Any IP protocol other than TCP or UDP is known as a RAW protocol.
Raw protocol are used to generate/receive packets of a type that the kernel doesn’t explicitly support.
An easy example that you’re probably familiar with is PING.
Ping works by sending out an ICMP (internet control message protocol – another IP protocol distinct from TCP or UDP) echo packet.
Raw protocol can give the programmers the possibility to have absolute control over the data which is being sent or received through the network.
It is very usefull when someone needs to create their own protocol, using the
current system’s stack. Actually, with raw protocol, the programmer has control of every single
bit which is sent via the network. This is amazing, and provides an overwhelming power.
Anything which goes over the network is nothing more but a linear field of bits, 1 or 0,
incoming and outgoing. Raw sockets give the programmer full control over every bit.
Creating your own protocol for sending and receiving data is not a joke. It is a difficult
serious task, but has it’s advantages. No matter what the reasons for creating a special
protocol are, these are some obvious examples: encrypted traffic tunnels, with
pseudo-random protocol (before somebody attacks the crypto-system, they must first
completely understand the new weird protocol),optimized voice and video conference
protocols, which will really increase the quality and the performance of the sessions.
Raw sockets are goldish for hacking and network probing.
There are some limitation on raw protocol such as:
- sending just one packet in a time.
- difficulty in set all needed information.
- TCP data cannot be sent over raw sockets.
- UDP datagrams with an invalid source address cannot be sent over raw sockets.
- The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped.
- raw protocol not gonna send [FIN/ACK] by default to the source.