Networking – Relation Between Port, Port Number, and Protocol

networking

  1. Is a "port" a communication endpoint (in the transport layer)?

    Is a "port number" an address assigned to a port?

    Given a port, can we change the port number assigned to it, similar to
    that it is possible to change the IP address assigned to a network interface?

  2. From https://en.wikipedia.org/wiki/Network_socket

    sockets with TCP port 53 and UDP port 53 are distinct sockets

    What does the quote mean? Specifically,

    • Can a port be used by two transport protocols (e.g. TCP and UDP) simultaneously? (My understanding is that a port is part of a
      transport protocol, and can't belong to another protocol even at a
      different time.)

    • Does the quote mean that a port number 53 can be assigned to a port in TCP and to a port in UDP at different times (but not
      simultaneously)?

Best Answer

A computer can have one or more IP addresses.

Some IP protocols, like ICMP, only need IP addresses to communicate. Others, like UDP and TCP, require that packets be addressed to a port as well as an IP address. Generally you have a program implementing a service listen on a well-known port so that other systems know how to contact it. An ssh server will, for example, listen on port 22/tcp:

$ netstat -a -t
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 *:ssh                   *:*                     LISTEN     

$ netstat -a -t -n
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN

The netstat program will give symbolic names to port numbers, by looking in /etc/services, and a program such as sshd would call getservbyname("ssh","tcp") to convert a name to a port number.

If you listen on IP address 0.0.0.0, that means to listen on all of a system's IP addresses, and that's why netstat prints a *.

The ssh server doesn't have to listen on port 22. You can change its config file to listen on port 8022, say. As long as the remote user knows the port number, and any intervening firewalls allow traffic to port 8022, it'll work.

For hundreds of services around the world, the well-known port numbers are maintained in the Service Name and Transport Protocol Port Number Registry. It's a superset of your local system's /etc/services.

A socket is a communications endpoint. Before it can be used, it must be bound to an IP address, port number, and protocol. If it's using TCP, it must then be connected to another socket before packets can be exchanged. A server calls socket to create a socket, bind to bind it, and listen to listen for connections. A client uses socket and bind, then connect to connect to a server. (The call to bind is optional for a client; when connect is called, the system will allocate an unused port and pick an appropriate IP address to bind to the socket.)

sockets with TCP port 53 and UDP port 53 are distinct sockets

If a service can be offered on both TCP and UDP, it's customary for the port number to be the same in both protocols. In the above case, you'd probably have a single DNS server that creates two sockets, one listening on 0.0.0.0:53/tcp and the other listening on 0.0.0.0:53/udp.

Some older services were designed to run on only one protocol, and in those cases you may see two services using the same port number (but of course on different protocols). For example, 512/tcp is for rexec, but 512/udp is for biff. Systems like this have completely different programs listening on the ports. rexecd listens on 512/tcp, and comsat listens on 512/udp.

Related Question