TCP vs UDP: What’s the Difference?

By /

Listen to this Post

TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) are fundamental protocols for internet communication, each with distinct characteristics:

  • TCP: Connection-oriented, reliable, and ensures ordered data delivery. Ideal for HTTP/HTTPS, FTP, and email (SMTP).
  • UDP: Connectionless, low-latency, but no delivery guarantees. Used in VoIP, video streaming, and DNS queries.

You Should Know:

1. TCP in Action

  • Establishing a TCP Connection (3-Way Handshake):
    Use tcpdump to capture the SYN, SYN-ACK, ACK process:
sudo tcpdump -i eth0 'tcp[bash] & (tcp-syn|tcp-ack) != 0'
  • Testing TCP Connectivity:
    nc -zv example.com 80  Check if port 80 (HTTP) is open

2. UDP in Action

  • Sending UDP Packets:
    echo "Test UDP" | nc -u example.com 53  Send UDP to DNS port
  • Capturing UDP Traffic:
    sudo tcpdump -i eth0 udp port 53  Monitor DNS queries

3. Protocol Selection Guide

  • Use TCP for:
  • Web servers (nginx/apache).
  • Secure file transfers (scp/sftp).
  • Use UDP for:
  • Real-time apps (Zoom/RTP).
  • Gaming servers (Unity/Unreal).

4. Linux Kernel Tweaks

  • Increase TCP Buffer Size:
    sysctl -w net.ipv4.tcp_rmem="4096 87380 16777216"
sysctl -w net.ipv4.tcp_wmem="4096 65536 16777216"
  • Enable UDP Fast Open:
    sysctl -w net.ipv4.tcp_fastopen=3

What Undercode Say:

  • TCP’s reliability comes at the cost of overhead (headers, retransmissions).
  • UDP sacrifices reliability for raw speed—critical for latency-sensitive apps.
  • Advanced Tools:
  • Wireshark: Filter with tcp.port == 443 || udp.port == 53.
  • iperf3: Test throughput (-u flag for UDP):
    iperf3 -s  Server 
iperf3 -c server_ip -u -b 1G  Client (UDP flood test)
  • Windows CMD:
    Test-NetConnection -ComputerName example.com -Port 80  PowerShell TCP check

Expected Output:

 TCP 3-Way Handshake Capture (tcpdump):
20:10:00.123 IP client.12345 > server.80: Flags [bash], seq 123456789 
20:10:00.124 IP server.80 > client.12345: Flags [S.], seq 987654321, ack 123456790 
20:10:00.125 IP client.12345 > server.80: Flags [.], ack 987654322 

 UDP DNS Query (tcpdump):
20:10:05.678 IP client.54321 > 8.8.8.8.53: UDP, length 32

Relevant Links:

References:

Reported By: Nasir Amin – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: