If you use a VPN regularly, you probably know that almost all VPN vendors provide OpenVPN protocol because OpenVPN is a secure and reliable open-source solution.
Both Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are protocols for sending data packets through the internet built on top of the Internet Protocol. They’re also the main transports over which OpenVPN can operate. Both network protocols provide privacy and security.
Yes, each has its own pros and cons, but the choice of which protocol to use depends entirely on your preferences. While neither option outperforms the other in all aspects, you should think about your usage and security needs before choosing the best one for you. This is why many VPN vendors allow users to choose which protocol to use.
This article will give you a basic understanding of your options, their advantages and disadvantages, and when to use a particular protocol.
Related guide: VPN protocols
TCP is a stateful or connection-oriented protocol that allows communication among devices in a network. Once it takes messages from the application layer, it forwards them to the network after dividing them into packets. TCP makes sure the connection is established and maintained steadily until the transfer of packets is complete. This is why it’s connection-oriented.
Once a packet is received at the other end, the sending end waits for an acknowledgment from the receiving end before sending the next packet. This guarantee of data-receiving is what makes this protocol the most reliable one out there.
Let’s take a look at the benefits that TCP offers.
Yes, TCP can do the job, but it has some disadvantages you may need to consider.
TCP is the most reliable and most commonly used protocol on the internet. That may be enough reason to choose TCP over UDP. This is mainly due to the error correction and data stream controlling mechanisms used in TCP. They make sure that the packets sent by the sender are received by their intended receivers uncorrupted and in the right order. This is what makes the connection error-free.
As mentioned, TCP waits for acknowledgment by the receiver that the packet was received successfully prior to sending the next one. In other words, you can rely on TCP for successful delivery of messages. So, TCP may be the ideal choice for you if you seek a reliable and steady connection.
Because of TCP’s speed issues, you might prefer another protocol to be used over OpenVPN. With its ability to omit certain steps in TCP, UDP may be a good alternative for you.
Although UDP is another popular internet protocol, it’s used only in specific circumstances. The main difference between UDP and TCP is that UDP has no error correction mechanisms.
UDP is considered to be stateless or connectionless communication, and no prior communications are needed to set up a connection between the sender and the receiver. It provides checksums to check data integrity and port numbers to take care of functions at the receiving end of the data — or in this case, a datagram.
Let’s see the various advantages that come with UDP.
Having high speed is good, but at what cost? Now let’s check the disadvantages of UDP.
As should now be apparent, there are consequences of going with a speedy connection with UDP. Unless you’re looking for higher performance and a fast protocol, it might be better to go with TCP.
Unlike TCP datagrams, UDP datagrams contain no sequence number to order the packets received. So users are likely to use other applications along with UDP to reorder the data packets.
However, if you’re interacting with real-time services such as gaming, live conferences, VoIP, it’s better to switch to UDP. That way, it won’t process delayed data, ensuring that you enjoy high performance.
It’s no wonder that some of the fastest VPN vendors out there choose UDP as their default configuration protocol with OpenVPN. In fact, here’s what OpenVPN itself says about the two protocols:
Again, it depends on your requirements.
There’s a tradeoff between reliability and speed. For instance, if speed is your primary concern, then UDP is your best option. Streaming HD movies and playing games online are much easier with UDP.
If you prefer reliability, then go with TCP. Yes, you may experience slower data transmission, but TCP is used with many internet services and therefore trusted by many.
You can also switch to TCP, abandoning the default UDP configurations when you experience connection problems. However, be sure to change ports prior to switching your protocol, as many of the connectivity problems aren’t caused by the connection type, but because the ISP is blocking the VPN ports.
In regard to the slow transmission in TCP, it may also depend on how far you are from the VPN server. If you select the VPN server nearest to you, the slow connections will drop considerably.
ExpressVPN is by far the best VPN provider in the industry. Like many VPN applications, even ExpressVPN uses OpenVPN by default when the protocol option is “Automatic.” As suggested by ExpressVPN’s website, users can choose the optimal protocol by changing the settings. This is just a two-step process:
1. Go to Options.
2. Select your preferred protocol.
Running OpenVPN over TCP brings extra advantages as well. This is about how to defeat the government censorship with TCP port 443. As many of us know, some countries, such as China, love to censor the internet and track their citizens’ internet traffic. These governments block any sites that don’t abide by their policies or share their beliefs.
This is why many people use VPNs: to bypass government firewalls. As these governments are aware of this countermeasure, they block VPNs, too. Fortunately, if you use OpenVPN over TCP, it would be nearly impossible for the government to block you.
You may have seen that secure websites start their URLs with https://. They use SSL or Secure Socket Layer, a standard security technology, to encrypt the data transmitted between a server and a user. Nowadays, almost all websites use SSL.
Due to the high prevalence of SSL, websites that use this technology are believed to be unblockable. Even China may find it difficult to block them. But this isn’t the most interesting part. The best part is that SSL uses not just any protocol and port, but the TCP protocol on port 443. As OpenSSL libraries are used in building OpenVPN, configuring TCP to run with port 443 is a piece of cake.
So, when the VPN is using OpenVPN over TCP on port 443, your VPN traffic seems like regular SSL traffic. There’s no way to identify the data, as they’re encrypted. Running OpenVPN over TCP port 443 will greatly increase your overall security and the strength of your digital defence.
TCP is and will be the dominant protocol for as long as it provides guaranteed delivery of data packets, reliability, error correction, and much more. But keep in mind the costs: latency and additional overhead. This is why even VPN providers use UDP as their default configuration, although it’s unreliable and connectionless.
Choosing what’s ideal for you doesn’t have to be difficult. It really just depends on whether you prioritize speed, or whether you prioritize reliability.