Introduction to TCP and UDP

In this lesson we are going to take a look at our transport protocols TCP and UDP. If you know about IP and IP packets you know that we require a transport protocol to send our IP packets.

I want to focus on the transport protocols that are used most of the time:

  • TCP (Transmission Control Protocol)
  • UDP (User Datagram Protocol)

So why do we have 2 different transport protocols here, why do we care and when do we need one over another?

The short answer is:

  • TCP is a reliable protocol.
  • UDP is a unreliable or best-effort protocol.

Unreliable you might think? Why do I want data transport which is unreliable? Does that make any sense? Let me tell you a little story to explain the difference between the two protocols.

You are sitting behind your computer and downloading the latest greatest movie in 1080P HD with 7.1 surround super sound directly from Universal studio’s brand new “download on demand” service (hey you never know…it might happen one day…). This file is 20GB and after downloading 10GB there’s something going wrong and a couple of IP packets don’t make it to your computer, as soon as the entire download is done you try to play the movie and you get all kind of errors. Unable to watch the movie you are frustrated and head for the local dvd rental place to watch some low-quality movie…

Ok maybe I exaggerate a bit but I think you get the idea; you want to make sure the transport of your download to your computer is reliable which is why we use TCP. In case some of the IP packets don’t make it to your computer you want to make sure this data will be retransmitted to your computer!

In our second story you are the network engineer for a major company and you just told your boss how awesome this brand new open source Voice over IP solution is. You decide to implement this new VoIP solution and to get rid of all the analog phones but your users are now complaining big time that their phone call quality is horrible. You contact the open source VoIP solution provider and you find out that they thought it would be a good idea to use a reliable transport protocol like TCP since well, we want phone calls to be reliable right?

Wrong thinking! TCP does error correction which means that data that didn’t make it to your computer will be retransmitted. How weird will your phone call sound if you are talking to someone and you hear something that they said a few seconds ago? It’s real-time so we don’t want retransmission. It’s better to send VoIP packets and lose a few than retransmitting them afterwards, your VoIP codec can also fix packet loss up to a certain degree. In this example we’ll want to use a best effort or unreliable protocol which is UDP.




Connection Type:








File Sharing



Video (streaming)

What do we have in the table above? First of all you see “connection type”. TCP is connection-oriented which means it will “setup” a connection and then start transferring data. UDP is connectionless which means it will just start sending and doesn’t care if it arrives yes or not. The connection that TCP will setup is called the “3 way handshake” which I will show you in a minute.

Sequencing means that we use a sequence number, if you download a big file you need to make sure that you can put all those packets back in the right order. As you can see UDP does not offer this feature, there’s no sequence number there.

So what about VoIP? Don’t we need to put those packets back in order at the receiver side? Well actually yes we do otherwise we get some strange conversations. UDP does not offer this “sequencing” feature though…let me tell you a little secret: for VoIP it’s not just UDP that we use but we also use RTP which does offer sequencing! (And some other cool features we need for VoIP).

Let’s take a look at an UDP header:

UDP Header

You can see how simple it is, it has the source and destination port number (this is how we know for which application the data is meant), there’s a checksum and the length.

Let’s sum up what we now know about UDP:

  • It operates on the transport layer of the OSI model.
  • Is a connectionless protocol, does not setup a connection…just sends data.
  • Limited error correction because we have a checksum.
  • Best-effort or unreliable protocol.
  • No data-recovery features.

Now let’s see what TCP can offer us. First of all since TCP is a reliable protocol it will “setup” a connection before we start sending any data. This connection is called the “3 way handshake”. Let me explain this by showing two computers that want to send data to each other in a reliable way:


H1 wants to send data to H2 in a reliable way, so we are going to use TCP to accomplish this. First we will setup the connection by using a 3-way handshake, let me walk you through the process:


First our H1 will send a TCP SYN, telling H2 that it wants to setup a connection. There’s also a sequence number and to keep things simple I picked number 1.


We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You’ve Ever Spent on Your Cisco Career!
  • Full Access to our 735 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

512 Sign Ups in the last 30 days

100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!


Forum Replies

  1. Hello Prathamesh!

    The TCP sequence number is random because, as Rene mentioned earlier, TCP is vulnerable to security issues like spoofing, injection or connection resetting. If an a attacker is able to determine the sequence number, he/she would be able to spoof a trusted source, and thus compromise the TCP session.

    For an example of such a spoofing attack, take a look at the following link:

    (Notice that this paper is almost 20 years old and yet it’s still valid today!!! Shows just how well designed

    ... Continue reading in our forum

  2. Hello Rayniero.

    A TCP checksum is used to determine if a TCP segment has been transmitted successfully and without corruption. The sender of the segment computes a checksum by applying an algorithm to the payload and getting a result. The result is placed in the TCP checksum field. When the segment reaches the receiver, the checksum is recomputed with the same algorithm and compared to the checksum sent by the sender. If a bit is flipped or some other badness happens to the segment in transit, then it is highly likely that the receiver of that broken packet

    ... Continue reading in our forum

  3. Hello Samuel.

    Concerning your questions about sequence numbers:

    I want to know if the last sequence number of the three way handshake is the same after the hanshake?

    The quick answer is yes. Now for more detail. When a TCP session begins, a sequence number is chosen to begin the handshake. This very first sequence number is random. (However, if you look at the sequence numbers portrayed in Wireshark, you’ll see that it starts at 1. This is the RELATIVE sequence number, as it states in Wireshark. It is displayed in this way for simplicity.) Once the hands

    ... Continue reading in our forum

57 more replies! Ask a question or join the discussion by visiting our Community Forum