OpenVPN is a popular and secure VPN tunneling protocol that can be implemented in a number of ways. Two common uses are User Datagram Protocol (UDP) and Transmission Control Protocol (TCP). Each protocol has different advantages in terms of privacy and connection speeds, making them better for specific tasks such as streaming.
In this guide, we analyze the difference between TCP and UDP protocols - so you can decide which one to use in your VPN client.
What is UDP?
The UDP protocol is a commonly implemented protocol used for OpenVPN connections. OpenVPN UDP most commonly runs over UDP ports 500, 4500 or 1194.
UDP is generally preferred for all VPN transmissions including data-intensive tasks such as streaming or torrenting via P2P. This is because UDP provides better speeds thanks to low latency and a higher tolerance for packet loss during transmission.
One advantage of UDP is that it does not involve any error detection or correction. This becomes a drawback if VPN users experience the loss of more than a few packets at a time. When this occurs, the VPN connection drops out - meaning that (if you aren’t using a killswitch) you could leak unencrypted data to your ISP. This is problematic if you are downloading copyrighted material P2P in countries where it is prohibited, for example.
Despite this, UDP is the natural choice for most VPN users, providing high levels of efficiency.
If you require VPN obfuscation (stealth mode) for bypassing firewalls, or are suffering problems when using UDP (because of a lousy internet connection), you will should switch over to OpenVPN TCP protocol.
What is TCP?
Transmission Control Protocol (TCP) is often described as "ugly" by network engineers. It is a communications protocol that implements error correction. This means that TCP always waits for any lost packets to be re-sent. This also means that TCP is generally slower than UDP. The TCP protocol usually runs over TCP port 1701, 1723, or 443.
Due to the fact that it is slower, TCP should only be used under very specific circumstances:
You need to disguise OpenVPN as HTTPS over port 443 to conceal VPN use in places with firewalls (China, Iran, and Egypt).
You are suffering from a very poor internet connection and the VPN service keeps dropping out forcing your killswitch to kick in.
Your VPN does not have a killswitch, your internet connection is temperamental, and you are afraid of UDP dropping out causing you to leak data to your ISP.
UDP vs TCP
When you get a VPN, all the available encryption options can seem a bit confusing. The option to toggle between OpenVPN TCP protocol and OpenVPN UDP protocol is a handy inclusion for any VPN client. It will come in handy any time that you are struggling to gain a stable VPN connection.
As a rule, it is best to stick to UDP as this is considered the fastest, most enjoyable and reliable of the options, only using TCP when specifically required.