101
0/228
Loading content...
Selecting a transport protocol is one of the most fundamental decisions in networked application design. Choose incorrectly, and you'll either fight against the protocol's assumptions or waste resources unnecessarily. Choose correctly, and the protocol becomes an invisible enabler of your application's success.
This page provides a systematic comparison of TCP, UDP, and SCTP across every dimension that matters for protocol selection. Rather than treating this as an abstract exercise, we'll ground the comparison in practical engineering decisions.
By the end of this page, you will be able to make informed protocol decisions based on: reliability requirements, latency constraints, message semantics needs, connection model preferences, congestion behavior, and deployment environment constraints. You'll understand not just what the differences are, but why they matter for specific use cases.
Let's begin with the core differences that define each protocol's personality:
| Characteristic | TCP | UDP | SCTP |
|---|---|---|---|
| Service model | Reliable byte stream | Best-effort datagrams | Reliable message streams |
| Connection model | Connection-oriented | Connectionless | Association-oriented |
| Reliability | Guaranteed delivery, ordering | No guarantees | Guaranteed per stream |
| Message boundaries | Not preserved | Preserved | Preserved |
| Multiplexing | Single stream | N/A (no streams) | Multiple streams |
| Multi-homing | Not supported | Not supported | Native support |
| Congestion control | Mandatory | None | Mandatory |
| Flow control | Window-based | None | Window-based |
Understanding the Trade-offs:
Each protocol makes different trade-offs:
TCP trades simplicity and latency for guaranteed reliability. It handles all the complexity of reliable delivery so applications don't have to.
UDP trades reliability for speed and control. It gets out of the way, letting applications implement exactly what they need.
SCTP trades deployment simplicity for advanced features. It offers capabilities neither TCP nor UDP can match, but faces adoption challenges.
There's no universally 'best' protocol—only the best protocol for a specific context.
In practice, TCP handles roughly 80% of Internet traffic by volume, UDP handles 15-20% (and growing with QUIC), and SCTP handles less than 1%. TCP's 'good enough' reliability and universal support make it the default. The other protocols shine when their specific characteristics are needed.
Protocol overhead directly impacts efficiency, especially for small messages or high-bandwidth applications. Let's compare the header structures:
| Component | TCP | UDP | SCTP |
|---|---|---|---|
| Minimum header | 20 bytes | 8 bytes | 12 bytes (common header) |
| Typical header | 32 bytes (with options) | 8 bytes | 12 + 16 bytes (with DATA chunk) |
| Maximum header | 60 bytes | 8 bytes | Variable (chunk-based) |
| Checksum strength | 16-bit | 16-bit | 32-bit CRC |
| IP overhead | 20 bytes (IPv4) | 20 bytes (IPv4) | 20 bytes (IPv4) |
| Total minimum | 40 bytes | 28 bytes | 48 bytes |
Overhead Analysis:
For small messages (e.g., 100-byte payload):
For large messages (e.g., 1400-byte payload):
Key insights:
Beyond header size, TCP and SCTP generate acknowledgment traffic. For every ~2 data segments, an ACK is sent. This bidirectional traffic doubles the overhead for strict request-response patterns. UDP avoids this entirely, while applications building on UDP can choose their acknowledgment strategy.
Connection establishment latency is critical for short-lived transactions and responsive applications. Let's compare setup/teardown requirements:
| Aspect | TCP | UDP | SCTP |
|---|---|---|---|
| Setup messages | 3 (SYN, SYN-ACK, ACK) | 0 | 4 (INIT, INIT-ACK, COOKIE-ECHO, COOKIE-ACK) |
| Setup latency | 1.5 RTT | 0 RTT | 2 RTT |
| Data with setup? | Yes (with ACK) | N/A | Yes (with COOKIE-ECHO) |
| Teardown messages | 4 (FIN, ACK, FIN, ACK) | 0 | 3 (SHUTDOWN, SHUTDOWN-ACK, SHUTDOWN-COMPLETE) |
| Half-close support | Yes | N/A | No (bidirectional shutdown) |
| TIME_WAIT state | 2×MSL (~60-120s) | N/A | No (verification tags prevent confusion) |
Latency Implications:
For a 50ms RTT connection:
For short-lived connections: If you need a quick request-response and then close, UDP completes a round-trip while TCP is still handshaking. This is why DNS uses UDP—the entire query-response cycle happens faster than TCP setup.
TCP Fast Open and 0-RTT: TCP Fast Open (TFO) can reduce subsequent connections to 0-RTT by remembering a cookie from a previous connection. QUIC extends this concept further with 0-RTT connection resumption.
TCP's TIME_WAIT state consumes server resources for 60-120 seconds after connection close. High-volume servers handling many short connections can exhaust port space or memory. SCTP avoids this with verification tags, and UDP doesn't have connections to close. This is a practical consideration for connection-heavy workloads.
This is the most fundamental difference between the protocols. Understanding the nuances of their guarantees is essential for correct application design.
| Guarantee | TCP | UDP | SCTP |
|---|---|---|---|
| Delivery guarantee | Every byte delivered | Best effort (may lose) | Every message delivered |
| Ordering | Strict byte order | No ordering | Per-stream order |
| Duplicate detection | Yes | No | Yes |
| Corruption detection | 16-bit checksum | 16-bit checksum (optional IPv4) | 32-bit CRC |
| Partial delivery | N/A (byte stream) | N/A (complete datagram or nothing) | Configurable (PR-SCTP) |
| HOL blocking | Yes (single stream) | No (independent datagrams) | Per-stream only |
The Head-of-Line Blocking Problem in Detail:
TCP delivers bytes in strict order. If packet 5 of 10 is lost:
SCTP with multiple streams:
UDP:
Both TCP (optional) and SCTP (standard) support selective acknowledgments, which improve retransmission efficiency. Instead of just acknowledging 'I've received up to byte N,' SACK says 'I've received up to N, plus bytes X-Y and Z-W.' This allows the sender to retransmit only what's actually missing.
Congestion and flow control determine how protocols interact with the network and with receivers. These mechanisms have significant performance implications.
| Mechanism | TCP | UDP | SCTP |
|---|---|---|---|
| Flow control | Sliding window (receiver-advertised) | None | Sliding window (receiver-advertised) |
| Congestion control | AIMD (slow start, congestion avoidance) | None (sender decides rate) | Similar to TCP |
| Response to loss | Reduce window, retransmit | Application decides | Reduce window, retransmit |
| Response to ECN | Reduce window (if enabled) | Ignore or application handles | Reduce window (if enabled) |
| Rate limiting | Protocol-enforced | Application responsibility | Protocol-enforced |
| Network fairness | Built-in (TCP friendliness) | Not guaranteed | Built-in |
The Congestion Control Trade-off:
TCP/SCTP approach (protocol-enforced):
UDP approach (application responsibility):
Real-world example:
A video call using UDP can prioritize new frames over retransmitting old ones. If bandwidth drops, it can reduce quality rather than buffer and delay. TCP can't make these content-aware decisions.
UDP applications that ignore congestion are 'bad citizens' that can harm shared networks. If you're building on UDP, you should implement some form of congestion response—either traditional AIMD, or application-aware rate adaptation. QUIC and WebRTC have sophisticated congestion control despite running over UDP.
Protocol state requirements affect server scalability, memory usage, and failure recovery. Understanding these requirements is essential for system architecture.
| Resource | TCP | UDP | SCTP |
|---|---|---|---|
| Per-connection state | Significant (TCB: ~280+ bytes) | None at protocol layer | Larger (TCB + stream state) |
| Send buffer | Required (hold unacked data) | Minimal or none | Required (hold unacked chunks) |
| Receive buffer | Required (reorder, wait) | Minimal (one datagram) | Required (per-stream reorder) |
| Timers per connection | Multiple (RTO, persist, keepalive) | None | Multiple (RTO, heartbeat) |
| Server restart recovery | Connections lost | Immediate (no state) | Associations lost (or cookie restore) |
| Memory per 10K connections | ~10-50 MB | ~0 (for protocol layer) | ~15-60 MB |
Scalability Implications:
TCP: Each connection reserves kernel memory for the TCB (Transmission Control Block), buffers, and timers. A server with 100,000 concurrent connections might need 1-5 GB just for TCP state. Connection-heavy workloads (like websocket servers) hit this limit.
UDP: Protocol layer allocates essentially nothing per 'client.' A UDP server can theoretically handle millions of clients with minimal protocol overhead. Any per-client state is in the application layer, which can be optimized for the specific use case.
SCTP: Similar to TCP but slightly higher due to stream tracking and multi-homing state. However, SCTP's multiple streams can replace multiple TCP connections, often reducing total state.
Failure Recovery:
When a server restarts:
The 'C10K problem' (handling 10,000 concurrent connections) was largely a TCP state management challenge. Modern servers can handle C10M (10 million) connections with careful tuning—but UDP's near-zero per-connection overhead makes extreme scalability much easier. This is one reason game servers, DNS, and similar high-connection-count services often use UDP.
Transport protocol choice affects security in several ways, from DoS resistance to potential attack surfaces.
| Security Aspect | TCP | UDP | SCTP |
|---|---|---|---|
| SYN flood resistance | Vulnerable (SYN cookies help) | N/A (no handshake) | Resistant (cookie mechanism) |
| Address spoofing | Possible until handshake complete | Trivial for single packets | Prevented by verification tags |
| Connection hijacking | Possible with sequence prediction | N/A (stateless) | Prevented by verification tags |
| Reset attacks | Possible with correct sequence | N/A | Requires verification tag |
| Amplification attacks | Limited (needs handshake) | Possible (reflection/amplification) | Limited (needs handshake) |
| TLS/DTLS support | TLS (standard) | DTLS (different) | TLS (over SCTP) |
Key Security Differences:
SYN Flood Attacks: TCP's three-way handshake was the original DoS attack vector—send many SYNs from spoofed addresses, exhaust server memory with half-open connections. SYN cookies mitigate this by computing state cryptographically instead of storing it.
SCTP's four-way handshake with cookies was designed from the start to resist this attack. The server stores no state until receiving the returned cookie.
UDP Amplification: UDP's connectionless nature enables amplification attacks. An attacker sends a small request with a spoofed source address; the server sends a large response to the victim. NTP, DNS, and memcached have all been exploited this way. Any UDP service should limit response sizes or require authentication.
Verification Tags: SCTP's 32-bit verification tag, chosen randomly during setup, must be included in every packet. This makes blind injection virtually impossible, providing stronger protection than TCP sequence number prediction.
None of these protocols provide encryption or authentication at the transport layer. For confidentiality and integrity, use TLS (over TCP), DTLS (over UDP), or TLS over SCTP. Transport-layer security is about protocol robustness, not data protection.
Practical deployment considerations often override theoretical advantages. Network middleboxes, firewalls, and infrastructure support heavily influence protocol choices.
| Consideration | TCP | UDP | SCTP |
|---|---|---|---|
| NAT traversal | Excellent (well-understood) | Good (simpler than TCP) | Poor (NATs don't understand SCTP) |
| Firewall support | Universal | Usually open | Often blocked |
| Middlebox compatibility | High (but ossified) | High | Low |
| OS kernel support | Universal | Universal | Linux good, Windows limited, macOS kernel |
| Browser support | Via WebSocket | Limited (WebRTC) | Via WebRTC data channels |
| Debugging tools | Excellent (Wireshark, netstat, etc.) | Good | Limited |
| Protocol evolution | Slow (middlebox ossification) | Fast (just packets) | Medium (chunk extensibility) |
The Ossification Problem:
TCP has been so successful that its format has become frozen. Middleboxes (firewalls, NATs, load balancers) inspect TCP headers and make assumptions about their structure. New TCP options are often stripped or cause connections to fail.
This ossification is why QUIC runs over UDP—it looks like 'just UDP packets' to middleboxes, allowing the actual protocol to evolve inside the encrypted payload.
NAT and SCTP:
NAT devices translate IP addresses and ports. They understand TCP and UDP's port fields, but SCTP carries multiple addresses in its chunks. Most NATs either block SCTP or handle it incorrectly. SCTP works best in pure IP networks without NAT—typical for telecom infrastructure, rare for consumer Internet.
Practical Implications:
If your application must work across the general Internet (consumer connections, mobile networks, enterprise firewalls), TCP and UDP are safe choices. SCTP is viable for controlled environments (data centers, telecom networks, known-good paths) or when tunneled (SCTP over DTLS over UDP).
If you're unsure which protocol to use and don't have specific real-time or scalability requirements, TCP is usually the right default. Its universal support, well-understood behavior, and built-in reliability make it the safe choice. Only deviate when you have a compelling reason.
Protocol performance varies dramatically based on network conditions. Understanding these patterns helps predict real-world behavior:
| Condition | TCP Behavior | UDP Behavior | SCTP Behavior |
|---|---|---|---|
| Low latency, no loss | Excellent (saturates bandwidth) | Excellent (minimal overhead) | Excellent |
| High latency (satellite) | Slow start is painful; window scaling helps | No impact on protocol | Similar to TCP |
| Packet loss (wireless) | Interprets as congestion; backs off | Application handles | Similar to TCP; multi-stream helps |
| Jitter (variable delay) | RTO adapts but may over-retransmit | Application handles | Similar to TCP |
| Reordering | May trigger duplicate ACKs, false retransmits | Application reorders or ignores | Per-stream; less impacted |
| Bandwidth changes | AIMD adapts (slowly for increases) | Application must adapt | Similar to TCP |
| Network path change | Connection breaks (IP change) | May work (if application handles) | Multi-homing survives |
Key Performance Insights:
High-latency links (satellite, intercontinental): TCP's slow start is particularly painful. With 500ms RTT, it takes many seconds to reach full bandwidth. Window scaling and large initial congestion windows help, but fundamental limitations remain. UDP-based protocols can ramp up faster if they choose to.
Lossy wireless networks: TCP interprets all loss as congestion and reduces sending rate. But wireless packet loss often isn't congestion—it's radio interference. This mismatch causes TCP to underutilize wireless links. UDP-based applications can distinguish loss types and respond appropriately.
Mobile networks (path changes): When a phone switches from WiFi to cellular, its IP address changes. TCP connections break. UDP's connectionless nature can survive if the application layer handles it. SCTP's multi-homing handles this natively.
Benchmark your actual use case rather than assuming protocol behavior. Network conditions, message sizes, transaction patterns, and implementation quality all affect real-world performance more than protocol specifications suggest. A well-implemented UDP application can outperform a naive TCP one—and vice versa.
We've examined TCP, UDP, and SCTP across every important dimension. Let's consolidate into actionable guidelines:
| If You Need... | Best Choice | Alternative |
|---|---|---|
| Simple reliable delivery | TCP | QUIC |
| Lowest latency | UDP | QUIC (0-RTT) |
| Message boundaries + reliability | SCTP | UDP + app layer |
| Independent streams | SCTP or QUIC | Multiple TCP connections |
| Network failover | SCTP | Application-layer handling |
| Universal compatibility | TCP | UDP |
| Browser support | WebSocket (TCP) | WebRTC (UDP/SCTP) |
What's next:
With a thorough understanding of protocol characteristics, the final page guides you through practical selection criteria—helping you determine exactly when to use each protocol for your specific application requirements.
You now have a comprehensive understanding of how TCP, UDP, and SCTP compare across all important dimensions. This knowledge enables informed protocol decisions rather than default choices. Next, we'll translate this into practical 'when to use' guidance for real-world scenarios.