TCP and UDP port

From Wikipedia, the free encyclopedia

In the TCP and UDP protocols used in computer networking, a Port is a special number present in the header of a data packet. Ports are typically used to map data to a particular process running on a computer.

Contents

[hide]

[edit] Background

Ports can be readily explained with an analogy: think of IP addresses as the street address of an apartment building, and the port number as the number of a particular apartment within that building. If a letter (a data packet) is sent to the apartment building (IP) without an apartment number (port number) on it, then nobody knows who (which service) it is for. In order for the delivery to work, the sender needs to include an apartment number along with the address to ensure the letter gets to the right domicile.

As an example, a server used for sending and receiving email may provide both an SMTP (for sending) and a POP3 (for receiving) service; these will be handled by different server processes, and the port number will be used to determine which data is associated with which process. By convention, the SMTP server will listen on port 25, while POP3 will listen on port 110, although it is possible to use different ports.

Not all network transport layers use network ports; for example, although UDP and TCP use ports, ICMP does not.

[edit] Use in URLs

Port numbers can occasionally be seen in the URLs of websites. By default, HTTP uses port 80 and HTTPS uses port 443, but a URL like http://www.example.com:8000/blah/ would try to connect to an HTTP server on port 8000 instead of the default port 80.

[edit] Technical details

In both TCP (Transmission Control Protocol) and UDP, each packet header will specify a source port and a destination port, each of which is a 16-bit unsigned integer (i. e. ranging from 0 to 65535), as well as specifying the source and destination network addresses (IP-numbers) among other things. A process may "bind" to a particular port to send and receive data, meaning that it will listen for incoming packets whose destination port matches that port number, and/or send outgoing packets whose source port is set to that port number. Processes may also bind to multiple ports.

Applications implementing common services will normally listen on specific port numbers which have been defined by convention for use with the given protocol — see list of TCP and UDP port numbers. Typically, these will be low port numbers, and in Unix only processes owned by the superuser can listen on port numbers from 0 to 1023; this is for security to prevent untrusted processes from acting as system services. Conversely, the client end of the connection will typically use a varying, high port number (ephemeral port).

Because the port number forms part of the packet header, it is readily interpreted not only by the sending and receiving computers, but also by other aspects of the networking infrastructure. In particular, firewalls (whether implemented in hardware or software) are commonly configured to respond differently to packets depending on their source and/or destination port numbers. Port forwarding is one application of this.

Processes implement connections to TCP and UDP ports by means of sockets. A socket is a transport end-point, which a process can create and then bind to a socket address; in TCP or UDP, a socket address consists of a combination of a port and an IP address. Sockets may be set to send/receive data in one direction at a time, called half duplex, or simultaneously in both directions, called full duplex. (Aside from TCP and UDP ports, sockets may also be bound to software network ports to connect internal programs on a single computer system.)

Because different services commonly listen on different port numbers as discussed, the practice of attempting to connect in sequence to a wide range of services on a single computer is commonly known as port scanning; this is usually associated either with malicious cracking attempts or with a search for possible vulnerabilities to help prevent such attacks.

Port connection attempts are frequently monitored and logged by computers connected to networks. The technique of port knocking uses a series of port connections or "knocks" from a client computer to enable a server connection.

[edit] Common ports

See list of TCP and UDP port numbers.

[edit] IANA

The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources.

The port numbers are divided into three ranges: the Well Known Ports, the Registered Ports, and the Dynamic and/or Private Ports.

The Well Known Ports are those from 0 through 1023. DCCP Well Known ports SHOULD NOT be used without IANA registration. The registration procedure is defined in RFC4340, Section 19.9.

The Registered Ports are those from 1024 through 49151 DCCP Registered ports SHOULD NOT be used without IANA registration. The registration procedure is defined in [RFC4340], Section 19.9.

A list of registered ports can be found on the IANA Website - http://www.iana.org/assignments/port-numbers