The transport layer moves data between applications on two hosts, identified by port numbers. The two protocols are TCP (reliable, connection-oriented) and UDP (fast, connectionless). Choosing between them — and the TCP three-way handshake — are guaranteed interview topics.
Reliable vs fast
TCP sets up a connection, guarantees ordered, error-checked, reliable delivery with flow and congestion control — at the cost of overhead. UDP just fires datagrams with no connection or guarantees — minimal overhead and latency, but packets may be lost or reordered.
| Aspect | TCP | UDP |
|---|---|---|
| Connection | yes (handshake) | no |
| Reliability | guaranteed, ordered | best-effort |
| Speed/overhead | slower, more overhead | fast, low overhead |
| Use cases | web, email, file transfer | video/voice, gaming, DNS |
⚡ The edge
- Pick by need: TCP when correctness matters (web pages, files, email); UDP when speed matters more than perfection (live video, voice, gaming).
- The TCP three-way handshake is SYN → SYN-ACK → ACK — the client and server agree on sequence numbers before any data flows.
Worked example
'When would you choose UDP over TCP?'
- UDP suits real-time data where a late packet is useless and retransmission would only add lag.
- Examples: live video/voice calls, online gaming, and DNS lookups (small, fast, retried by the app).
- You accept occasional loss in exchange for low latency and no handshake overhead.
Answer: When low latency beats reliability — live video/voice, gaming, DNS — a late retransmission is useless.
Worked example
'Explain the TCP three-way handshake.'
- The client sends SYN with an initial sequence number.
- The server replies SYN-ACK, acknowledging the client and sending its own sequence number.
- The client replies ACK; both sides now agree on sequence numbers and the connection is established.
Answer: SYN -> SYN-ACK -> ACK: the two sides synchronise sequence numbers before sending data.
⚠ Watch out
- UDP is not 'unreliable garbage' — it's deliberately lightweight for cases where speed matters most.
- TCP provides ordering and reliability; UDP does not — the application must handle loss if it cares.
- Ports (not IPs) identify the application; IP identifies the host.