← Back to Glossary


by Iwan Price-Evans on Networking • June 6, 2022

Transport Control Protocol (TCP) and User Datagram Protocol (UDP) are network protocols used to transfer almost all the network traffic on the internet. TCP and UDP, along with Internet Protocol (IP), make up the Internet Protocol Suite (TCP/IP).

This suite provides end-to-end communication over the internet and defines how data should be formatted, transmitted, and received.

TCP and UDP are part of the Transport Layer of the TCP/IP suite and also form part of the Transport Layer of the Open System Interconnection (OSI) model

All of the major operating system vendors implement support for TCP and UDP. 

What is TCP?

The TCP protocol allows data to be transmitted and received by two systems at the same time. When used in a computer operating system, TCP software establishes a connection, transfers the data, and then terminates the connection. TCP will establish a connection between the source and destination before transmission. Once the connection is established, TCP will maintain that connection. It then breaks data into smaller pieces (packets) and sends them to the recipient. When used for client/server applications, the server must be listening before a connection can be made. 

TCP is designed to ensure the integrity of data transfers. Keeping track of data packets as they travel over the network, TCP can minimize unexpected network behavior. If data arrives in the wrong order TCP will reorder it. TCP will also resend data if it gets lost in transit. 

What is UDP?

The UDP protocol is a simple message sending protocol. UDP messages are referred to as datagrams. The UDP protocol is a connectionless protocol which means it doesn't need to confirm a connection is fully established before transferring data. UDP simply identifies the destination and sends the datagrams to it. It doesn't care about the connection. 

UDP doesn't have a controlling mechanism for ensuring the data arrives in the correct order. This means that data packets can get lost, and if that happens, it's not able to check if the message actually arrived. UDP won't specify the order of the data packets or check to see if they arrived at all.

However, it does have basic functionality for checking data integrity and port numbers. These are designed to help the sending and receiving systems determine the data's role. 


What are the benefits of TCP? 

TCP is connection-oriented, meaning that it prioritizes connection integrity to ensure reliability. 

TCP functionality:

  • Connection management - Establishes, confirms, maintains, and terminates connections.
  • Data tracking - Keeps track of the order of transmitted data.
  • Error handling - Reorders data that arrives out of order.
  • Resending data - Will resend data that gets lost in transit.

This functionality means TCP is reliable but these checks can reduce the speed of delivery. The verification functions of TCP can generate delays of several seconds.

Common TCP applications

TCP is commonly used for: 

  • Web browsing over HTTP and HTTPS.  
  • Sending and receiving email via standard protocols such as IMAP, POP, and SMTP.
  • File transfers using FTP or SSH protocols.

TCP is useful for scenarios where: 

  • The connection must be fully established and verified as the correct recipient.
  • The data must arrive with no errors, or if it does, the data must be reordered or resent.

TCP Security

The TCP protocol has some inherent vulnerabilities:

  • TCP can protect data packets from modification but can't protect the message from modification. 
  • It doesn't provide encryption. You must add this on top of TCP, such as using HTTPS. 
  • It checks the source IP address and port number but an attacker can modify both of these.

What are the benefits of UDP?

The UDP protocol is connectionless and prioritizes speed over reliability. 

UDP functionality:

  • Immediate data transfer - Identifies the source and recipient and immediately starts data transfer.
  • Fast data transfer - Transfers data faster than TCP.
  • Basic transfer integrity checking - Checks for data integrity and port numbers.

Common UDP applications

UDP is commonly used for:

  • Video streaming services.
  • Online gaming services.

UDP is useful for scenarios where:

  • The data is transferred at high-speed. 
  • Connection integrity is not required. 
  • The application doesn't rely on guaranteed delivery. 

UDP Security

The UDP protocol also has inherent vulnerabilities:

  • Using UDP can cause data packets to get lost in transit.
  • UDP has no protection against the data being accessed or manipulated in transit.