All things about TCP vs UDP

Posted on by user

TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) are both core protocols of the Internet protocol suite, but they serve different purposes and have distinct characteristics.

AspectTCP (Transmission Control Protocol)UDP (User Datagram Protocol)
ConnectionConnection-oriented (establishes a connection before data transfer).Connectionless (does not require a connection before data transfer).
ReliabilityReliable (ensures data is delivered accurately and in order).Unreliable (no guarantee of data accuracy or order).
Ordering of DataMaintains data order (ensures data packets are in sequence).Does not maintain data order (packets may arrive out of sequence).
SpeedSlower due to acknowledgments and retransmissions.Faster due to lack of retransmissions and acknowledgments.
Data Flow ControlYes (uses flow control mechanisms).No (does not use flow control).
Error CheckingComprehensive error checking with acknowledgments.Basic error checking without acknowledgments.
OverheadHigher overhead due to control information.Lower overhead due to minimal control information.
Use CasesSuitable for applications needing reliable data transfer, like web browsing, email, file transfers.Suitable for applications that can tolerate loss of data, like streaming media, online games.
Transmission MethodData is transmitted as a stream of bytes.Data is transmitted in individual packets.
Header SizeLarger header size due to additional fields.Smaller header size.
Congestion ControlYes (implements congestion control mechanisms).No (does not implement congestion control mechanisms).

How TCP works

TCP (Transmission Control Protocol) is a connection-oriented protocol that ensures reliable, ordered delivery of a stream of bytes from a program on one computer to another program on another computer.

1. Establishing a Connection (Three-Way Handshake)

  1. SYN: The client sends a TCP segment with the SYN (Synchronize Sequence Number) flag set to initiate a connection. This includes the client’s initial sequence number (ISN).
  2. SYN-ACK: The server acknowledges the client’s SYN by sending back its own SYN segment, which includes the server’s ISN, and sets the ACK (Acknowledgment) flag, acknowledging the client’s ISN.
  3. ACK: The client responds with an ACK segment, acknowledging the server’s ISN. At this point, the connection is established.

2. Data Transmission

  1. Segmentation and Sequencing: The TCP layer takes data from the sending application, breaks it into segments, and assigns a sequence number to each segment.
  2. Data Transfer: The sender transmits the segments over the network.
  3. Acknowledgments: The receiving TCP layer sends back an acknowledgment (ACK) for the received segments.
  4. Flow Control: TCP uses flow control mechanisms like the sliding window protocol to ensure that the sender does not overwhelm the receiver with too much data at once.
  5. Error Checking: TCP includes error-checking features. If a segment is missing or corrupted, it is retransmitted.
  6. Ordering: The receiver reassembles the segments based on their sequence numbers to reconstruct the original data stream.

3. Connection Termination (Four-Way Handshake)

  1. FIN from Sender: When the sender has finished sending data, it sends a segment with the FIN (Finish) flag set.
  2. ACK from Receiver: The receiver acknowledges this with an ACK.
  3. FIN from Receiver: The receiver then sends its own FIN segment when it’s done sending data.
  4. ACK from Sender: The sender acknowledges this with a final ACK.

4. Time-Wait Period

  • After the final ACK, the sender enters a “time-wait” period to ensure that the receiver got the final ACK. This period lasts long enough to ensure that any delayed or duplicated packets on the network are expired.

Additional Mechanisms

  • Congestion Control: TCP includes congestion control mechanisms like slow start, congestion avoidance, and fast recovery to handle network congestion.
  • Retransmission Timeout: If an ACK is not received within a certain time frame, the sender will retransmit the segment.

In summary, TCP provides a reliable, ordered, and error-checked delivery of a stream of bytes. It ensures that data is delivered accurately and in order, and it manages flow and congestion control to adapt to varying network conditions. This makes TCP suitable for applications where data reliability is crucial, such as web browsing, email, and file transfers.

TCP Short Connection A TCP short connection is a type of connection where the client and server establish a connection, exchange a small amount of data, and then immediately close the connection. This is also known as a “non-persistent connection.” The process typically follows these steps:

  1. Connection Establishment: The client initiates a connection to the server using the TCP three-way handshake (SYN, SYN-ACK, ACK). 
  2. Data Transfer: A small amount of data is exchanged between the client and server. 
  3. Connection Termination: The connection is closed using a TCP termination process (FIN, ACK).

TCP Long Connection (Persistent Connection) A TCP long connection, or persistent connection, is one where the connection between the client and server is kept open for an extended period. This allows multiple requests and responses to be sent over the same TCP connection. The process typically involves:

  1. Connection Establishment: As with short connections, it starts with the TCP three-way handshake.
  2. Multiple Data Transfers: The client and server exchange multiple sets of data over the same connection.
  3. Connection Management: The connection remains open for more data exchange until it’s no longer needed or a timeout occurs.
  4. Connection Termination: Eventually, the connection is closed, often initiated by the client.

How UDP works

UDP (User Datagram Protocol) is a simple, connectionless network protocol that works by sending packets of data, called datagrams, from a client to a server without establishing a connection first. Here’s how UDP works step by step:

  1. Application Layer Data Preparation: The client application prepares the data to be sent. This could be anything from a simple message to a segment of video or audio data.
  2. UDP Datagram Creation: The client’s UDP layer takes the data and encapsulates it into a UDP datagram. This datagram includes a header with necessary information such as the source and destination port numbers, along with the length of the data and a checksum for error checking.
  3. Forwarding to IP Layer: The UDP datagram is then passed to the IP (Internet Protocol) layer. The IP layer encapsulates the UDP datagram within an IP packet, adding its own header which includes the source and destination IP addresses.
  4. Transmission Over Network: The IP packet, containing the UDP datagram, is then sent over the network to the destination IP address. This involves routing through various network devices like switches and routers.
  5. Arrival at Server’s IP Layer: Upon reaching the destination, the IP packet is processed by the server’s IP layer, which strips off the IP header and forwards the UDP datagram to the UDP layer.
  6. UDP Layer Processing: The server’s UDP layer processes the datagram, checks the destination port number in the header, and if correct, passes the data payload to the corresponding application.
  7. Application Layer Reception: The server application receives the data and processes it as necessary. This might involve playing a video stream, displaying a message, etc.

Interview Questions

1. What is the difference between TCP and UDP?

  • Answer: TCP (Transmission Control Protocol) is a connection-oriented protocol that provides reliable, ordered, and error-checked delivery of data between applications. It establishes a connection, ensures data integrity, and manages flow control. UDP (User Datagram Protocol) is a connectionless protocol that sends data without establishing a reliable connection, making it faster but less reliable than TCP. UDP is suitable for applications where speed is crucial and occasional data loss is acceptable, like video streaming or online gaming.

2. How does the TCP three-way handshake work?

  • Answer: The TCP three-way handshake is a process used to establish a TCP connection between two hosts. It involves three steps:
    1. The client sends a SYN (synchronize) packet to the server to initiate a connection.
    2. The server responds with a SYN-ACK (synchronize-acknowledge) packet to acknowledge the connection request.
    3. The client sends an ACK (acknowledge) packet back to the server, and the connection is established.

3. Can you explain TCP’s congestion control mechanism?

  • Answer: TCP uses several mechanisms for congestion control, including Slow Start, Congestion Avoidance, Fast Retransmit, and Fast Recovery.
    • Slow Start increases the congestion window size exponentially to probe the capacity of the network.
    • Congestion Avoidance grows the congestion window more slowly to avoid congestion.
    • Fast Retransmit retransmits lost packets identified by duplicate ACKs without waiting for a timeout.
    • Fast Recovery adjusts the threshold and congestion window after fast retransmit to recover quickly from packet loss.

4. What is a UDP datagram and how does UDP handle data transmission?

  • Answer: A UDP datagram is a basic transfer unit in the User Datagram Protocol. It consists of a header and a data section. UDP sends these datagrams in a connectionless manner, meaning it doesn’t establish a connection before sending data and doesn’t guarantee delivery, order, or integrity of the data packets. This makes UDP suitable for applications that require speed over reliability.

5. How does TCP handle lost packets?

  • Answer: TCP handles lost packets through its retransmission mechanism. When a packet is sent, the sender starts a timer. If an acknowledgment (ACK) for the packet isn’t received within a specified time, TCP assumes the packet is lost and retransmits it. Additionally, TCP uses duplicate ACKs and selective acknowledgments (SACKs) to detect and recover from packet loss more efficiently.

6. Why is UDP considered faster than TCP?

  • Answer: UDP is considered faster than TCP because it is connectionless, meaning it doesn’t establish a connection before sending data. It also doesn’t have mechanisms for acknowledgment, retransmission, ordering, or congestion control, which are present in TCP. These characteristics reduce the overhead involved in data transmission, making UDP faster but less reliable compared to TCP.

7. What are some use cases for TCP and UDP?

  • Answer:
    • TCP: Used in applications where reliable data transmission is important, such as web browsing (HTTP/HTTPS), email (SMTP, IMAP, POP3), and file transfers (FTP).
    • UDP: Suitable for applications where speed is more critical than reliability, like streaming media (video conferencing, live streaming), online gaming, and VoIP (Voice over IP).

8. Explain the concept of a TCP segment and its structure.

  • Answer: A TCP segment is the basic unit of data exchange in TCP. It consists of a header and a data section. The header includes important information such as source and destination port numbers, sequence and acknowledgment numbers, flags (like SYN, ACK, FIN), window size for flow control, and a checksum for error-checking. The data section carries the application data.

9. What is TCP’s role in ensuring data integrity?

  • Answer: TCP ensures data integrity through error-checking features. Each TCP segment includes a checksum, which is calculated based on the segment’s contents. The receiving end recalculates the checksum to verify that the data has not been corrupted during transit. If a discrepancy is found, the segment is discarded, and retransmission is requested.

10. How does flow control work in TCP?

  • Answer: Flow control in TCP is managed using the sliding window protocol. This mechanism ensures that the sender does not overwhelm the receiver with too much data at once. The receiver specifies a window size, which is the amount of data it can accept and process at a time. The sender must limit the amount of unacknowledged data to this window size.

11. What are some limitations of UDP?

  • Answer: UDP’s main limitations are its lack of reliability, ordering, and data integrity checks. It does not guarantee that packets arrive at their destination, arrive in the same order they were sent, or are error-free. This makes it unsuitable for applications where data accuracy and order are crucial.

12. Describe the ‘TIME_WAIT’ state in TCP. Why is it important?

  • Answer: The ‘TIME_WAIT’ state occurs at the end of the TCP connection lifecycle. When a TCP connection is closing, the host that sends the final ACK enters the TIME_WAIT state. This state lasts double the maximum segment lifetime (MSL). It ensures that any delayed packets on the network are expired and prevents confusion in subsequent connections that might use the same port numbers.

13. Can you explain the difference between TCP’s ‘listen’ and ‘established’ states?

  • Answer: In TCP, the ‘listen’ state indicates that a server is ready to accept incoming connection requests. It’s waiting for an initial SYN message from a client. The ‘established’ state means a connection has been successfully established, following the three-way handshake, and the TCP connection is active for data transmission.

14. What is the purpose of port numbers in TCP and UDP?

  • Answer: Port numbers in TCP and UDP serve as communication endpoints for the host computers. They help to distinguish different applications or services running on the same host. For example, web servers generally use port 80 for HTTP. Port numbers allow multiple networked applications to coexist on the same physical device.

15. How is UDP used in DNS (Domain Name System)?

  • Answer: UDP is commonly used for DNS queries. When a client wants to resolve a domain name, it sends a DNS query using UDP to a DNS server. UDP is preferred for this purpose because DNS requests are generally small and fit within a single UDP packet, and the speed of UDP is advantageous for quick lookups.

1