The Difference Between TCP and UDP
In internet communication, various communication methods are used to deliver data to the other party. Among the most representative are TCP and UDP.
TCP is a communication method that emphasizes delivering data accurately. UDP is a communication method that emphasizes a lightweight design and makes it easier to reduce latency.
However, TCP and UDP should not be compared as "which one is better." The suitable method is chosen according to the purpose of the communication.
What TCP Is
TCP is a communication method that emphasizes reliability.
With TCP, a connection is established with the other endpoint, and data is sent and received over that connection. It checks whether sent data reached the other party, and if data is lost along the way, it resends it.
Also, on a network, data does not always arrive in the same order in which it was sent. TCP gives data information for managing order, and the receiving side arranges it into the correct order before handling it.
For this reason, TCP is suited to "communication where missing data or changed order would cause problems."
For example, data accuracy is important in login processing, file transfer, email sending, and web communication using HTTP/1.1 or HTTP/2. If part of login information is missing or part of a file is broken, it cannot be processed correctly.
TCP performs controls such as confirmation and retransmission in order to obtain reliability. That means it has more control than UDP, but it is an important mechanism for communication where you want to handle data reliably in the correct order.
TCP "Manages Data So It Arrives Accurately"
The characteristic of TCP is not only that it "sends data," but that it manages sent data so the communication can function as communication.
Specifically, TCP has the following properties.
| Property | Content |
|---|---|
| Connection-oriented | Establishes a connection with the other endpoint before sending and receiving data |
| Arrival confirmation | Confirms whether sent data arrived |
| Retransmission | Resends data that did not arrive when necessary |
| Order control | Arranges data that arrived out of order into the correct order |
| Handling duplicates | Organizes cases where the same data arrives more than once |
Through these mechanisms, TCP provides applications with an ordered, reliable flow of data.
However, TCP does not preserve the "one unit of data sent by the application" as-is. TCP treats data as a continuous sequence of bytes.
For that reason, the application side needs to decide separately where one message starts and ends. Higher-level protocols such as HTTP have rules for that.
What UDP Is
UDP is a communication method that emphasizes low overhead and low latency.
With UDP, communication does not start by establishing a connection as TCP does. Also, UDP itself does not have a mechanism for resending data that did not arrive or for arranging order.
UDP sends data in relatively simple units. These units are called datagrams.
Because UDP keeps built-in protocol controls limited, processing becomes lightweight. As a result, it can be easier to use for communication that emphasizes real-time behavior.
However, it is not accurate to simply think "UDP is always fast." Actual speed and perceived quality are also affected by the network environment, application-side design, encryption method, whether retransmission is performed, congestion conditions, and similar factors.
The essence of UDP is that "the protocol itself does not carry many guarantees."
UDP "Reduces Guarantees to Make Communication Easier to Handle"
UDP does not have TCP-like reliability mechanisms built into the protocol itself.
| Property | Content |
|---|---|
| Connectionless | Does not assume connection establishment like TCP |
| No arrival guarantee | UDP itself does not guarantee that data will definitely arrive |
| No order guarantee | UDP itself does not guarantee arrival order |
| No retransmission | UDP itself does not automatically resend lost data |
| Datagram unit | Handles the sent unit as a datagram |
When described this way, UDP may look like incomplete communication. However, UDP is used because reducing guarantees makes it easier for the application side to design communication freely.
For example, in a video call, it is more natural to deliver current audio immediately than to accurately resend old audio data later. In online games as well, quickly reflecting the current state can be more important than completely resending past position information.
Also, using UDP does not mean that an application cannot guarantee anything. If necessary, the application side can add its own mechanisms for confirmation, retransmission, order control, encryption, and similar controls.
QUIC is a representative example. QUIC is based on UDP, but it is not merely UDP communication. It is a communication method that layers mechanisms such as connection management, encryption, retransmission, and stream control on top of UDP.
TCP and UDP Compared
The difference between TCP and UDP is not only "whether there is reliability." Their communication design philosophies differ.
| Item | TCP | UDP |
|---|---|---|
| Basic idea | Manages communication to deliver data accurately | Keeps the protocol lightweight and minimizes control |
| Connection | Communicates after establishing a connection | Does not assume connection establishment |
| Handling of data | Handles data as a continuous byte stream | Handles data in datagram units |
| Arrival confirmation | Performed | Not performed by UDP itself |
| Order control | Performed | Not performed by UDP itself |
| Retransmission | Performed when necessary | Not performed by UDP itself |
| Suitable uses | Communication where accuracy is important | Communication where low latency or flexible control is important |
| Representative examples | HTTP/1.1, HTTP/2, login, file transfer, email sending | DNS, video calls, online games, QUIC, HTTP/3 |
Communication Suited to TCP
TCP is suited to communication where data loss or disorder is likely to be a problem.
For example, when downloading a file, the whole file may break if even one part along the way is missing. In login processing as well, processing cannot work unless the information needed for authentication arrives correctly.
In web communication, HTTP/1.1 and HTTP/2 operate on top of TCP. The HTML, CSS, JavaScript, images, and similar elements that make up a web page generally need to be obtained correctly.
In this way, TCP is suitable when communication accuracy is important.
However, not all current web communication runs only on TCP. HTTP/3 uses QUIC. QUIC is a communication method based on UDP.
For that reason, remembering only "web browsing is TCP" is inaccurate when understanding current communication. More accurately, it is useful to organize it as "HTTP/1.1 and HTTP/2 use TCP, while HTTP/3 uses QUIC."
Communication Suited to UDP
UDP is suited to communication where real-time behavior and design flexibility are important.
In a video call, receiving current audio and video as quickly as possible is more important than completely receiving audio or video from a little while ago later. Even if some audio or video is missing, it may be more natural to keep the overall communication moving instead of stopping it.
Low latency is also important in online games. Continuing to update the current state at short intervals may be more suitable than completely resending past states.
UDP is also often used for DNS. DNS is a mechanism for querying IP addresses and similar information corresponding to domain names. UDP is suitable for short queries and responses that need to be performed quickly.
However, DNS does not always use only UDP. TCP is used when responses are large, when zone transfers are performed, or with methods such as DNS over TLS.
In other words, DNS is a "representative example of UDP," but it is not "UDP-only communication."
The Relationship Between QUIC and UDP
QUIC is a communication method based on UDP. HTTP/3 runs on top of this QUIC.
The important point here is that QUIC is not "communication without reliability because it is UDP."
UDP itself does not have mechanisms such as delivery checks, retransmission, order control, or encryption. However, QUIC implements reliability and encryption by layering its own controls on top of UDP.
The reason to build on UDP rather than TCP is that it is easier to flexibly improve a new communication method on top of UDP than to change TCP itself, which is deeply built into operating systems and network equipment.
For this reason, UDP is not simply "rough communication." It is also used as a foundation for implementing new communication methods.
Is TCP or UDP Better?
Neither TCP nor UDP is always superior to the other.
TCP emphasizes communication reliability. UDP keeps the protocol lightweight and makes flexible application-side control easier.
TCP is suitable for communication where accuracy is important. UDP may be suitable for communication where low latency or real-time behavior is important.
Also, even when UDP is used, the application side may supplement reliability. Conversely, even when TCP is used, latency and retransmission occur if network conditions are poor.
Therefore, TCP and UDP should not be separated simply as "fast or slow" or "safe or dangerous." They are chosen according to the communication purpose, acceptable latency, whether data may be missing, and how much control the application side will perform.
Connection Points When Thinking About Anonymity
The difference between TCP and UDP also matters when understanding anonymity and how communication appears.
For example, in s, , DNS, HTTP/3, video calls, online games, and similar contexts, how communication is handled may change depending on whether TCP or UDP is used.
TCP communication has a relatively clear connection start, continuation, and end. UDP communication does not have a connection form as explicit as TCP, and short datagrams may flow intermittently.
This difference becomes important for firewalls, NAT, VPNs, proxies, anonymization networks, and similar mechanisms.
For example, Tor is basically designed to handle TCP streams. For that reason, application communication that uses UDP cannot necessarily be sent through Tor as-is.
Also, because HTTP/3 uses QUIC, web communication may be UDP-based. In such cases, the way communication appears and is controlled may differ from conventional HTTP/1.1 or HTTP/2.
DNS is also important when thinking about anonymity and privacy. How communication is observed changes depending on whether DNS queries go out externally over UDP or are handled over TCP or an encrypted DNS method.
Understanding the difference between TCP and UDP makes it easier to organize not merely that "communication is happening," but "which kind of communication is being carried, and how."
Summary
TCP is a communication method that emphasizes reliability. It establishes a connection, confirms whether data arrived, resends as necessary, and arranges order.
Because UDP keeps the protocol lightweight, it does not have delivery checks, retransmission, order control, and similar mechanisms as basic functions. Because of that, it is used for communication that requires low latency or flexible design.
TCP is suited to HTTP/1.1, HTTP/2, login, file transfer, email sending, and similar uses. UDP is used for DNS, video calls, online games, QUIC, HTTP/3, and similar uses.
However, DNS uses TCP as well as UDP. QUIC is based on UDP, but it is not merely UDP communication; it has its own reliability and encryption mechanisms on top of UDP.
TCP and UDP are not in a relationship where one is superior to the other. They are chosen according to the purpose of communication: whether accuracy should be emphasized, or whether low latency and flexibility should be emphasized.
Related tools
DNSLeakTest
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.