Mesh Datagram Protocol (MDP)

MDP was designed and first prototyped in May-June 2012 as part of the first New America Foundation contract to integrate Serval security into the OpenBTS base station, and development of release 0.90 “Shiny” of the Serval Mesh app for Android. MDP is implemented in the Serval DNA component.

MDP has been designed for use in a wireless mesh network, in which nodes may move and connections may be intermittent or of highly variable quality. MDP is unrelated to the Internet Protocol, although it copies some concepts such as port numbers. The main characteristics of MDP are:

  • The payload of every MDP packet may be clear text, signed, or encrypted and signed. (Encrypted but not signed is not currently an option, but future advances in the NaCl crypto library may make this possible.) The encryption key is the public key (address) of the recipient, and the signing key is the private key of the sender.
  • MDP does not guarantee packet delivery or preserve packet order. MDP may deliver duplicate copies of packets. It is up to the MDP client applications using higher level protocols layered over MDP to detect duplicate and deal with lost and out-of-order packets.
  • MDP uses per-hop retransmission to solve the cumulative end-to-end packet loss that can plague wireless networks. (To carry a packet over N hops, where each hop has a probability P of dropping a packet due to interference or collision, the end-to-end loss is 1-(1-P)N. For example, given a per-hop packet loss of 10%, a five hop route has a net packet loss of 41%, and a ten hop route 75%.) The retransmission scheme does not attempt to be perfect – it does not guarantee zero packet loss and can produce duplicate packets – but it can restore a practically unusable route to highly usable, independently of the route length, at the expense of higher latency, some packet re-ordering, and some duplicate packets.

MDP packet structure

An MDP packet consists of a variable-length header followed by a variable-length payload which may have one of three forms, depending on the encryption settings in the header:

  • Every packet has a source and destination MDP port number, which are completely unrelated to Internet port numbers. In encrypted packets, these port numbers are part of the encrypted payload, which makes it harder for an eavesdropper to guess the purpose of the packet.


All implementations to date are part of the Serval DNA daemon.

  • MDP was first carried over Wi-Fi using the Overlay network encapsulation.
  • MDP was then carried over the packet radio of the Mesh Extender without any other protocol encapsulation.