Remote Desktop Connection behaviour over UDP and TCP
Microsoft’s Remote Desktop Protocol (RDP) enables users to establish remote connections to other computers over TCP AND UDP port 3389. RDP supports UDP for improved performance. Microsoft favours using UDP alongside TCP to enhance responsiveness and reduce latency during remote sessions. In this article, we shall discuss “Remote Desktop Connection behaviour over UDP and TCP”. Please, see “Setup is unable to access the SQL UDP Port 1434 on the specified SQL Server“, and DNS uses TCP and UDP.
Note: By default, the Windows internal firewall enables both UDP and TCP rules for RDP connections. In practice, RDP prioritises UDP for better performance. Although we can force RDP to use TCP instead, doing so may degrade the user experience and cause noticeable lag, as we will explore in more detail later.
Starting with RDP version 8, RDP utilise both TCP and UDP concurrently to optimize performance. Therefore, configure your Router and Firewall to permit both TCP and UDP traffic over the appropriate ports to support RDP’s capabilities fully.
Also, see “Service and Network Port requirements for Active Directory“, how to “Configure SQL Server Instance to listen on a specific TCP Port“, and how to to Fix Windows 11 File Explorer Lags and Freezes Issue.
TCP vs UDP in a nutshell
TCP (Transmission Control Protocol) reliably delivers data through a connection-oriented approach, using error checking and retransmitting lost packets when necessary. It’s well suited for RDP traffic that demands consistent and dependable data delivery, such as remote desktop sessions involving active user interaction.
Note: In general, it is recommended to use TCP for RDP traffic within a LAN, as the reliability and consistency provided by TCP are important for ensuring a stable remote desktop experience
UDP is a faster but less reliable protocol that skips error checking and does not retransmit lost packets. Below is a table comparing the two protocols.
| Feature | TCP (Transmission Control Protocol) | UDP (User Datagram Protocol) |
|---|---|---|
| Connection | Connection-oriented (establishes a reliable connection first via a 3-way handshake) | Connectionless (sends data without setup) |
| Reliability | Reliable and it ensures delivery, and error checking | Unreliable and there are no guarantees on delivery |
| Speed | Slower due to overhead from error-checking and handshakes | Very fast with minimal overhead |
| Use Cases | Web browsing (HTTPS) etc | VoIP, online gaming, DNS queries |
| Packet Loss Handling | Retransmits lost packets | Ignores lost packets |
| Overhead | Flow control, and sequencing, etc. | Lower: Minimal headers and error checks |
Please see Deep Dive into Protecting AWS EC2, RDS Instances and VPC, What is the difference between iDRAC, IPMI, and ILO, and How to configure Windows LAPS.
Establishing Remote Desktop Connection
I will recommend taking a look at this blog post before proceeding with the rest of this guide, “Guide to Remote Desktop Connection Properties for Secure Access“. You can use the Remote Desktop Connection (mstsc.exe), the Microsoft Remote Desktop app (Deprecated), and the Windows App (the Future of remote desktop connections) to connect and control Windows devices from a remote device.
Note: When you allow remote desktop connections to your PC, you can use another device to connect to your PC and have access to all of your apps, files, and network resources as if you were sitting at your desk.
In Windows, you can save the settings of a selected Remote Desktop connection to an RDP as a backup. You will then be able to open the saved RDP file on demand to quickly connect remotely to the computer using the same settings from when the RDP file was saved.
Please, see How to Grant Local Admin Permissions to a Group [Part 1], and How to Grant Local Admin Permissions to a Group [Part 1].
RDP Connection Issues: TCP vs UDP Performance and Reliability Compared
If your internal users complain that RDP sessions freeze. This RDP freeze problem can also be caused by UDP usage. You can switch your Remote Desktop connection to TCP to solve the problem with freezing RDP connections. This can eventually eliminate the problem as TCP provides more reliable delivery.
Note: TCP connections can also slow down due to congestion. Thereby causing delays and stuttering in RDP sessions. That’s where the User Datagram Protocol (UDP) helps. Under the right network conditions, UDP can enhance RDP performance by enabling faster and more efficient data transmission.
You can see which network protocol is used by the RDP client by clicking on the displayed bars at the top of the header of the RDP session. Click on the Connection Information as shown below
You will see that the Transport Protocol is UDP, and the user is currently experiencing some network issues.
The connection is stable again as shown in the image below.
Since RDP version 8, RDP uses both TCP and UDP to optimise performance. UDP is preferred for its low latency and responsiveness, especially in real-time interactions.
However, in networks with high packet loss or instability, UDP’s lack of reliability can lead to issues like freezing or disconnections. In such cases, forcing RDP to use only TCP can improve stability, though it can slightly reduce performance due to increased overhead and latency.
Please see How to install PostgreSQL on Ubuntu, ho to Fix “Perform Site Maintenance or reset this site” greyed out, and how to Configure NIC Teaming on Windows Server.
How UDP and TCP Impact Session Performance
When an RDP session is initiated, the remote server and the RDP client negotiate the best available network protocol. By default, RDP prefers UDP because of its lower latency and better responsiveness. If UDP is unavailable due to firewall restrictions, network configuration, or packet loss, the session automatically falls back to TCP.
Ideally, Remote Desktop Protocol (RDP) should run over UDP, not TCP. This is because UDP reduces latency and improves the overall responsiveness of the session, as shared above. Blocking or disabling UDP can cause performance degradation, including input lag and slower screen updates etc.
- A Lag in an RDP session refers to delays in response times. For example, if you type or move your mouse and there’s a delay before you see it on the remote screen, that’s lag. A lag can occur due to slow network connections, high latency, or limited bandwidth.
- But a freeze is when the RDP session becomes unresponsive for a period of time. This can happen when the connection is momentarily lost or when the system on the other side is too busy to respond. It may require waiting for the session to “catch up” or reconnecting if the freeze persists.
While lag and freezes both interrupt the experience, lag is usually more manageable as it affects performance intermittently. While freezes may require a more active intervention to resolve.
Please, see How to use the Reliability Monitor in Windows, and how to Migrate Veeam Configuration Database to PostgreSQL Server.
UDP Transport Extension
The RDP-UDP protocol is an extension of the Remote Desktop Protocol that uses UDP to improve performance over unreliable networks. Thereby, offering either reliable or best-effort data delivery modes.
The UDP Transport Extension operates in two phases. First, during the UDP connection initialisation. The terminal client and server exchange data to set up the UDP connection. After a successful setup, they enter the UDP Data Transfer phase, where they exchange Coded Packets. The protocol works in two modes, chosen during initialisation:
- RDP-UDP-R (Reliable) Mode: Endpoints retransmit lost datagrams.
- RDP-UDP-L (Best-Efforts) Mode: Endpoints do not guarantee delivery or retransmit lost datagrams
Unlike TCP, which ensures reliable, ordered delivery with retransmissions. RDP-UDP offers optional reliability and prioritises low latency, making it better suited for real-time remote desktop experiences over lossy networks.
Please see Install and License Devolutions Remote Desktop Manager, and how to connect to the Remote Desktop console session from the Command Line.
Remote Desktop Behaviour over VPN
When connecting from one PC to another using Remote Desktop Protocol (RDP) over a VPN. The router’s configuration to allow only TCP may play a role.
For instance, in a scenario where the VPN is established over the Internet and the RDP traffic is encrypted and tunneled through the VPN. The configuration of the router to allow only TCP may not have an effect on the RDP traffic. The VPN encryption and tunneling would provide the necessary reliability and error checking for the RDP traffic, regardless of whether the router is configured to allow only TCP.
However, in scenarios where the VPN is set up within a LAN or uses split tunnelling where RDP traffic isn’t fully encapsulated (encrypted), then router settings become critical. If the router is configured to allow only TCP, this will block RDP over UDP. This restriction can degrade performance, especially in environments where UDP would otherwise provide better responsiveness and lower latency.
I hope you found this article on “Remote Desktop Connection behaviour over UDP and TCP” very useful. Please feel free to leave a comment below.
