the porous nature of its contactless and unencrypted connection, hackers can even inject malicious code or leverage it to launch denial of service (DoS) attacks.
Of course, there are always measures to remedy RTP’s security shortcomings, such as a firewall or intrusion detection system that can detect and block nefarious traffic.
Similarly, organizations that use RTP applications for video conferencing will often deploy VoIP security and encryptions to safeguard their meetings.