TCP vs UDP: Differences, Use Cases, and Performance
TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) are the two foundational transport-layer protocols of the Internet. Every networked application relies on one or both of them to move data between hosts. Understanding their differences is essential for making informed architectural decisions about reliability, latency, and throughput.
How TCP Works
TCP is a connection-oriented protocol. Before any data is exchanged, the client and server perform a three-way handshake to establish a reliable, stateful connection:
Client → Server: SYN (seq=x)
Server → Client: SYN-ACK (seq=y, ack=x+1)
Client → Server: ACK (ack=y+1)Once the connection is established, TCP provides several guarantees:
- Reliable delivery — every segment is acknowledged; lost segments are retransmitted automatically
- Ordered delivery — segments are reassembled in the correct sequence regardless of arrival order
- Flow control — the receiver advertises a window size to prevent buffer overflow
- Congestion control — algorithms like Slow Start, Congestion Avoidance, Fast Retransmit, and Fast Recovery adapt sending rate to network conditions
TCP Header Structure
The TCP header is at least 20 bytes and contains fields critical to its reliability mechanisms:
| Field | Size | Purpose |
|---|---|---|
| Source Port | 16 bits | Identifies the sending application |
| Destination Port | 16 bits | Identifies the receiving application |
| Sequence Number | 32 bits | Tracks byte position in the stream |
| Acknowledgment Number | 32 bits | Next expected byte from the other side |
| Window Size | 16 bits | Flow control — how much data the receiver can accept |
| Checksum | 16 bits | Error detection for header and data |
| Flags | 6 bits | SYN, ACK, FIN, RST, PSH, URG — control connection state |
How UDP Works
UDP is a connectionless protocol. There is no handshake — the sender simply transmits datagrams to the destination. The UDP header is only 8 bytes, making it extremely lightweight:
| Field | Size | Purpose |
|---|---|---|
| Source Port | 16 bits | Sending application identifier |
| Destination Port | 16 bits | Receiving application identifier |
| Length | 16 bits | Total datagram size |
| Checksum | 16 bits | Optional error detection (mandatory in IPv6) |
UDP provides no delivery guarantees: packets may arrive out of order, be duplicated, or be lost entirely. This makes it lightweight and fast, but places reliability concerns squarely on the application layer.
Head-to-Head Comparison
| Feature | TCP | UDP |
|---|---|---|
| Connection | Connection-oriented (3-way handshake) | Connectionless |
| Reliability | Guaranteed delivery with retransmission | Best-effort, no guarantees |
| Ordering | In-order delivery | No ordering |
| Overhead | 20+ byte header | 8 byte header |
| Latency | Higher (handshake + ACKs) | Lower (no setup) |
| Flow Control | Yes (sliding window) | No |
| Congestion Control | Yes (built-in algorithms) | No |
| Broadcasting | Not supported | Supported (multicast/broadcast) |
When to Use TCP
TCP is the right choice when data integrity and completeness matter more than raw speed:
- Web browsing (HTTP/SSL/TLS проверку) — pages must load completely and correctly
- Email (SMTP, IMAP, POP3) — messages cannot have missing parts
- File transfers (FTP, SFTP) — every byte must arrive intact
- Database connections — queries and results must be reliable
- SSH and remote administration — command integrity is critical
- API документацию communications — request/response pairs must be complete
When to Use UDP
UDP excels when speed and low latency outweigh the need for perfect delivery:
- Video and audio streaming — a dropped frame is better than a delayed stream
- Online gaming — real-time position updates where stale data is irrelevant
- DNS Lookup — small, stateless queries that can be retried quickly
- VoIP — conversational latency must stay under 150ms
- IoT sensor data — high-frequency readings where individual loss is acceptable
- DHCP — clients need addresses before they have IP connectivity
Performance Implications for Web Applications
Connection Overhead
A TCP handshake adds one round-trip time (RTT) before data transfer begins. With TLS, this becomes two RTTs (TCP handshake + TLS handshake). On a connection with 100ms RTT, that is 200–300ms of overhead before the first byte of application data.
# Measuring TCP connection time with curl
curl -w "tcp_connect: %{time_connect}s\ntls_handshake: %{time_appconnect}s\nfirst_byte: %{time_starttransfer}s\n" -o /dev/null -s https://example.comTCP Slow Start and Congestion Windows
New TCP connections begin with a small congestion window (typically 10 segments, about 14KB). This directly affects how quickly a server can push data to a new client. For websites, the critical rendering path should ideally fit within this initial congestion window.
QUIC: The Best of Both Worlds
HTTP/3 uses QUIC, a protocol built on UDP that implements TCP-like reliability at the application layer. QUIC combines the reliability of TCP with the speed advantages of UDP:
- 0-RTT connection establishment for repeat visitors
- No head-of-line blocking between independent streams
- Built-in TLS 1.3 encryption
- Connection migration across network changes (Wi-Fi to cellular)
Monitoring TCP and UDP Services
When monitoring networked services, understanding the underlying protocol helps diagnose issues efficiently:
- TCP retransmissions — indicate network congestion or packet loss
- TCP connection states — high TIME_WAIT counts suggest connection churn
- UDP packet loss — must be measured at the application level
- Port reachability — TCP ports can be tested with SYN scans; UDP requires protocol-specific probes
# Check TCP connection states
ss -ant | awk '{print $1}' | sort | uniq -c | sort -rn
# Monitor TCP retransmissions
watch -n1 'netstat -s | grep -i retransmit'
# Test UDP port reachability
nc -zuv example.com 53Summary
TCP and UDP serve fundamentally different needs. TCP provides reliable, ordered data delivery at the cost of higher latency and overhead. UDP offers minimal overhead and low latency without delivery guarantees. Modern protocols like QUIC show that these trade-offs are not binary — by building reliability on top of UDP, it is possible to achieve the best characteristics of both. When designing or monitoring networked applications, choosing the right transport protocol is one of the most impactful architectural decisions you can make.
Check your website right now
Check now →