Universal Plug and Play: Networking Made Easy

Whether it's to share files or Internet connections or to play digital content throughout the house, networking has become part of everyday life for many home and small-business users. Despite this, networks haven't gotten a whole lot easier to set up and configure. But a technology called Universal Plug and Play (UPnP) is starting to make networking-configuration hassles a thing of the past.

Just as Plug and Play (PnP) technology changed the way we integrate hardware with our PCs, UPnP will ease the way we add devices to a network. With PnP, you no longer need to configure resources for each device manually, hoping there are no conflicts. Instead, each device identifies itself to the operating system, loads the appropriate drivers, and starts operating with minimal fuss. PC-based networks, however, still require a cumbersome setup and configuration process, and devices such as printers, VCRs, PDAs, and cell phones are still difficult or impossible to network.

With UPnP, adding devices to your network can be as easy as turning them on. A device can automatically join your network, get an IP address, inform other devices on your network about its existence and capabilities, and learn about other network devices. When such a device has exchanged its data or goes outside the network area, it can leave the network cleanly without interrupting any of the other devices.
The ultimate goal is to allow data communication among all UPnP devices regardless of media, operating system, programming language, and wired/wireless connection. To foster such interoperability, UPnP relies on network-related technologies built upon industry-standard protocols such as HTTP, IP, TCP, UDP, and XML. Let's take a closer look.

UPnP is an open networking architecture that consists of services, devices, and control points. Services are groups of states and actions. For example, a light switch in your home has a state (either on or off) and an action that allows the network to get or change the state of the switch. Services typically reside in devices. A UPnP-compliant VCR might, for example, include tape handling, tuning, and clock services—all managed by a series of specific actions defined by the developer. Devices may also include (or nest) other devices. Because devices and their corresponding services can vary so dramatically, there are numerous industry groups actively working to standardize the services supported by each device class.

Today, there are four standards: Internet Gateway Device (IGD) V 1.0; MediaServer V 1.0 and MediaRenderer V 1.0; Printer Device V 1.0 and Printer Basic Service V 1.0; and Scanner (External Activity V 1.0, Scan V 1.0, Feeder V 1.0, and Scanner V 1.0). Industry groups will produce XML templates for individual device types, which vendors will fill with specific information such as device names, model numbers, and descriptions of services.

The various UPnP devices will be identified and managed by one or more control points (a controller, such as an application) on the network. In practice, many devices may include control points in order to facilitate true peer-to-peer networking.

When a device is added to a UPnP network, its first step is to obtain an IP address. Once this is accomplished via its internal DHCP client, the device advertises its presence, providing a description of itself and its services. A control point receives the description, which includes a list of actions related to each service and the variables that define the possible states for the device, and then sends action requests to the device. Results of the requests are published via event messages sent by the particular service and include the values of state variables. If appropriate, the control point presents a page in a user's browser that lets the user manage the device or monitor its status.

This isn't just theory. Both Microsoft Windows Me and XP support UPnP, and many manufacturers are now producing UPnP-compliant network devices. For example, a variety of products, such as the D-Link DFE-530TX+ 10/100 Ethernet network adapter (www.dlink.com) and the Linksys EtherFast BEFSR41W four-port cable/DSL router (www.linksys.com), now fully support UPnP. And the new MusicMatch Jukebox 8.0 media player supports UPnP home-networking devices. Industry groups will continue to define new services not only for PCs and related peripherals but for home appliances, automobiles, and entertainment/media devices—adding more flexibility and features for home and small-office users.

There is one caveat with regard to UPnP: security. Certain vulnerabilities have been discovered in components of Microsoft's implementation of UPnP, which can let an attacker gain control of a target system or exploit vulnerable systems to cause a distributed denial-of-service attack (DDoS).