Networking Protocols

TCP vs UDP

TCP and UDP are the two foundational transport layer protocols of the internet. Choosing between them determines whether your application prioritizes reliability or speed. This guide explains the key differences and when to use each.

A
Alex Hales
Network Engineer · Last reviewed June 2026

TCP vs UDP Comparison

FeatureTCPUDP
ConnectionConnection-oriented (handshake)Connectionless
ReliabilityGuaranteed deliveryNo guarantee
OrderingIn-order deliveryMay arrive out of order
Error checkingFull error detection + correctionBasic checksum only
SpeedSlower (overhead)Faster (minimal overhead)
Header size20–60 bytes8 bytes
Flow controlYes (prevents overload)No
Use casesHTTP, email, FTP, databasesDNS, VoIP, gaming, streaming

TCP — Transmission Control Protocol

TCP is a connection-oriented protocol that provides reliable, ordered, and error-checked delivery of data between applications. Before any data is exchanged, TCP establishes a connection via a three-way handshake (SYN → SYN-ACK → ACK). Every packet is acknowledged, and lost packets are retransmitted.

How TCP Works

  1. 1.SYN: Client sends connection request to server
  2. 2.SYN-ACK: Server acknowledges and responds
  3. 3.ACK: Client confirms — connection established
  4. 4.Data transfer with sequence numbers for ordering
  5. 5.Each packet acknowledged; lost packets retransmitted
  6. 6.FIN/FIN-ACK: Graceful connection termination

TCP Use Cases

  • HTTP/HTTPS web browsing
  • Email (SMTP, IMAP, POP3)
  • File Transfer Protocol (FTP/SFTP)
  • SSH remote access
  • Database queries (MySQL, PostgreSQL)
  • API calls requiring complete responses

UDP — User Datagram Protocol

UDP is a connectionless protocol that sends datagrams without establishing a connection or guaranteeing delivery. There's no handshake, no acknowledgment, no retransmission. This minimal overhead makes UDP significantly faster, which is why latency-sensitive applications prefer it.

UDP Use Cases

  • DNS queries (speed matters, small packets fit in one datagram)
  • Online gaming (low latency critical; dropped frame better than delayed one)
  • VoIP and video calls (WebRTC uses UDP)
  • Live video streaming (RTSP, HLS over UDP)
  • Network monitoring (SNMP, syslog)
  • QUIC protocol (HTTP/3 — Google's UDP-based transport)

QUIC — The Future of Fast & Reliable Transport

QUIC is a modern transport protocol developed by Google (now an IETF standard) that runs over UDP but implements TCP-like reliability features in user space. QUIC is the foundation of HTTP/3 and combines UDP's speed with improved connection establishment, multiplexing (no head-of-line blocking), and built-in TLS 1.3 encryption. It reduces connection time from 3 round trips (TCP+TLS) to 0–1 round trips for repeat connections.

Well-Known Port Numbers by Protocol

Port numbers identify specific services on a host. The IANA divides the port space into three ranges: Well-Known Ports (0–1023, reserved for system services), Registered Ports (1024–49151, for applications), and Dynamic/Ephemeral Ports (49152–65535, assigned temporarily by the OS for outgoing connections).

PortProtocolServiceTransport
22SSHSecure Shell remote accessTCP
25SMTPEmail sendingTCP
53DNSDomain name resolutionUDP (primary) / TCP
80HTTPUnencrypted web trafficTCP
443HTTPSEncrypted web trafficTCP / UDP (QUIC)
500IKEv2VPN key exchangeUDP
1194OpenVPNVPN tunnelUDP / TCP
3389RDPWindows remote desktopTCP
51820WireGuardModern VPN protocolUDP
5353mDNSLocal network discoveryUDP

TCP Head-of-Line Blocking: A Real-World Problem

One of TCP’s most significant limitations in modern web applications is head-of-line (HoL) blocking. When a packet is lost in a TCP stream, the receiver must wait for the retransmission before processing any subsequent data — even if that data has already arrived and is ready to use. In HTTP/2 (which multiplexes many requests over a single TCP connection), a single dropped packet stalls every request on that connection simultaneously.

This is exactly the problem QUIC (and by extension HTTP/3) solves. Because QUIC runs over UDP, it can implement its own stream multiplexing. A lost packet in one stream only blocks that stream — not the others. In practical terms, this means a lost image on a web page doesn’t delay loading the article text next to it.

This is why HTTP/3 adoption has accelerated rapidly: as of 2025, roughly 30% of all web traffic uses QUIC/HTTP/3. Major sites like Google, YouTube, Cloudflare, and Facebook have been running HTTP/3 in production for years. You can check which HTTP version a website serves by looking at the response headers or using browser developer tools (Network tab → Protocol column).

Check which ports are open on a host

Use our port scanner to test whether specific TCP ports are open or closed on any publicly reachable host — useful for verifying firewall rules, confirming a service is running, or auditing exposed ports.

Frequently Asked Questions

What is the main difference between TCP and UDP?

TCP (Transmission Control Protocol) provides reliable, ordered, error-checked delivery of data. It establishes a connection before transferring data (three-way handshake) and retransmits lost packets. UDP (User Datagram Protocol) is connectionless and sends datagrams without guarantees — packets may be lost, duplicated, or arrive out of order. TCP prioritizes reliability; UDP prioritizes speed.

When should you use TCP vs UDP?

Use TCP when data integrity is critical: web browsing (HTTP/HTTPS), email, file transfers, database queries, and API calls. Use UDP when speed matters more than reliability: online gaming, live video streaming, VoIP calls, DNS queries, and real-time applications where a dropped packet is better than a delayed one. UDP is also used for broadcasting to multiple recipients.

Why is UDP faster than TCP?

UDP is faster because it eliminates TCP's overhead: no connection establishment (handshake), no acknowledgment packets, no retransmission of lost data, no congestion control, and no flow control. UDP simply sends packets as fast as possible. For real-time applications, the latency added by TCP's reliability mechanisms causes worse user experience than occasional packet loss.

Does DNS use TCP or UDP?

DNS primarily uses UDP (port 53) for queries because the small packet size fits in a single datagram and UDP's speed is ideal for the many lookups happening constantly. DNS falls back to TCP when: the response exceeds 512 bytes (or 1232 bytes for EDNS), during zone transfers between DNS servers, or when the server explicitly signals truncation.

Is TCP or UDP more secure?

Neither TCP nor UDP is inherently more secure. Both can be used with encryption (TLS for TCP → HTTPS, DTLS for UDP → DTLS). TCP's connection state makes certain attacks harder (blind spoofing), while UDP's statelessness can make amplification DDoS attacks easier. Security comes from the application layer encryption (TLS/DTLS), not the transport protocol itself.

Does video streaming use TCP or UDP?

It depends on the streaming type. Live streaming (Twitch, YouTube Live, video calls) typically uses UDP-based protocols (QUIC, WebRTC, RTSP) to minimize latency — a dropped frame is better than a frozen stream. On-demand streaming (Netflix, YouTube VOD) uses TCP (HTTP/HTTPS via adaptive bitrate) because reliability and buffering are acceptable for pre-recorded content.

Related Tools & Resources