How to Analyze Network Protocols, Learn More >>

Being able to support more than 300 protocols in the latest version, Capsa Network Sniffer make it easy to analyze protocols in network and understand what is happening.

Recommend Network Analysis Software >>

RFC 2165
RFC 2660

The Service Location Protocol (SLP) provides a scalable framework for the discovery and selection of network services. Using this protocol, computers using the Internet no longer need so much static configuration for network services for network-based applications. This is especially important as computers become more portable and users less tolerant or able to fulfill the demands of network system administration.

Traditionally, users find services by using the name of a network host (a human readable text string), which is an alias for a network address. The Service Location Protocol eliminates the need for a user to know the name of a network host supporting a service. Rather, the user names the service and supplies a set of attributes, which describe the service. The Service Location Protocol allows the user to bind this description to the network address of the service.

Service Location provides a dynamic configuration mechanism for applications in local area networks. It is not a global resolution system for the entire Internet; rather it is intended to serve enterprise networks with shared services. Applications are modeled as clients that need to find servers attached to the enterprise network at a possibly distant location. For cases where there are many different clients and/or services available, the protocol is adapted to make use of nearby Directory Agents that offer a centralized repository for advertised services. The basic operation in Service Location is that a client attempts to discover the location for a service. In small installations, each service is configured to respond individually to each client. In larger installations, service will register their services with one or more directory agents and clients contact the directory agent to fulfill request for service location information. This is intended to be similar to URL specifications and make user of URL technology.

The header is used in all the SLP messages

2 bytes
2 bytes
O M U A F rsvd
Language Code
Char encoding
SLP header structure

The current version is version 1

The function field describes the operation of the Service location datagram. The following message types exist:
Function Message Type
1 Service Request
2 Service Reply
3 Service Registration
4 Service Deregister
5 Service Acknowledge
6 Attribute Request
7 Attribute Reply  
8 DA Advertisement
9 Service Type Request
10 Service Type Reply

Number of bytes in the message including the Service location header.

The overflow bit.

The monolingual bit.


URL Authentication bit present.

Attribute authentication bit present.

The F bit is set. If the F bit is set in a Service Acknowledgement, the directory agent has registered the service as a new entry.

These bits are reserved and must have a value of 0.

To be use by future versions of the SLP. Must be set to zero.

Language Code
The language encoded in this field indicates the language in which the remainder of the message should be interpreted.

Character Encoding
The characters making up strings within the remainder of this message may be encoded in any standardized encoding

Transaction Identifier (XID)

Allows matching replies to individual requests.

Vulnerabilities for this protocol (from CVE)

CVE ID Protocol Source Port Targetport

TCP/IP Protocols: