AASHUTOSH POUDEL

Computer Networks

Unit 5: Transport Layer (Layer 4)

TCP, UDP, and QUIC — reliable vs unreliable delivery, ports, the three-way handshake, and how YouTube and Netflix choose between them.

What is the transport layer?

The Transport Layer provides end-to-end communication between applications running on two hosts. Where Layer 3 gets a packet to the right machine, Layer 4 gets it to the right application on that machine (using port numbers) and decides whether the delivery should be reliable or fast.

Unit of data: segment (TCP) or datagram (UDP)

Responsibilities

  • Port-based addressing — distinguishes applications using port numbers (e.g. 80 for HTTP, 443 for HTTPS, 22 for SSH).
  • Segmentation and reassembly — splits large data into smaller segments and rebuilds them at the destination.
  • Reliable delivery — uses acknowledgements and retransmissions (TCP only).
  • Flow control — prevents a fast sender from overwhelming a slow receiver.
  • Congestion control — slows down when the network is congested (TCP / QUIC).
  • Multiplexing — many connections can share a single host.

TCP vs UDP

The two main Layer 4 protocols:

FeatureTCPUDP
ConnectionYes (3-way handshake)No (connectionless)
ReliabilityGuaranteedBest-effort
OrderingIn orderPossibly out of order
SpeedSlower (overhead)Faster
Use casesWeb, email, file transferStreaming, gaming, DNS, VoIP

TCP three-way handshake

Before any TCP data is exchanged, the client and server perform a handshake:

Client                           Server
  |  ---- SYN ---->                |
  |  <-- SYN/ACK --                |
  |  ---- ACK ---->                |
  |   (connection established)     |

Only after this handshake does data start flowing. This is what makes TCP reliable — both sides agree on sequence numbers and can detect missing or out-of-order segments.

QUIC — the modern transport

QUIC is a newer transport protocol that runs on top of UDP but provides TCP-like reliability plus built-in encryption (TLS 1.3) and zero-round-trip resumption. It powers HTTP/3.

Key advantages over TCP:

  • Faster connection setup (0-RTT in many cases).
  • No head-of-line blocking between streams.
  • Connection migration (your phone can switch from Wi-Fi to 4G without dropping).

Example — opening a web page

When you type https://example.com:

  1. Your browser opens a TCP connection to port 443 on the server.
  2. Three-way handshake completes.
  3. Browser sends an HTTPS request.
  4. Server replies with segments containing the HTML.
  5. TCP reassembles them in order and hands the full page to the browser.

If the same request used HTTP/3 over QUIC, the same steps happen but over UDP, with encryption negotiated as part of the handshake — saving round-trips.

Real-world scenarios

YouTube, Google, and Cloudflare moving to QUIC

Google pioneered QUIC and now serves the majority of YouTube, Search, and Gmail traffic over HTTP/3 (QUIC) instead of TCP. Cloudflare and Meta enabled QUIC for billions of users for the same reasons: faster page loads on mobile and resilience to network changes.

Netflix streaming over TCP

Netflix streams video over TCP (HTTP/HTTPS) because reliability matters more than the tiny extra latency. Their adaptive bitrate logic (ABR) sits on top of TCP and adjusts video quality based on network conditions detected at this layer.

Online gaming over UDP

Games like Fortnite, Valorant, and Call of Duty use UDP because losing one packet of player position is fine — the next packet a few milliseconds later already has the latest state. TCP would retransmit the lost packet, causing visible lag.

DNS uses UDP

Every time you visit a website, your computer fires a tiny UDP packet to a DNS server (like 8.8.8.8) on port 53. UDP is perfect here because the query and answer fit in one packet — no need for a handshake.

AWS Network Load Balancer (NLB)

AWS’s NLB operates at Layer 4 and routes raw TCP/UDP packets to backend instances at millions of requests per second. It’s used by streaming services and trading platforms that need ultra-low-latency packet forwarding without inspecting the request body.

Common Layer 4 problems

  • Port already in use (EADDRINUSE).
  • Firewall blocking a specific port.
  • TCP RST (reset) caused by misconfigured load balancers.
  • TCP retransmissions caused by lossy links.
  • TCP head-of-line blocking — a problem QUIC solves.