DEV Community: Moksh Gupta

TCP vs UDP: Key Differences, Ports, and When to Use Each

Moksh Gupta — Fri, 29 May 2026 08:03:34 +0000

If you've set up a server, debugged a firewall rule, or tried to share a local game with friends, you've run into TCP and UDP. They're the two core transport protocols - but they work in fundamentally different ways. This guide breaks down each protocol, when to use which one, what ICMP ping actually is, and how to set up port forwarding correctly.

TCP vs UDP - The Core Difference

TCP (Transmission Control Protocol) guarantees your data arrives in order, complete, and without errors. It establishes a connection before sending anything and retransmits lost packets automatically.

UDP (User Datagram Protocol) is a fire-and-forget protocol. It sends packets as fast as possible without confirming they arrived - trading reliability for raw speed.

Key differences at a glance:

TCP requires a 3-way handshake; UDP has no connection setup
TCP retransmits lost packets; UDP does not
TCP ensures ordered delivery; UDP packets may arrive out of order
TCP has flow and congestion control; UDP has neither
TCP header is 20-60 bytes; UDP header is a fixed 8 bytes
UDP supports broadcast and multicast; TCP does not

How TCP Works - The 3-Way Handshake

Before TCP sends a single byte, it establishes a connection:

SYN - Client says "I want to connect"
SYN-ACK - Server replies "I'm ready"
ACK - Client confirms "Let's go"

After this, every packet gets an acknowledgement. If an ACK doesn't arrive in time, TCP retransmits. This is why TCP is reliable but adds overhead - and why lost packets create delays.

Closing a TCP connection is a 4-step process (FIN, ACK, FIN, ACK) to ensure both sides finish sending data before disconnecting.

How UDP Works - Fire and Forget

UDP skips the handshake entirely. It wraps your data in a tiny 8-byte header and sends it - no connection state, no acknowledgements, no retransmission.

Why use an "unreliable" protocol? Because the application handles reliability itself, or simply doesn't need it:

Video streaming: a dropped frame is better than a half-second freeze
Online gaming: stale position data from 200ms ago is useless anyway
DNS lookups: a single small packet - if it drops, just re-send it
VoIP: a dropped 20ms audio slice sounds like a slight crackle, not a pause

Which Protocol Should You Use?

Use TCP when:

Data integrity is critical (HTTP/HTTPS, databases, file transfers, email)
You need confirmation that data arrived (API calls, authentication)
Packets must arrive in order (loading a web page, reading a file)

Use UDP when:

Speed matters more than perfection (live video, VoIP, gaming)
You can tolerate some packet loss
You're sending small, frequent messages (DNS, DHCP, IoT sensors)
You need broadcast or multicast (service discovery, mDNS)
You're building a custom transport (QUIC, used by HTTP/3, builds reliability on top of UDP)

ICMP - The Ping Protocol (No Ports)

One of the most common networking misconceptions: ping does not use a port number.

Ping uses ICMP - Internet Control Message Protocol - a Layer 3 protocol separate from TCP and UDP. ICMP has no concept of ports because it's a diagnostic protocol, not a transport protocol.

How ping works:

Your machine sends an ICMP Echo Request to the destination
The destination sends back an ICMP Echo Reply
Your machine measures the round-trip time

When developers say "ping port 80," they actually mean test a TCP connection to port 80. The right tools for testing specific ports are nc, telnet, or curl.

traceroute (Linux/Mac) and tracert (Windows) also use ICMP - they reveal each hop's IP and latency by sending packets with incrementally increasing TTL values.

If ping fails, don't assume the server is down. Firewalls commonly block ICMP. Use a TCP-based check instead.

Well-Known Ports Reference

Ports fall into three ranges:

Well-Known (0-1023): Assigned by IANA, require root/admin to bind
Registered (1024-49151): Assigned to specific apps, no root required
Dynamic/Ephemeral (49152-65535): Temporary client ports

Common ports every developer should know:

22 TCP - SSH
53 TCP/UDP - DNS
80 TCP - HTTP
443 TCP - HTTPS
3306 TCP - MySQL
5432 TCP - PostgreSQL
6379 TCP - Redis
27017 TCP - MongoDB
3000 TCP - React/Next.js/Node.js dev server
5173 TCP - Vite dev server
8000 TCP - Django/FastAPI
9200 TCP - Elasticsearch

Port Forwarding

Port forwarding lets you expose a server inside your local network to the public internet. Without it, your router's NAT blocks all incoming connections.

Your router has one public IP but assigns private IPs to your devices. Outbound connections work fine, but for incoming connections, the router needs a forwarding rule telling it which device to send traffic to.

Basic steps:

Find your server's LAN IP and set it as static via DHCP reservation
Access your router admin panel (usually 192.168.1.1 or 192.168.0.1)
Find the Port Forwarding / NAT / Virtual Server section
Create a rule: external port, internal IP, internal port, protocol
Test from outside your network (mobile data, not the same Wi-Fi)

Common problems:

Server bound to 127.0.0.1 instead of 0.0.0.0 - won't accept external traffic
Server-side firewall blocking the port even after router forwarding
ISP blocking ports 80/443 on residential lines - try port 8080
CGNAT making port forwarding impossible - use Cloudflare Tunnel or ngrok instead

TCP vs UDP in Real Applications

HTTP/1.1 and HTTP/2 use TCP. HTTP/3 uses QUIC over UDP, avoiding TCP's head-of-line blocking for significantly faster modern web apps.

DNS uses UDP port 53 for most queries but falls back to TCP for large responses and zone transfers.

Online games use UDP for game state updates - a dropped packet means a slightly stale frame, which is fine. A retransmitted packet would cause unplayable lag. They use TCP separately for reliable data like match results and auth.

VoIP apps use UDP for real-time audio. A dropped 20ms slice causes a slight crackle. TCP retransmission would cause jarring pauses.

WebSockets run over TCP and are ideal for chat, live dashboards, and collaborative editing.

Security Considerations

TCP SYN Flood: Attackers send thousands of SYN packets without completing the handshake, filling the server's connection table. Mitigations: SYN cookies, rate limiting.

UDP Amplification Attacks: Attackers spoof the source IP in small UDP requests to DNS/NTP servers, which send much larger responses to the victim. Mitigations: rate limiting, BCP38 validation.

Port scanning is standard for security auditing. Keep only necessary ports open and firewall everything else.

Conclusion

TCP: choose it when data must arrive complete, ordered, and error-free
UDP: choose it when speed matters more than perfect delivery
ICMP: not TCP or UDP - a diagnostic protocol with no ports
Port forwarding: maps an external router port to an internal IP:port

References

Original article: TCP vs UDP Explained - Key Differences, Use Cases & When to Use Each (2026) - DevToolLab
https://devtoollab.com/blog/tcp-vs-udp

DevToolLab Blog: https://devtoollab.com/blog

DevToolLab Tools: https://devtoollab.com/tools

Top MCP Servers Every Developer Should Install in 2026

Moksh Gupta — Fri, 29 May 2026 07:05:17 +0000

MCP (Model Context Protocol) hit 97 million SDK downloads per month in early 2026 - up from just 2 million when it launched in late 2024. Every major AI coding platform now supports it: Claude Code, Cursor, Windsurf, VS Code Copilot, and JetBrains AI. The public registry has crossed 9,400 servers.

But most MCP guides either list servers without context or go too deep into the spec. This guide focuses on what's actually worth installing, how to set it up, and what to watch out for.

What Is MCP and Why Does It Matter?

MCP is an open standard that lets AI assistants connect to external tools and data sources. Think of it like USB-C for AI - one standard that works across any client or model. Before MCP, every AI tool needed its own custom integration. Now a single server works with Claude, Cursor, and VS Code alike.

An MCP server exposes tools (actions the AI can take) and resources (data it can read). When you ask Claude "what issues are open on my repo?", it calls the GitHub MCP server, fetches the data, and returns it in a structured format.

How to Install MCP Servers

Setup varies slightly by client:

Claude Code: claude mcp add github -- npx -y @modelcontextprotocol/server-github
Cursor: Go to Settings > MCP > Add new server, or edit ~/.cursor/mcp.json
VS Code (Copilot): Add config to .vscode/mcp.json in your project folder

All clients use JSON-RPC under the hood. Local servers run over stdio; remote ones use HTTP/SSE.

Tier 1 - Must-Install MCP Servers

1. GitHub MCP Server

@modelcontextprotocol/server-github | Maintained by Anthropic (official)

The most-installed MCP server. Gives your AI full read/write access to GitHub - create issues, open PRs, search code, manage branches. Ask things like "create a PR for the current branch based on the diff" or "what PRs need my review?" and it just works.

Security tip: Use a fine-grained personal access token scoped only to the repos you need.

2. Context7 - Live Library Docs

@upstash/context7-mcp | Maintained by Upstash

Solves the biggest AI coding frustration: outdated training data. Context7 fetches current docs for any library and injects it into the AI's context. Ask about the latest React hook or Prisma API and get real answers, not 2023 guesses. No API key required - easiest high-value server to add.

3. Filesystem MCP Server

@modelcontextprotocol/server-filesystem | Maintained by Anthropic (official)

Gives your AI direct file read/write access within directories you specify. Essential when you want the AI working across projects. Always scope it to specific paths - never grant access to your home root or system directories.

4. Brave Search MCP

@modelcontextprotocol/server-brave-search | Maintained by Anthropic (official)

Adds real-time web search. When you ask about something after the model's training cutoff (new releases, recent CVEs), it searches and incorporates results. Requires a free Brave Search API key (2,000 queries/month on free tier).

Tier 2 - Situational Servers

5. PostgreSQL MCP

Connects your AI to a Postgres database for schema exploration and read queries. Ask "write a query to find all users inactive for 30 days" and get a real answer based on your actual schema. Always use a read-only database user.

6. Figma Dev Mode MCP

@figma/mcp | Maintained by Figma (official)

Lets your AI read Figma designs and generate accurate code from them. Share a Figma URL and ask "implement this component" - it fetches real design tokens, layout, and colors. Significantly cuts down the design-to-code interpretation gap.

7. Sentry MCP

Brings error tracking directly into the AI. Ask "what are the top errors in production right now?" and get actual stack traces with full context. Makes debugging much faster when the AI can see real error data.

8. Playwright MCP

@playwright/mcp | Maintained by Microsoft (official)

Gives your AI a browser it can control. Great for AI-assisted test writing, web scraping, and UI automation tasks.

Security - What You Need to Know

In April 2026, researchers disclosed an RCE vulnerability in the stdio transport used by many MCP servers. Anthropic and affected authors patched quickly, but it was a reminder that vetting servers matters.

Key rules:

Stick to vendor-maintained servers for anything touching production
Pin versions: use @package/server@1.2.3 instead of always fetching latest
Never hardcode API keys in JSON config files - use environment variables
Check .claude/mcp_settings.json in repos you clone - malicious configs are a real supply chain risk
Audit what each server can do before installing

Finding More Servers

The best registries are mcp.so and glama.ai/mcp/servers. When evaluating a community server: check the last commit date, look for a security policy, and read the README to understand exactly what permissions you're granting.

Conclusion

MCP has moved from experimental to production standard. Start with Context7 and GitHub MCP today - Context7 needs no API key and fixes outdated docs immediately; GitHub MCP takes two minutes and transforms how your AI understands your work.

Add Brave Search for real-time answers. Add Filesystem MCP when you want the AI across projects. Add PostgreSQL MCP when you want it to understand your schema.

Stick to vendor-maintained servers, review permissions carefully, and never hardcode credentials. The 9,400 servers in the registry represent a real new capability layer - the best ones are worth installing today.

References

Top MCP Servers for Developers in 2026 - DevToolLab
DevToolLab Blog: https://devtoollab.com/blog
DevToolLab Tools: https://devtoollab.com/tools

Top AI Code Review Tools in 2026: Tested, Compared & Ranked

Moksh Gupta — Fri, 29 May 2026 06:39:12 +0000

Over 51% of all GitHub commits in early 2026 are AI-generated or AI-assisted. That statistic creates a problem no one anticipated when AI coding tools first launched: who reviews the AI's code?

The answer, increasingly, is another AI. The AI code review market has grown rapidly alongside vibe coding and AI-first development workflows. But the category is fragmented there are PR-level reviewers, IDE inline analyzers, security scanners, and general-purpose AI assistants all claiming to do "code review." They work very differently, and picking the wrong one for your workflow is a real productivity cost.

This guide cuts through the noise. We explain what each category does, highlight the best tools in each, and give you a decision framework to help you choose what fits your actual situation.

Why AI Code Review Is Now Essential

Three converging trends make AI code review the category to watch in 2026:

AI-generated code has real quality problems. Research shows 45% of AI-generated code fails at least one OWASP Top 10 security check, and 53% of developers have found security vulnerabilities in AI-written code. When you use tools like Cursor, Claude Code, or GitHub Copilot to write 80% of a feature, you're shipping code you may not have read line by line.

Code review is a bottleneck. Stack Overflow's 2026 developer survey found code review wait time is the top-ranked productivity killer. For solo developers and small teams, reviews pile up and slow shipping. AI reviewers don't have calendars.

The security stakes are rising. As more non-developers ship production code via vibe coding, the need for automated security checks compounds. AI review tools catch issues like SQL injection, CORS misconfigurations, and hardcoded secrets before they ship.

Two Categories of AI Code Review

Before picking a tool, understand that "AI code review" means two distinct things.

1. PR-Level AI Reviewers

These run at the pull request level. When you open a PR on GitHub, GitLab, or Bitbucket, they automatically review the diff, post comments, summarize changes, and flag issues.

Best for: Teams with a PR workflow, catching issues before merge, automating the first-pass review.

Examples: CodeRabbit, Qodo, Greptile, PR-Agent.

2. IDE-Level AI Code Analysis

These run inside your editor (VS Code, Cursor, JetBrains) and provide real-time or on-demand feedback on the code you're writing.

Best for: Individual developers, catching issues as you write, learning from AI feedback in real time.

Examples: Cursor Bugbot, GitHub Copilot code review, Sourcery, Snyk AI, Checkmarx.

Top PR-Level AI Code Reviewers

1. CodeRabbit - Best Overall for Teams

CodeRabbit is the most widely adopted AI PR reviewer in 2026. It installs via GitHub/GitLab app in under two minutes, requires no configuration to get started, and begins reviewing every PR immediately. Its reviews are contextual - it understands the full diff, can trace how a change affects other parts of the codebase, and posts specific, actionable comments.

What CodeRabbit does well:

Summarizes PRs in plain English
Identifies logic errors, not just style issues
Learns from your codebase conventions over time
Supports @coderabbitai commands for interactive follow-up
Integrates with Jira, Linear, and GitHub Projects

Pricing: Free · Pro $24/user/month · Pro Plus $48/user/month · Enterprise custom

2. Qodo (formerly CodiumAI) - Best for Test-Focused Teams

Qodo focuses on behavior does this code actually do what the PR description says? It generates test cases for the changed code, identifies edge cases, and flags behavioral regressions.

What Qodo does well:

Auto-generates unit tests for changed code
"Integrity" analysis comparing code behavior to PR description
Edge case identification
CLI tool for local testing before pushing

Pricing: Free · Teams $30/user/month · Enterprise custom

3. Greptile - Best for Large Codebases

Greptile indexes your entire repository and builds a semantic understanding of how everything connects. When reviewing a PR, it can tell you how a change ripples through the rest of the codebase not just what changed in the diff, but what that change breaks elsewhere.

Pricing: Free (open source) · Pro $30/seat/month · Enterprise custom

4. PR-Agent - Best Free Option for Self-Hosted Teams

PR-Agent is an open-source PR review tool from the Qodo team. It's self-hostable, runs via CLI or GitHub Actions, and supports multiple model backends (OpenAI, Claude, Gemini, or local models via Ollama).

Pricing: Free (open source) - model API costs apply separately

Top IDE-Level AI Code Reviewers

5. Cursor Bugbot - Best for Cursor Users

Cursor's built-in Bugbot scans files as you edit them and flags potential bugs inline. No config, no extra cost (included in Cursor Pro).

6. GitHub Copilot Code Review - Best for Copilot Subscribers

GitHub Copilot added native PR review in late 2025. If your team already uses Copilot ($19/user/month), you can enable code review without adding another tool.

7. Sourcery - Best for Python Teams

Sourcery specializes in Python refactoring and code quality. Runs in VS Code, PyCharm, and CI with one-click refactoring suggestions.

Pricing: Free (open source) · Pro $12/month

Security-Focused AI Code Analysis

8. Snyk AI - Best for Developer-Friendly Security Scanning

Snyk integrates directly into VS Code, the CLI, and CI pipelines. It scans for known vulnerabilities (OWASP Top 10, CVEs in dependencies), and its AI layer explains each vulnerability in plain English with fix suggestions.

Key capabilities:

Dependency vulnerability scanning
SAST for code patterns
Container image scanning
IaC security (Terraform, Kubernetes)

Pricing: Free (limited) · Team $25/user/month · Enterprise custom

9. Checkmarx One - Best for Enterprise Compliance

Checkmarx One is the standard in regulated industries (finance, healthcare, government) that have mandatory SAST requirements. Generates compliance reports for SOC 2, PCI-DSS, HIPAA audits.

Pricing: Enterprise, custom pricing

10. Socket - Best for Supply Chain Security

Socket specifically targets the npm/PyPI/Maven supply chain - malicious packages, dependency confusion attacks, and typosquatting. Supply chain attacks through malicious npm packages are among the most common attack vectors for JS/TS codebases.

Pricing: Free (public repos) · Pro $10/user/month

How to Pick the Right Tool

Solo developer, open source: CodeRabbit free tier + Snyk for dependency scanning
Small startup team (2-10 devs): CodeRabbit Pro + Snyk Team
Test-obsessed team: Qodo instead of or alongside CodeRabbit
Privacy-first or self-hosted Git: PR-Agent with your own model backend
Compliance/regulated industry: Checkmarx One
Worried about supply chain: Add Socket to whatever else you use
Using Cursor already: Bugbot is on. Add CodeRabbit at the PR level

Building an AI Code Review Workflow

The most effective setups layer multiple tools:

IDE level (write time) - Cursor Bugbot or GitHub Copilot catches obvious errors as you type
Pre-commit (local) - Snyk CLI for dependency + SAST scan, Socket for supply chain checks
PR level (review time) - CodeRabbit or Qodo for full diff review and comments
Security (scheduled) - Snyk weekly full project scan, Dependabot for automated dependency updates

Start with the PR level. Add Snyk when you're ready to take security seriously. Layer in IDE tooling as your workflow matures.

A Note on AI Reviewing AI

One concern worth addressing: does it make sense to use AI to review AI-generated code? Isn't it circular?

Not really. The AI doing the review is different from the AI that wrote the code - different training, different context, different specialization. The most common errors in AI-generated code are predictable categories: missing input validation, insecure defaults, incorrect error handling, performance anti-patterns. AI reviewers are specifically trained to spot these.

The workflow that works: AI generates code → AI reviews it for common errors → human reviews the AI reviewer's output and overall logic.

Conclusion

The AI code review category exists because of a gap that AI coding tools created and cannot close themselves. When 51% of committed code is AI-generated, and 45% of that code has a security flaw, the review layer is not optional.

For most developers and teams: start with CodeRabbit free tier for PR-level review, and add Snyk for security scanning. Both are free for open-source projects.

Everything else is optimization: Qodo for test coverage, Greptile for cross-codebase impact analysis, PR-Agent for self-hosted setups, Checkmarx for compliance mandates.

References

Original article: Best AI Code Review Tools in 2026: Tested & Ranked - DevToolLab
DevToolLab Blog: https://devtoollab.com/blog

IGMP Snooping

Moksh Gupta — Wed, 20 Nov 2024 04:22:59 +0000

Discover the Power of IGMP Snooping

Learn how IGMP Snooping prevents multicast traffic flooding, improves network efficiency, and secures data delivery. This guide explores its functionality, benefits, and advanced configurations for VLANs and IGMP queries.

Key Highlights:

1. What is IGMP Snooping?

Optimizes multicast traffic by directing it only to relevant devices.
Prevents flooding across VLANs.

2. How it Works:

Monitors IGMP messages to build multicast forwarding tables.
Sends multicast traffic only to ports with group memberships.

3. Benefits:

Prevents bandwidth waste and enhances security.
Speeds up network performance for applications like streaming and gaming.

4. Advanced Configurations:

Supports VLANs, Routed VLAN Interfaces (RVI), and Private VLANs (PVLANs).
Enables fine-grained traffic control with IGMP queriers.

Explore the blog for detailed configurations and best practices: https://pinggy.io/blog/igmp_snooping