TCP VS UDP!
Back to the basics with this one. These are two core protocols in networking, they are used for sending data over the internet and other networks. TCP stands for Transmission Control Protocol and is used for reliable connections. UDP stands for User Datagram Protocol and it is used for fast connections but are not very reliable.
Like I said earlier, TCP is a network protocol designed to ensure a reliable delivery of our data to a destination. Some examples of when TCP would be used are when you are doing web browsing, sending emails, file transfers, etc. TCP is necessary here because we don't want website data to be missing or important parts of a file to be missing during a transmission. Think of going to your favorite website and some of the data that is usually on there when you fully load the page is missing. So how does TCP ensure a reliable connection? This is where the TCP 3-way handshake comes into play. Before sending any data, two hosts will communicate via the 3-way handshake to establish a connection. For example, let's say we want to access thenetworkquest.org, we first need to establish a TCP connection. First, our computer will send a TCP segment with a SYN flag set in the TCP header (this bit is set to 1). Next, the server hosting thenetworkquest.org will respond with both the SYN and ACK flags set (this means their bits in the TCP header are set to 1). Finally, our computer will send a TCP segment with the ACK flag set and a TCP connection will be established as long as nothing went wrong. We can now begin the real exchange of data.
There is also something called the 4-way handshake that not many people know about. When I was in college, I learned about this 3-way handshake, but this was never mentioned. This process uses the ACK flag and the FIN flag in the TCP header. To terminate our connection, our computer will first send a TCP segment with a FIN flag set, next the server will send a TCP segment back with an ACK flag set. It will then also send another TCP segment with just the FIN flag set. Finally, PC1 will send a TCP segment with the ACK flag set and the connection is terminated.
So I explained how a TCP connection is established, but how do we know if something goes wrong in the process and data needs to be retransmitted? Take a look at this diagram below, I used AI to help me create it and I will explain what it means.
TCP knows data is missing when it doesn't receive an ACK for certain sequence numbers. If the device receiving the data gets out-of-order data or there is too long of a time without receiving an ACK, it will resend the data. Look at the diagram, when the PC sends a TCP segment with a SYN flag set with a sequence number of 15, the server replies with a random sequence number but an ACK of 16. If the PC was to receive this same TCP segment back from the server but the ACK was set to say 25, it would try to resend the missing data because it can tell something is wrong.
UDP is not connection-oriented and does not provide a form of reliable communication. A sending host does not establish a connection like we do with TCP before sending data, it is just sent. UDP traffic is sent as best effort, no data is going to be retransmitted if it is missing. A great example of when we would use UDP is when we are watching a livestream. Our goal with UDP is to get the video and audio data as quickly as possible with minimal delay, which is why this is great for streaming. We aren't going to be upset if a packet is lost because most likely, we wouldn't notice it unless there is too much loss.
Lastly, I want to cover a few protocols associated with their port numbers that either use TCP or UDP. Some protocols that come to mind that use TCP are SSH (22), Telnet (23), HTTP (80), HTTPS (443), and FTP Data + Control (20/21). Protocols that come to mind when using UDP are TFTP, SNMP Agent (161), SNMP Manager (162), and Syslog (514).