UDP is a connection protocol used to transmit time-critical data, such as video frames and audio. NoMachine NX protocol uses UDP for multimedia data whenever possible; session data travels on TCP and UDP streams even at the same time. Which transport to use is selected dynamically according to the type of data and the network conditions. For UDP transmission, NoMachine implements all the required mechanisms of retransmissions of lost packets and error detection and correction.

As for the TCP data, all UDP traffic is encrypted. UDP traffic is encrypted by using symmetric Blowfish cyphers. The Blowfish encryption key is negotiated through the secure TCP connection and re-negotiated at regular intervals during the whole life of the session. Host interface and port are negotiated through TCP. The ports for UDP must be reachable on the remote host, and in the case of a multi-node environment, they must be reachable on each node. For a given session, if no available port can be negotiated, multimedia traffic will fall back to TCP.

Since NoMachine v8, UDP communication uses port 4000 by default, the same port number where the nxd TCP service listens, the TCP port which is in charge of accepting connections via the NX protocol. You can configure the UDP port by using the NXUDPPort key in the server configuration file, server.cfg, or you can modify it in the server administration GUI. The UDP port that the session will use, on the given server, can be changed  in the player GUI by editing the connection in Edit Connection -> Configuration -> Use UDP communication for multimedia data -> Modify -> Use this specific port for UDP communication. In the case of a Cloud Server product, the server must know on which UDP ports the nodes are listening. You can configure this parameter on the nodes via the  server.cfg or via the GUI in Nodes -> Edit node -> Use UDP communication for multimedia data -> Modify -> Use this specific port for UDP communication.

Note that UDP communication is always disabled when using SSH protocol. UDP can be also disabled on a per-connection basis, in the 'Connection settings' for the given session in Edit connection -> Configuration, by unchecking the 'Use UDP communication for multimedia data' option. Doing so, this setting will have effect only on that connection. In the case of a Cloud Server, it can be disabled also on a per-node basis, at the time the node is added or by editing the node configuration. By disabling UDP for a node, the setting will have effect on all connections run on that node. As we said before, by disabling UDP, all data will be transferred via the TCP protocol.

Connections through the  Web Player, using the HTTP protocol, can also use UDP and they can do so only when WebRTC is enabled. Whether the WebRTC protocol will use UDP or not, depends on the WebRTC implementation in the browser as well as the negotiation, made at the level of the WebRTC protocol, performed at the initial Web Player WebRTC session startup.

For more info about ports used by NoMachine, please read here: https://kb.nomachine.com/AR01L00770