TCP vs UDP
TCP and UDP are the two foundational transport layer protocols of the internet. Choosing between them determines whether your application prioritizes reliability or speed. This guide explains the key differences and when to use each.
TCP vs UDP Comparison
| Feature | TCP | UDP |
|---|---|---|
| Connection | Connection-oriented (handshake) | Connectionless |
| Reliability | Guaranteed delivery | No guarantee |
| Ordering | In-order delivery | May arrive out of order |
| Error checking | Full error detection + correction | Basic checksum only |
| Speed | Slower (overhead) | Faster (minimal overhead) |
| Header size | 20–60 bytes | 8 bytes |
| Flow control | Yes (prevents overload) | No |
| Use cases | HTTP, email, FTP, databases | DNS, VoIP, gaming, streaming |
TCP — Transmission Control Protocol
TCP is a connection-oriented protocol that provides reliable, ordered, and error-checked delivery of data between applications. Before any data is exchanged, TCP establishes a connection via a three-way handshake (SYN → SYN-ACK → ACK). Every packet is acknowledged, and lost packets are retransmitted.
How TCP Works
- 1.SYN: Client sends connection request to server
- 2.SYN-ACK: Server acknowledges and responds
- 3.ACK: Client confirms — connection established
- 4.Data transfer with sequence numbers for ordering
- 5.Each packet acknowledged; lost packets retransmitted
- 6.FIN/FIN-ACK: Graceful connection termination
TCP Use Cases
- ✓HTTP/HTTPS web browsing
- ✓Email (SMTP, IMAP, POP3)
- ✓File Transfer Protocol (FTP/SFTP)
- ✓SSH remote access
- ✓Database queries (MySQL, PostgreSQL)
- ✓API calls requiring complete responses
UDP — User Datagram Protocol
UDP is a connectionless protocol that sends datagrams without establishing a connection or guaranteeing delivery. There's no handshake, no acknowledgment, no retransmission. This minimal overhead makes UDP significantly faster, which is why latency-sensitive applications prefer it.
UDP Use Cases
- ✓DNS queries (speed matters, small packets fit in one datagram)
- ✓Online gaming (low latency critical; dropped frame better than delayed one)
- ✓VoIP and video calls (WebRTC uses UDP)
- ✓Live video streaming (RTSP, HLS over UDP)
- ✓Network monitoring (SNMP, syslog)
- ✓QUIC protocol (HTTP/3 — Google's UDP-based transport)
QUIC — The Future of Fast & Reliable Transport
QUIC is a modern transport protocol developed by Google (now an IETF standard) that runs over UDP but implements TCP-like reliability features in user space. QUIC is the foundation of HTTP/3 and combines UDP's speed with improved connection establishment, multiplexing (no head-of-line blocking), and built-in TLS 1.3 encryption. It reduces connection time from 3 round trips (TCP+TLS) to 0–1 round trips for repeat connections.
Frequently Asked Questions
What is the main difference between TCP and UDP?
TCP (Transmission Control Protocol) provides reliable, ordered, error-checked delivery of data. It establishes a connection before transferring data (three-way handshake) and retransmits lost packets. UDP (User Datagram Protocol) is connectionless and sends datagrams without guarantees — packets may be lost, duplicated, or arrive out of order. TCP prioritizes reliability; UDP prioritizes speed.
When should you use TCP vs UDP?
Use TCP when data integrity is critical: web browsing (HTTP/HTTPS), email, file transfers, database queries, and API calls. Use UDP when speed matters more than reliability: online gaming, live video streaming, VoIP calls, DNS queries, and real-time applications where a dropped packet is better than a delayed one. UDP is also used for broadcasting to multiple recipients.
Why is UDP faster than TCP?
UDP is faster because it eliminates TCP's overhead: no connection establishment (handshake), no acknowledgment packets, no retransmission of lost data, no congestion control, and no flow control. UDP simply sends packets as fast as possible. For real-time applications, the latency added by TCP's reliability mechanisms causes worse user experience than occasional packet loss.
Does DNS use TCP or UDP?
DNS primarily uses UDP (port 53) for queries because the small packet size fits in a single datagram and UDP's speed is ideal for the many lookups happening constantly. DNS falls back to TCP when: the response exceeds 512 bytes (or 1232 bytes for EDNS), during zone transfers between DNS servers, or when the server explicitly signals truncation.
Is TCP or UDP more secure?
Neither TCP nor UDP is inherently more secure. Both can be used with encryption (TLS for TCP → HTTPS, DTLS for UDP → DTLS). TCP's connection state makes certain attacks harder (blind spoofing), while UDP's statelessness can make amplification DDoS attacks easier. Security comes from the application layer encryption (TLS/DTLS), not the transport protocol itself.
Does video streaming use TCP or UDP?
It depends on the streaming type. Live streaming (Twitch, YouTube Live, video calls) typically uses UDP-based protocols (QUIC, WebRTC, RTSP) to minimize latency — a dropped frame is better than a frozen stream. On-demand streaming (Netflix, YouTube VOD) uses TCP (HTTP/HTTPS via adaptive bitrate) because reliability and buffering are acceptable for pre-recorded content.
Related Tools & Resources
Scan TCP ports on any host to check which services are running.
Learn how DNS uses UDP for queries and TCP for zone transfers.
Measure your internet download speed and ping latency.
Compare tunneling protocols that operate over TCP and UDP.
Understand the IP layer that TCP and UDP build on top of.
Check for DNS and WebRTC leaks in your network.