Difference Between TCP and UDP

Before we talking about the most used protocols in the Transport Layer we should talk first about the Transport Layer, It uses a two-octet port number from the application layer to deliver the datagram or segment to the correct application layer protocol at the destination IP address.

There are two commonly used transport layer protocols: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). In addition, there are two uncommon transport protocols: Stream Control Transmission Protocol (SCTP) and Datagram Congestion Control Protocol (DCCP), which are beginning to be used on the Internet. There is also Transport Layer Security (TLS) which provides security on top of TCP.

Transmission Control Protocol (TCP)

It provides reliable, connection-oriented transport over IP. A TCP connection between two hosts over an IP network is sometimes known as a socket.

TCP is a client/server protocol. Servers “listen” on a specific port for an incoming request to open a socket. A client sends a request to open a new socket to the server on the well-known port.

The combination of the source IP address, source port, destination IP address, and destination port identifies the socket connection. So it is possible for 2 hosts to have multiple TCP connections open between them.

TCP uses sequence numbers and positive acknowledgments to ensure that each block of data, called a segment, has been received. Lost segments are retransmitted until they are successfully received.

TCP sends data in units called segments. The maximum segment size (MSS) is negotiated between the hosts during the handshake, and is usually based on the maximum transmission unit (MTU) of the local network. A typical MTU value for the Internet is 1,500 octets.

TCP also has built in flow control. Flow control is used by a receiver to slow down the rate of transmission to allow the receiver to properly process or buffer incoming segments.

TCP uses a sliding window for end-to-end control. Senders can only send the number of octets in the window before waiting for an ACK. A receiver can reduce the size of the window in ACK messages, even setting it to 0 to cause the sender to stop sending. Once the receiver has caught up, another ACK can be sent to increase the window size and resume the flow of segments.

TCP adds a 20-octet header field to each packet, and is a stream-oriented transport. An application using TCP to send messages must provide its own framing or separation between messages. Error segments are detected by a checksum covering both the TCP header and payload.

Transport Port Numbers

Ports numbers are used by the transport layer to multiplex and de-multiplex multiple connections on a single host. Otherwise a pair of hosts could only have a single connection between them. Also, messages for different protocols can be separated by using different port numbers.

Port numbers are associated with a specific protocol. Others are registered to a particular protocol. Ports are a 16 bit integer.

Ports in the range 0 to 1024 are called well-known ports. For example, Web servers use the well-known port of 80

Ports in the range of 1024 through 49151 are known as registered ports. For example, SIP uses the registered ports of 5060 and 5061

Ports in the range of 49152 through 65535 are known as dynamic, private, or ephemeral ports. For example, RTP usually uses a dynamic port.

User Datagram Protocol (UDP)

It provides unreliable transport across the Internet. It is a best-effort delivery service, since there is no acknowledgment of sent datagrams. Most of the complexity of TCP is not present, including sequence numbers, acknowledgments, and window sizes.

UDP does detect datagrams with errors with a checksum. It is up to higher layer protocols to detect this datagram loss and initiate a retransmission if desired.

UDP is best suited for short, single packet exchanges such as DNS or routing queries. It is also good for real-time, low latency transports protocols such as SIP and RTP.

UDP adds an 8-octet header field to datagrams. Applications and protocols that use UDP must do their own framing—they must break up information into individual UDP packets. For a message oriented protocol, this typically means one message or request per UDP datagram.

Transmission Layer Security (TLS)

It is based on the Secure Sockets Layer (SSL) protocol first used in Web browsers. TLS uses TCP for transport although it has recently been extended to also run over UDP. TLS is commonly used today on the Internet for secure Web sites using the secure HTTP (https) URI scheme.

The TLS protocol has two layers: the TLS Transport Protocol and the TLS Handshake Protocol.

The TLS Transport Protocol is used to provide a reliable and private transport mechanism. Data sent using the TLS Transport Protocol is encrypted so that a third party cannot intercept the data. A third party also cannot modify the transported data without one of the parties discovering this.

The TLS Handshake Protocol is used to establish the connection, negotiate the encryption keys used by the TLS Transport Protocol, and provide authentication.

However, TLS transport has clear security advantages over UDP or TCP. TLS is widely supported due to its use in secure Web browsers and servers.