TCP and UDP port

From Wikipedia, the free encyclopedia

Jump to: navigation, search

In computer networking, a port is an application-specific or process-specific software construct serving as a communications endpoint used by Transport Layer protocols of the Internet Protocol Suite such as Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). A specific port is identified by its number, commonly known as the port number, the IP address it is associated with, and the protocol used for communication.


[edit] Technical details

Transport Layer protocols, such as TCP, UDP, SCTP, and DCCP, specify a source and destination port number in their packet headers. A port number is a 16-bit unsigned integer, thus ranging from 0 to 65535. A process associates with a particular port (known as binding) to send and receive data, meaning that it will listen for incoming packets whose destination port number and IP destination address match that port, and/or send outgoing packets whose source port number is set to that port. Processes may bind to multiple ports.

Applications implementing common services will normally listen on specific port numbers which are defined by convention for use with the given protocol — see list of TCP and UDP port numbers. Typically, these will be low port numbers. In many Unix-like operating systems only processes owned by the superuser can create ports with numbers from 0 to 1023. This is for security purposes to prevent untrusted processes from providing system services. Conversely, the client end of a connection will typically use a high port number allocated for short term use (ephemeral port).

Because the port number is contained in the packet header, it is readily interpreted not only by the sending and receiving computers, but also by other components of the networking infrastructure. In particular, firewalls are commonly configured to differentiate between packets depending on their source and/or destination port numbers. Port forwarding is an example application of this.

Processes implement connections to transport protocol ports by means of sockets. A socket is the software structure used as the transport end-point. It is created by the process and bound to a socket address which consists of a combination of a port number and an IP address. Sockets may be set to send/receive data in one direction at a time (half duplex) or simultaneously in both directions (full duplex).

Because different services commonly listen on different port numbers, the practice of attempting to connect in sequence to a wide range of services on a single computer is commonly known as port scanning. This is usually associated either with malicious cracking attempts or with a search for possible vulnerabilities to help prevent such attacks.

Port connection attempts are frequently monitored and logged by computers. The technique of port knocking uses a series of port connections ("knocks") from a client computer to enable a server connection.

[edit] Example

An example for the use of ports is the Internet mail system (e-mail). A server used for sending and receiving e-mail provides both an SMTP service (for sending) and a POP3 service (for receiving). These are handled by different server processes, and the port number is used to determine which data is associated with which process. By convention, the SMTP server listens on port 25, while POP3 listens on port 110.

The concept of ports can be readily explained with an analogy: think of IP addresses as the street address of an apartment building, and the port number as the number of a particular apartment within that building. If a letter (a data packet) is sent to the apartment building (IP) without an apartment number (port number) on it, then nobody knows whom (which service) it is intended for. In order for the delivery to be successful, the sender needs to include an apartment number along with the address to ensure the letter gets to the right domicile.

Another way to explain this concept is to imagine the IP address is your house address, and the port number indicates whether the package goes to your post box or milk box or newspaper box or delivered to a particular person. We could say, therefore, that once the packet arrives at your IP address (computer), the port number decides whether the packet should be sent to the mailing application or other application.

[edit] Use in URLs

Port numbers can occasionally be seen in the URLs of websites or other services. By default, HTTP uses port 80 and HTTPS uses port 443, but a URL like would try to connect to an HTTP server on port 8000 instead of the default port 80.

[edit] Common port numbers

The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources. This includes the registration of commonly used port numbers for well-known Internet services.

The port numbers are divided into three ranges: the Well Known Ports, the Registered Ports, and the Dynamic or Private Ports.

The Well Known Ports are those from 0 through 1023.

The Registered Ports are those from 1024 through 49151.

A list of registered ports can be found on the IANA Website -

Personal tools