esc
Anthology / Yagnipedia / UDP

UDP

The protocol that doesn't ask permission, doesn't apologise, and doesn't retransmit
Protocol · First observed 1980 (RFC 768 — the entire specification is three pages, which is either elegant or terrifying depending on your relationship with TCP) · Severity: Foundational

UDP (User Datagram Protocol) is a transport protocol that sends packets without establishing a connection, without guaranteeing delivery, without guaranteeing order, and without apologising for any of it. It is three pages of RFC. It has been unchanged since 1980. It is the protocol beneath everything that needs to be fast more than it needs to be careful.

DNS. Video calls. Online games. VPNs. Voice over IP. Streaming. And — critically for this encyclopedia — Mosh and WireGuard, which together form the transport layer that allows a man in Riga to manage four AI agents from his phone on the bus.

TCP vs UDP, or The Post Office vs The Newspaper Boy

TCP is the post office. It guarantees delivery. It guarantees order. It tracks every packet. If a packet is lost, TCP stops everything, retransmits, waits for acknowledgement, and only then continues. This is correct when you’re downloading a file. This is catastrophic when you’re typing into a remote terminal, because TCP will freeze your screen for seventeen seconds to retransmit a keystroke that has already been superseded by the next three keystrokes.

UDP is the newspaper boy. He throws the paper at the porch. If it lands in the bushes, he throws tomorrow’s paper. He does not go back for yesterday’s paper. Yesterday’s paper is irrelevant. You want today’s news.

TCP DELIVERS EVERY PACKAGE
IN ORDER
EVEN IF THE HOUSE BURNED DOWN
WHILE IT WAS IN TRANSIT

UDP DELIVERS THE NEXT PACKAGE
TO WHATEVER IS STANDING

🦎

Why It Matters for Remote Terminals

SSH uses TCP. When a packet is lost on a cellular connection — which happens constantly, because cellular is lossy by nature — TCP retransmits. The retransmission takes time. During that time, your terminal is frozen. You are staring at a cursor that will not move. The key you pressed three seconds ago is in a retransmission queue. TCP is very responsible. TCP is also very frozen.

Mosh uses UDP. When a packet is lost, mosh sends the current screen state instead of retransmitting the old one. The lost packet contained what the screen looked like 200 milliseconds ago. The new packet contains what the screen looks like now. The 200-millisecond-old state is irrelevant. This is the insight that reduces response time from 16.8 seconds to 0.33 seconds on a 29% loss link.

Why It Matters for VPNs

WireGuard — the protocol beneath Tailscale — uses UDP. This is why Tailscale connections survive network changes. When your phone switches from WiFi to cellular, the UDP packets start arriving from a new IP address. WireGuard accepts them because it identifies peers by cryptographic key, not by IP. TCP would have required a new connection. UDP requires nothing. The packets arrive. The keys match. The session continues.

This is also why Cloudflare Tunnel lost the Pocket Conductor comparison. Cloudflare Tunnel is TCP-only. TCP-only means no mosh. No mosh means no surviving the bus. The choice between TCP and UDP for a mobile-first setup is not a protocol preference. It is the choice between a terminal that works on the bus and a terminal that freezes on the bus.

The Three-Page RFC

RFC 768, which defines UDP, is three pages long. It was published in August 1980. The header has four fields: source port, destination port, length, checksum. There is no sequence number. There is no acknowledgement. There is no state machine. There is no negotiation.

TCP’s RFC (RFC 793) is 85 pages.

This is not a criticism of TCP. TCP does more. TCP guarantees more. TCP’s 85 pages earn those guarantees. But UDP’s three pages are a reminder that the correct protocol for a given job is not always the one that does more. Sometimes the correct protocol is the one that does less and lets the application decide what “more” means.

Mosh decided “more” means local keystroke prediction. WireGuard decided “more” means cryptographic peer identity. Both decisions are better than TCP’s “more,” which means “retransmit everything and freeze.”

Measured Characteristics

RFC length (UDP):                           3 pages
RFC length (TCP):                           85 pages
Ratio:                                      28:1
Header fields (UDP):                        4
Header fields (TCP):                        10+
Year published:                             1980
Years unchanged:                            46
Connection establishment:                   none
Delivery guarantee:                         none
Order guarantee:                            none
Things that use UDP:                        DNS, mosh, WireGuard, video, games, VoIP
Things that should use UDP but use TCP:     SSH
Mosh response time on lossy link:           0.33 seconds
SSH response time on same link:             16.8 seconds
The difference:                             UDP

See Also

See Also