Understanding TCP & UDP

Have you ever wondered what happens behind the scenes when you click a video on your favorite website? Or when you are trying to log onto a secure website? There are multiple protocols that run behind the scenes to help you out and allow you to watch that favorite video of yours or buy that dress which you longed for.

Two such important protocols are TCP ( Transmission Control Protocol) and UDP (User Datagram Protocol). These are one of the two most common protocols used during networking and setting up a secure infrastructure. Multiple services run on the top of this protocol or in simple terms utilize their services. Before we go further and understand the technicalities involved, we must try to learn what happens in simple terms.

Everything we work upon is actually one and zeros only in the computer universe. The data that is sent across from one computer to another is a bunch of ones and zeros flowing from here to there. For the sake of simplicity, we will call this bunch as a packet. Say, when you click on YouTube to watch a video, you actually send a command asking YouTube to send some packets from its computer (or server) to your smartphone. Similarly, when you are logging on to Flipkart and checking out from the cart, you are actually sending packets from your computer to Flipkart’s computer. Easy Peasy, Right? So where do TCP and UDP come into this video watching and flipkarting?

TCP is a connection-oriented protocol while UDP is a connectionless protocol. What does this mean? Connection-oriented means that this protocol will ensure that packets (remember, a bunch of 1s and 0s) will be delivered to the destination computer with a 100% guarantee. Connection less protocol means that it will try its level best to deliver the packets, but may not be 100% sure that the packets actually got delivered. The analogy is similar to a registered post and a normal postal letter. In a registered post (TCP), the letter will be delivered to you in hand, while the normal postal letter (UDP) is thrown at your doorstep. You are lucky if you get it.

If you are paying close attention, I have taken two examples above to drive the point of TCP and UDP. Both the examples (video watching and flipkarting) are one of the applications of UDP and TCP respectively. Let’s understand how. When you watch a video, a lot of data is sent across to your computer. Even if one of the packets out of these thousands of packets gets lost in the transmission, you may not even notice as the overall effect on your video may be extremely minimal. This is where UDP is used. Since UDP is a connectionless, best effort protocol, it is used while playing video where even if you lose a few packets, you will not suffer. Since it is a connectionless protocol, it is easy to implement and requires fewer resources and is faster than TCP. On the other hand, when you are doing a payment on an e-commerce website, no packet loss is acceptable as it may affect the transaction. Hence TCP, a connection-oriented protocol needs to be used. TCP will do a 3-way handshake to establish this connection. In order to set up this connection and deliver your packets with 100% guarantee, TCP requires more resources, however, it makes it more reliable. (We will understand about the 3-way handshake and related attacks in the next article.)

If you are a developer, you must decide which protocol to use while delivering a service. TCP and UDP can be used in conjunction with other services too. Say, you develop an email application – SMTP service. If you wish to ensure that the mail gets delivered with 100% guarantee, you may implement SMTP with TCP.

Let’s extend this discussion to understanding the differences between these protocols. If reliability is a requirement, we will go for TCP, else UDP. Since TCP requires a lot of resources to get implemented, it would be prudent to send small amounts of data which require reliability. If a high volume transaction like a video streaming (Netflix) needs to be done, UDP would be a better choice.

What are your thoughts on this?


Post a Comment

You may also like to read...

Identification, Authentication, Authorization, and Accountability

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

How to Pass SSCP Exam in the First Attempt

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel

Cloud Computing - The Logical Model