TCP vs UDP - Explaining Facts and Debunking Myths - TCP Masterclass

00:00

it's time to explore TCP and UDP in the

00:03

true practical networking style get

00:05

ready to really understand how and why

00:07

these two layer 4 protocols have been

00:09

the workhorses of the internet for the

00:11

better part of the last 40 years

00:14

[Music]

00:21

hello everyone my name is Ed harmush and

00:24

in this video we'll be kicking off what

00:25

will likely be a pretty thorough series

00:27

on TCP but before we get into the depth

00:30

of TCP we have to start on the same page

00:32

so in this video we're going to be

00:34

covering TCP and UDP specifically we're

00:37

going to be talking about what TCP and

00:38

UDP are and what they are not

00:41

now if you're looking for some

00:42

background information before we get

00:43

into TCP and UDP we first mentioned the

00:46

concepts of TCP and UDP back in our

00:48

networking fundamental Series in the

00:50

lesson on the OSI model in that lesson I

00:52

showed you this slide and I told you

00:54

that the main purpose of DCP and UDP is

00:57

what I like to call service to Service

00:58

delivery the technical term for this is

01:00

multiplexing and demultiplexing of

01:02

traffic

01:02

in any case in that slide I told you

01:04

that there are two strategies for how

01:06

this is done that's where TCP and UDP

01:08

come into play so if you're looking for

01:10

some context or background information

01:11

I'd point you to this video there'll be

01:13

a link in the description

01:15

what we're going to do in this video is

01:17

unpack TCP or the transmission control

01:19

protocol and UDP or the user datagram

01:21

protocol across four different

01:23

dimensions we'll first start by talking

01:25

about four important differences between

01:27

TCP and UDP and then I'm going to dispel

01:29

four common myths about TCP and UDP that

01:32

I keep hearing about

01:33

with that said let's get into the first

01:35

difference that we're going to be

01:36

talking about and that has to do with

01:38

TCP being connection oriented and UDP

01:41

being not connection oriented now if

01:43

you're anything like me when I first

01:44

read that about TCP and UDP I had no

01:47

idea what they meant it actually took a

01:49

few years before I finally understood

01:50

what they mean by this and I'd like to

01:52

communicate that to you now what they

01:53

mean by connection oriented is that

01:55

there is an official start and an

01:57

official in to a TCP connection

02:00

UDP does not have that so what that

02:02

means is that before this host can send

02:04

TCP data packets to the other host it

02:07

first has to send a special packet that

02:09

essentially says hey I'd like to start

02:11

speaking TCP with you let's start a

02:13

connection

02:14

and then this host has to respond saying

02:16

cool I'm ready to speak and now this

02:18

host can actually start sending data

02:19

onto the wire

02:20

then once that host has finished sending

02:22

the data it needs to send it's then

02:24

going to send another special packet

02:26

indicating that it is now done sending

02:28

data on the wire and this host will

02:30

respond saying great I've received all

02:31

the data I am done with this connection

02:33

as well

02:34

by comparison UDP does not have an

02:37

official start or end to the connection

02:38

if this host wants to send UDP data to

02:41

that host all it's going to do is simply

02:43

put that data onto the wire and hope it

02:45

gets to the other side there isn't any

02:47

sort of signaling that indicates this is

02:48

the start of the UDP connection and this

02:50

is the end of a UDP Connection in fact

02:52

some people say that there is no such

02:54

thing as a UDP connection but in modern

02:57

network engineering parlance people

02:59

refer to a UDP connection all the time

03:01

but if there's no official start or end

03:03

how do we determine which set of packets

03:05

all belong to the same connection well

03:07

with UDP all you can really do is Define

03:09

it based upon the timeout any packets

03:12

that share the same five double that's

03:14

Source IP Source Port destination IP

03:16

destination port and protocol in this

03:18

case UDP and arrive within the same

03:19

certain time period can all be said to

03:21

be a part of the same UDP connection

03:24

now this timeout is not a constant value

03:26

I've seen a lot of different values from

03:27

different vendors and different software

03:29

two minutes seems to be a pretty common

03:31

one but by no means is that a standard

03:33

across the internet

03:34

in any case that's the first major

03:36

difference between TCP and UDP that I

03:38

wanted to unpack for you and hopefully

03:40

that gives you a much better

03:41

understanding of the terms connection

03:42

oriented and not connection oriented

03:44

than I had when I first started learning

03:46

networking which brings us to the second

03:49

attribute we're going to discuss

03:50

regarding TCP and UDP

03:52

the next component that we're going to

03:54

discuss about TCP and UDP is that TCP is

03:57

said to be reliable but again what do

03:59

they actually mean when they say TCP is

04:01

reliable well there's actually three

04:03

subparts to what is meant by reliable

04:05

and I'm going to explore each of them

04:06

for you in the next few minutes the

04:08

first sub-component of TCP being

04:10

reliable is this TCP provides

04:12

confirmation of data delivered what that

04:15

means is that if this host sends some

04:17

data to this host every time this host

04:19

receives that data it's going to send an

04:21

acknowledgment saying hey I just

04:22

received that data this means this host

04:25

knows whenever data actually got to the

04:27

other side

04:28

by comparison UDP does not have that UDP

04:31

doesn't provide any sort of confirmation

04:33

of data delivery if this host sends UDP

04:36

packets of this host it's simply going

04:37

to put those packets on the wire and

04:39

hope for the best the receiving host

04:41

isn't going to do any sort of

04:43

confirmation that the data actually got

04:44

there

04:45

that's the first part of what is meant

04:47

by TCP being reliable now the benefit of

04:50

this is that if we are confirming every

04:52

time data is actually delivered that

04:54

means we are aware if something didn't

04:55

actually make it through if this host

04:57

put TCP packets on the wire and never

05:00

receives that confirmation well this

05:02

tells this host that something happened

05:03

with a transmission

05:05

which means this host can then notify

05:07

the application which initiated the TCP

05:09

connection that some sort of error had

05:10

occurred that's useful because then the

05:12

application can provide an error message

05:14

to the user telling the user that some

05:16

sort of error has occurred

05:18

UDP doesn't have that since UDP doesn't

05:21

have any sort of data delivery

05:22

confirmation

05:24

UDP is unaware of any errors actually

05:26

happen

05:26

meaning if this guy sent UDP packets

05:29

across the wire and something happened

05:30

to those packets this guy is not going

05:32

to know anything about it at layer 4.

05:35

the application might have their own

05:37

confirmation of delivery built into the

05:39

application but none of that is provided

05:41

by UDP at layer 4. those are the first

05:43

two subparts to what is meant by TCP

05:46

being reliable the third and final part

05:49

of that is this guy with TCP data is

05:52

delivered to the application in the

05:54

correct order so here's what I mean by

05:56

that remember that with typical internet

05:58

communication it's not like the host is

06:00

directly singing data to another host

06:02

instead often it's some sort of

06:04

application running on this host is

06:07

telling this host to put certain packets

06:08

on the wire and send it via TCP or UDP

06:11

in the case of TCP any packets that the

06:14

application say to send TCP will label

06:17

with a particular sequence number for

06:18

Simplicity I'm just going with one two

06:20

and three this sequence number can then

06:22

be used to make sure that on the other

06:24

side that data is delivered to the

06:25

application in the correct order

06:27

now if The Two Hosts are literally

06:28

connected via same wire then it doesn't

06:30

really matter because the order in which

06:32

you put these packets on the wire is the

06:34

order in which they'll arrive on the

06:35

other side

06:36

but often when you're speaking to

06:37

another host you're speaking to another

06:39

host on the other side of the internet

06:40

which means on the other side of a bunch

06:42

of different routers whose job it is to

06:44

hand those packets off to one another to

06:46

deliver them to the final host

06:48

the issue is that there is no guarantee

06:50

that those packets are going to be

06:52

delivered using the same path so what

06:54

can sometimes happen is maybe the first

06:56

packet takes the fastest path and the

06:58

second packet takes the scenic route and

07:00

the third packet took the fast pass then

07:02

on the other side what you have is the

07:03

packets arriving in the order one three

07:05

two even though on the sending side they

07:08

are sent as one two and three

07:10

now in the case of TCP since TCP labeled

07:13

these packets with a sequence number TCP

07:16

can switch the packets around as

07:17

necessary before they actually hand

07:19

those packets to the application the key

07:21

there is that the other application is

07:23

definitely going to receive the data in

07:25

the correct order

07:26

UDP doesn't have any sort of intrinsic

07:29

data ordering which means if the packets

07:31

arrive on the other host out of order

07:32

and it's a UDP connection the

07:35

application is going to have to deal

07:36

with that in whatever way makes the most

07:37

sense

07:38

possibly the application has their own

07:40

method of sequencing or alternatively

07:43

possibly the application doesn't really

07:45

care about the order in which the data

07:46

writes for instance if I'm downloading a

07:49

100 megabyte file I don't necessarily

07:51

care that byte1 gets there before byte

07:53

100. as long as all the bytes get there

07:55

I'll be happy so that wraps up talking

07:57

through the three subparts to what is

08:00

meant when people say that TCP is

08:01

reliable

08:03

notice however I didn't say that UDP was

08:06

unreliable we'll talk more about that in

08:08

a moment the third major component about

08:10

TCP and UDP is that TCP is set to

08:13

provide flow control and UDP does not

08:17

let's talk about what that actually

08:18

means in the case of UDP UDP is going to

08:21

transmit its data as fast as it possibly

08:24

can

08:25

whereas TCP is going to dynamically

08:27

adjust its transmission rate to use the

08:30

maximum available bandwidth safely

08:32

without exceeding it so let me show you

08:34

what I mean now if you have a situation

08:36

where the host in communication are

08:39

speaking across the path with pretty

08:40

much consistent bandwidth availability

08:42

then this difference really isn't all

08:44

that important they both end up

08:46

achieving about the same transmission

08:47

rate however most of the time when

08:50

you're speaking to another host

08:51

especially another host on the other

08:52

side of the internet the available

08:54

bandwidth throughout the path is not

08:56

consistent often one side of the path

08:58

has more available bandwidth than the

09:00

other or more realistically you'd have

09:02

higher bandwidth here lower bandwidth

09:04

here higher here lower here higher here

09:06

or something like that in any case if

09:08

you were to map out the bandwidth

09:09

available across the entire path in this

09:11

illustration you would have something

09:12

that looks like this

09:15

now with UDP sending data as fast as it

09:17

can what would end up happening is this

09:19

host would look at its local connection

09:21

and be like whoa look at all this

09:22

available bandwidth I have I'm going to

09:24

send data as fast as I possibly can

09:26

according to this available bandwidth

09:28

but as you can see we have more

09:30

available bandwidth here than we do over

09:32

here

09:33

so with UDP you'd have a situation that

09:35

looks like this

09:37

UDP would be sending data super fast

09:39

over here but then once it got to this

09:41

side a lot of that data would be dropped

09:42

since this side cannot support the same

09:45

bandwidth transmission rate

09:47

TCP however would dynamically adjust the

09:49

transmission rate to stay within the

09:51

bandwidth across the entire path let me

09:53

show you with TCP you would have

09:55

something that looks more like this TCP

09:58

would start out low and then start

09:59

increasing the bandwidth but once you

10:01

start noticing that certain packets are

10:02

dropped it would start to adjust its

10:04

bandwidth down to whatever is available

10:05

for the entire path

10:07

then TCP would bounce around at that Max

10:09

available bandwidth

10:11

now the details of that are rather

10:13

interesting and we can get into how all

10:15

that works later on in this series

10:16

but for now I just want to highlight the

10:18

significant difference between flow

10:20

control and how TCP will smartly use the

10:22

available bandwidth without dropping

10:24

packets whereas UDP will transmit

10:26

everything as fast as it possibly can

10:27

that's what people mean when they say

10:29

that TCP provides flow control

10:31

and that takes care of our third major

10:33

comparison point between TCP and UDP

10:36

which brings us to our fourth and our

10:38

fourth is that TCP is more overhead and

10:41

UDP is less overhead well to understand

10:44

this one we have to pull back something

10:45

we learned about the OSI model remember

10:47

in our lesson on the OSI model we said

10:49

that the application layers layer 5 6

10:51

and 7 are going to put together some

10:53

sort of data that should be sent to the

10:55

other side

10:55

the application layers are then going to

10:57

hand that data to layer 4. and layer 4

11:00

is going to add a header to that data in

11:02

order to accomplish layer 4's goals of

11:04

service to Service delivery

11:06

then layer 4 is going to hand that to

11:08

layer 3 and layer 3 is going to add its

11:11

own header in order to accomplish the

11:12

goal of layer 3 of end to end delivery

11:15

and then layer 3 is going to hand that

11:17

to layer 2 and layer 2 will add its own

11:19

header in order to accomplish the goals

11:21

of hop delivery and finally this

11:23

construct over here known as a frame is

11:26

then going to be serialized and put on

11:27

the wire and sent to the other side now

11:29

if any of that was unfamiliar to you

11:31

specifically the terms hop to hop end to

11:34

end and service to service I'd recommend

11:36

checking out my videos on the OSI model

11:38

I promise it'll be one of the best takes

11:40

on the OSI model you've ever seen in any

11:42

case going back to this comparison Point

11:44

what is meant by a more overhead and

11:46

less overhead has to do with the size of

11:48

the header being added to the data TCP

11:51

is going to add a larger header to the

11:53

data compared to UDP let me show you

11:57

here is what a UDP header would look

11:59

like notice the UDP header only includes

12:03

four Fields a source port and a

12:05

destination port to accomplish the goal

12:07

of service to Service delivery a length

12:09

which indicates to the other side how

12:11

long the entire segment is and finally a

12:14

checksum and in the case of UDP this

12:15

checksum is optional

12:17

notice the entire thing is only eight

12:19

bytes

12:21

by comparison the TCP header looks like

12:23

this notice it is much larger it's

12:26

actually 20 bytes at minimum and

12:29

sometimes can be larger if options are

12:31

included with options the TCP header can

12:34

be at most 60 bytes

12:36

either way you can see that it's adding

12:38

a lot more information to each data

12:40

payload well that kind of makes sense

12:42

because TCP has more features and to

12:45

accomplish these features TCP has to add

12:48

more information to the data

12:50

TCP also has a source and destination

12:52

Port just like UDP TCP doesn't have a

12:55

length per se but it does have an offset

12:57

which indicates how long the TCP header

12:59

is and TCP has a checksum but in the

13:02

case of TCP it's actually mandatory

13:05

otherwise all of these fields over here

13:08

are all new in TCP and don't actually

13:11

exist in UDP

13:12

these are the fields which accomplish

13:14

these features of TCP you're going to be

13:17

looking at a lot of these fields in more

13:18

detail in the next lesson

13:20

for now I just want to really drive home

13:22

the point of what is meant by more

13:24

overhead versus less overhead with TCP

13:26

versus UDP

13:28

so that takes care of illustrating the

13:30

core attributes of TCP and UDP

13:33

next I'd like to discuss and even dispel

13:36

a few myths about TCP and UDP there are

13:40

four myths that we're going to be

13:41

talking through and I'll say at the

13:43

outset of this that some of these might

13:45

just be subjective aversions to certain

13:47

phrases

13:48

either way I do want you to be able to

13:51

speak to TCP and UDP smartly so with

13:53

that said let's talk about the first

13:55

myth that we're going to dispel and that

13:57

is that UDP is faster this is not true

14:01

the speed is actually identical

14:04

now I'm guessing what people mean when

14:06

they say UDP is faster is that UDP has

14:09

less overhead than TCP if that's what

14:12

they mean then they should use the term

14:13

less overhead saying UDP is faster

14:16

implies that a packet sent via UDP will

14:19

get to the other side faster than a

14:20

packet sent by TCP

14:22

the term for how long it takes a packet

14:24

to get across to the other host is known

14:26

as leads and the latency is actually

14:29

completely unaffected whether you're

14:30

using TCP or UDP

14:32

so the term UDP is faster is not

14:35

actually true

14:36

yes UDP provides less overhide than TCP

14:39

but you can't actually say a UDP packet

14:42

is faster and will get to the other side

14:44

any quicker than a TCP map

14:46

so that is the first myth that I wanted

14:48

to spell

14:49

the second myth is this guy TCP is more

14:53

secure and if I can be honest with you

14:55

this is by far the myth that I dislike

14:57

the most

14:58

as someone who teaches security and

15:00

cryptography and SSL and TLS and people

15:03

say TCP is more secure it really makes

15:05

my blood Bowl TCP is not more secure the

15:09

security of both is identical in fact

15:12

you can say that either protocol is

15:14

equally insecure since neither protocol

15:17

provides any sort of security to data

15:19

packets that are sent onto the wire

15:21

if you actually want security applied to

15:24

your data packet you're going to have to

15:25

apply them in another layer you'll have

15:27

to use something like ipsec at layer 3

15:29

or SSL TLS or SSH at layer 5 through 7.

15:34

but at layer 4 the choice of TCP and UDP

15:37

is equal security or rather equally

15:40

insecure

15:41

so the myth that TCP is more secure is

15:43

completely untrue

15:45

anybody that says otherwise is wrong

15:48

that is the second myth that I wanted to

15:50

spell for you

15:51

the third myth is this one UDP is

15:55

unreliable that's also not true

15:57

but for this one I actually have some

16:00

sympathy for it people say that TCP has

16:02

reliability so wouldn't it make sense to

16:04

then say UDP is unreliable

16:06

I get it but a better way of saying that

16:08

would be something like this

16:10

UDP doesn't provide a reliability at

16:13

layer 4.

16:14

saying it like this tends to give UDP a

16:16

bad reputation the odds of a packet

16:19

getting through the wire to the other

16:20

side are identical whether you're using

16:22

TCP or UDP the only difference is TCP

16:26

actually provides confirmation of data

16:28

delivery whereas UDP does not

16:31

UDP in fact allows the application to

16:33

provide any sort of reliability that the

16:36

application needs it simply doesn't

16:38

provide any magically at layer 4 like

16:40

TCP does that's a better way of saying

16:43

this myth and that is also why I dislike

16:46

the phrase UDP is unreliable and is also

16:49

why I avoided saying it earlier in this

16:51

lesson

16:52

which brings us to the fourth myth that

16:54

I want to dispel and that is this one

16:57

and I'll be honest this one might just

16:59

be a syntax issue but one way or another

17:01

the myth is TCP provides guaranteed

17:04

delivery that is also not true

17:07

TCP simply provides informed delivery in

17:11

the sense that TCP provides confirmation

17:12

of data delivery

17:14

but TCP cannot guarantee that delivery

17:17

of packets will get to the other side

17:19

if something is wrong with the wire

17:21

Between Two Hosts whether you put a TCP

17:24

packet on the wire or a UDP packet on

17:26

The Wire the odds of it getting through

17:28

or not getting through are identical so

17:31

TCP can't actually guarantee that

17:33

anything is actually going to be

17:34

delivered all TCP is going to do is

17:37

provide reliability in the sense of we

17:39

know when data is delivered and

17:41

therefore we know when data is not

17:42

delivered TCP cannot magically make data

17:45

arrive that's why I dislike this phrase

17:48

of TCP is a guaranteed delivery but

17:51

again that could just be a phrase that I

17:53

personally am not a big fan of

17:55

either way those are the four myths that

17:57

I wanted to talk through in this video

17:59

and that in fact wraps up the main

18:01

things I wanted to cover in this lesson

18:03

in the next lesson we're going to unpack

18:05

exactly how TCP provides all these cool

18:08

features we just got done illustrating

18:10

and if you understood all the things you

18:13

went through in this lesson and you'll

18:14

follow along with everything we're going

18:16

to go through in the next lesson then

18:18

you can safely say that you understand

18:19

TCP better than most but even then these

18:23

first two lessons are really only

18:25

scratching the surface with TCP

18:27

there is so much more to TCP that we

18:29

could be discussing for instance we

18:31

could talk through different flags we

18:33

could talk through the sliding window we

18:35

could talk through how the checksums are

18:36

actually calculated we could discuss the

18:38

different flow control algorithms like

18:39

TCP Reno and TCP Tahoe we could talk

18:42

through ecn and cwr and various TCP

18:44

options some of which exist in pretty

18:47

much every single TCP connection of the

18:49

modern era and I am absolutely willing

18:51

to take the time to create the videos

18:52

teaching through each of these

18:54

additional items but if I'm going to do

18:56

that I need you to do me a favor

18:59

I put a lot of time and effort into the

19:01

content I produce my goal is to always

19:03

create the best possible training

19:04

content for you but unfortunately that

19:07

means I can't really keep up with a

19:09

YouTube weekly delivery schedule which

19:11

means regrettably my content will never

19:13

be favored by the YouTube algorithm

19:15

so if you want me to continue making

19:17

this TCP series I need you to help me

19:19

blow up these first two videos

19:21

do the usual like comment and subscribe

19:23

but also share links to this amongst

19:25

your peers or post it on Twitter

19:27

LinkedIn or Reddit or whatever social

19:29

media platform you prefer if these two

19:31

videos get a wide following then I'll

19:33

happily create content covering the rest

19:34

of these concepts for you

19:36

with that said we bring this lesson to a

19:39

close the main takeaways from this

19:41

lesson are understanding the four major

19:43

differences between TCP and UDP and what

19:46

is actually meant by each of them and

19:48

also understanding the four myths we

19:50

dispelled and why each of them might be

19:51

wrong

19:52

in the next lesson we're going to go

19:54

further with TCP and I'll show you how

19:55

TCP actually provides each of these

19:57

features

19:58

but that's it for this lesson I hope you

20:00

enjoyed this video thank you for

20:02

watching and I'll see you in the next

20:04

one

20:05

thank you

20:07

[Music]

20:15

foreign

20:20

[Music]