1Why does TCP suffer from head-of-line blocking in multiplexed connections like HTTP/2?
Vetora🔌Networking & Protocols
TCP vs UDP
TCP provides reliable, ordered, connection-oriented delivery with flow and congestion control, while UDP is a minimal connectionless protocol that trades reliability for lower latency. Choosing between them is one of the most fundamental networking decisions in system design.
Overview
TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) are the two primary transport-layer protocols in the Internet protocol suite. Every networked application must choose one (or, increasingly, build on top of UDP with custom reliability), and the choice fundamentally shapes the application's latency, throughput, and failure characteristics. Understanding both protocols at a deep level is essential for system design because the transport layer determines how data is framed, delivered, and recovered across unreliable networks.
TCP is a connection-oriented protocol that establishes a session between two endpoints through a 3-way handshake (SYN, SYN-ACK, ACK) before any data is exchanged. Once connected, TCP guarantees reliable delivery through sequence numbers and acknowledgments -- every byte sent is numbered, the receiver ACKs received bytes, and the sender retransmits anything not acknowledged within a timeout. TCP also guarantees ordering: bytes arrive at the application in the exact order they were sent, even if the underlying IP packets arrive out of order. Flow control via the sliding window mechanism prevents a fast sender from overwhelming a slow receiver. Congestion control algorithms (from classic Reno/NewReno to modern CUBIC and BBR) dynamically adjust the sending rate to avoid overwhelming the network. These guarantees make TCP the default choice for HTTP, database connections, file transfers, email, and any protocol where correctness trumps latency.
UDP is a connectionless protocol with a minimal 8-byte header -- no handshake, no sequence numbers, no acknowledgments, no flow control, no congestion control. Each datagram is independent: the sender fires it into the network, and the receiver either gets it or does not. There is no retransmission, no ordering guarantee, and no mechanism to detect or adapt to network congestion. This minimalism is UDP's strength: without the overhead of connection establishment, acknowledgment tracking, and retransmission timers, UDP achieves significantly lower latency and supports use cases where losing a few packets is preferable to waiting for retransmissions. Real-time voice (VoIP), video streaming, online gaming, and DNS queries all rely on UDP because a slightly degraded experience from packet loss is better than the latency spikes and head-of-line blocking that TCP's reliability mechanisms introduce.
The modern networking landscape has evolved beyond the simple TCP-vs-UDP binary. QUIC, originally developed by Google and now standardized as RFC 9000, builds reliability and multiplexing on top of UDP. QUIC provides the guarantees that applications need (reliable delivery, ordering within streams, encryption) without TCP's head-of-line blocking problem, where a single lost packet in a TCP connection stalls all multiplexed streams. QUIC achieves 0-RTT connection resumption, per-stream flow control, and integrated TLS 1.3 encryption. HTTP/3 runs on QUIC, and as of 2026 roughly 30% of web traffic uses HTTP/3 over QUIC over UDP. This shift demonstrates a broader trend: rather than choosing between TCP and UDP, modern protocols choose UDP as the transport and build exactly the reliability semantics they need at the application layer.
Key Points
- 1TCP's 3-way handshake (SYN, SYN-ACK, ACK) adds 1 RTT of latency before any data can be sent. With TLS, the total connection setup cost is 2-3 RTTs. This overhead is negligible for long-lived connections but significant for short-lived requests.
- 2TCP guarantees in-order delivery using sequence numbers. If packet 3 arrives before packet 2, the receiver buffers packet 3 until packet 2 arrives. This causes head-of-line (HOL) blocking: one lost packet stalls all subsequent data on the connection.
- 3TCP congestion control (CUBIC, BBR) dynamically adjusts the sending rate based on network conditions. AIMD (Additive Increase, Multiplicative Decrease) increases the window linearly and halves it on loss. BBR uses bandwidth and RTT measurements instead of loss signals.
- 4UDP has no built-in reliability or ordering. Applications that need either must implement them at the application layer. This is exactly what QUIC does -- selective reliability and per-stream ordering on top of UDP.
- 5Head-of-line blocking in TCP is the primary motivation for QUIC/HTTP/3. In HTTP/2 over TCP, all multiplexed streams share one TCP connection -- a single lost packet blocks all streams. QUIC provides independent streams over UDP, so loss on one stream does not affect others.
- 6DNS uses UDP by default (port 53) because queries are small single-packet exchanges where the 1-RTT handshake overhead of TCP is unnecessary. DNS falls back to TCP for responses exceeding 512 bytes (or 4096 with EDNS) and for zone transfers.
Simple Example
The Phone Call vs Text Message Analogy
TCP is like a phone call: you dial, wait for the other person to pick up (handshake), confirm they can hear you, then have an ordered conversation where you repeat anything they missed. If the line drops, you both know and reconnect. UDP is like sending text messages: you fire them off without checking if the recipient is ready, they might arrive out of order, some might get lost, and you will never know unless the recipient tells you. For a business negotiation (database transaction), you want the phone call. For shouting game coordinates to your teammate while dodging bullets (real-time gaming), rapid-fire texts are better even if a few get lost.
Real-World Examples
Netflix
Netflix streams video over TCP using adaptive bitrate (ABR) algorithms like DASH and HLS. While UDP might seem natural for video streaming, Netflix buffers several seconds of video ahead of playback, which absorbs TCP retransmission delays. TCP's congestion control also helps Netflix be a good network citizen by not overwhelming residential ISP links. The ABR algorithm adjusts video quality based on throughput, working with TCP's congestion control rather than against it.
Discord
Discord uses UDP for voice and video communication with the Opus audio codec and VP8/VP9 video codecs. Voice packets are small (20ms of audio per packet) and time-sensitive -- a retransmitted voice packet arriving 200ms late is useless because the conversation has moved on. Discord implements its own jitter buffer and Forward Error Correction (FEC) on top of UDP, tolerating up to 5% packet loss without perceptible quality degradation.
Cloudflare
Cloudflare handles both protocols at massive scale. DNS queries arrive over UDP (1.1.1.1 resolver) and are answered in a single round trip, typically under 10ms. DNS-over-HTTPS (DoH) runs over TCP/TLS for privacy. Cloudflare was also an early adopter of QUIC (UDP-based) for HTTP/3, reporting that over 25% of their traffic now uses HTTP/3, with particularly strong improvements for mobile users on lossy cellular networks.
Trade-Offs
| Aspect | Description |
|---|---|
| Reliability vs Latency | TCP's retransmission guarantees mean no data loss but introduce latency spikes when packets are dropped -- the sender must wait for a timeout and retransmit, and all subsequent data is blocked behind the lost packet. UDP sacrifices reliability for consistently low latency, making it superior for real-time applications where a slightly degraded experience is better than a delayed one. |
| Connection Overhead vs Simplicity | TCP's 3-way handshake and connection state (sequence numbers, window sizes, timers) add setup latency and memory overhead on both endpoints. A server handling 1 million TCP connections needs significant memory for connection state. UDP has no connection state -- a server can receive datagrams from millions of sources with minimal memory overhead. |
| Congestion Control vs Application Control | TCP's congestion control prevents network collapse but can be overly conservative, limiting throughput in high-bandwidth networks. UDP provides no congestion control, giving applications full control but also the responsibility to avoid overwhelming the network. Poorly behaved UDP applications can cause congestion collapse in shared networks. |
| Head-of-Line Blocking vs Independent Delivery | TCP delivers data in strict order, so a lost packet blocks all subsequent data even if it belongs to a different logical stream. UDP delivers datagrams independently -- loss of one datagram does not affect others. This independence is why QUIC (HTTP/3) chose UDP as its transport: multiplexed streams need independent loss handling. |
Case Study
Google's Development of QUIC -- Beyond TCP vs UDP
Scenario
By 2012, Google observed that TCP's head-of-line blocking was degrading performance for HTTP/2 multiplexed connections, especially on lossy mobile networks. A single lost packet on a TCP connection carrying multiple HTTP/2 streams would stall all streams, negating the benefits of multiplexing. Additionally, TCP's handshake plus TLS handshake added 2-3 RTTs of latency before the first byte of data, which was particularly painful for the short-lived connections typical of web browsing.
Solution
Google built QUIC as a transport protocol running over UDP. QUIC provides reliable, ordered delivery per stream (so loss on one stream does not block others), integrates TLS 1.3 encryption directly into the handshake (reducing connection setup to 1 RTT or 0 RTT for resumed connections), and implements its own congestion control. By building on UDP, QUIC could be deployed as a user-space library without waiting for OS kernel changes, enabling rapid iteration.
Outcome
QUIC reduced search latency by 8% on desktop and 3.6% on mobile. For video playback (YouTube), QUIC reduced rebuffering by 18%. QUIC was standardized as RFC 9000 in 2021 and adopted as the transport for HTTP/3. By 2026, roughly 30% of global web traffic uses HTTP/3 over QUIC. The success of QUIC demonstrated that the future of transport protocols lies in building application-tailored reliability on top of UDP rather than extending TCP.
Common Mistakes
- ⚠Assuming UDP is always faster than TCP. For bulk data transfer, TCP's congestion control and windowing often achieve higher throughput than naive UDP implementations. UDP's latency advantage is primarily in real-time, loss-tolerant scenarios, not in raw throughput.
- ⚠Using raw UDP without any congestion control for high-bandwidth applications. This can cause network congestion collapse, harming other applications sharing the network. Responsible UDP-based protocols (QUIC, WebRTC) implement their own congestion control.
- ⚠Choosing TCP for real-time communication because 'reliability is important.' For voice/video, a retransmitted packet arriving 200ms late is worse than no packet at all. Real-time applications need timeliness, not reliability -- these are different properties.
- ⚠Ignoring QUIC as a third option. The TCP-vs-UDP question is increasingly outdated. QUIC provides TCP-like reliability with UDP-like flexibility and solves head-of-line blocking. For new HTTP-based services, HTTP/3 over QUIC is often the best choice.
Related Concepts
See TCP vs UDP in action
Explore system design templates that use tcp vs udp and run traffic simulations to see how these concepts perform under real load.
Browse TemplatesCompare TCP vs UDP latency in video streaming
Metrics to watch
stream_latency_mspacket_loss_pctthroughput_mbpsbuffer_underrun_rate
Test Your Understanding
2Which protocol is most appropriate for a DNS query to resolve a domain name?
3What is the primary advantage of building QUIC on top of UDP instead of modifying TCP?