TCP/IP Ports and Sockets Explained

tcp-portsOn a TCP/IP network every device must have an IP address.

The IP address identifies the device e.g. computer.

However an IP address alone is not sufficient for running network applications, as a computer can run multiple applications and/or services.

Just as the IP address identifies the computer, The network port identifies the application or service running on the computer.

The use of ports allow computers/devices to run multiple services/applications.

The diagram below shows a computer to computer connection and identifies the IP addresses and ports.





TCP-IP-ports-sockets

Analogy

If you use a house or apartment block analogy the IP address corresponds to the street address.

All of the apartments share the same street address.

However each apartment also has an apartment number which corresponds to the Port number.

Port Number Ranges and Well Known Ports

A port number uses 16 bits and so can therefore have a value from 0 to 65535 decimal

Port numbers are divided into ranges as follows:

Port numbers 0-1023 – Well known ports. These are allocated to server services by the Internet Assigned Numbers Authority (IANA). e.g Web servers normally use port 80 and SMTP servers use port 25 (see diagram above).

Ports 1024-49151- Registered Port -These can be registered for services with the IANA and should be treated as semi-reserved. User written programs should not use these ports.

Ports 49152-65535– These are used by client programs and you are free to use these in client programs. When a Web browser connects to a web server the browser will allocate itself a port in this range. Also known as ephemeral ports.

TCP Sockets

A connection between two computers uses a socket.

A socket is the combination of IP address plus port

Each end of the connection will have a socket.

Imagine sitting on your PC at home, and you have two browser windows open.

One looking at the Google website, and the other at the Yahoo website.

The connection to Google would be:

Your PC – IP1+port 60200 ——– Google IP2 +port 80 (standard port)

The combination IP1+60200 = the socket on the client computer and IP2 + port 80 = destination socket on the Google server.

The connection to Yahoo would be:

your PC – IP1+port 60401 ——–Yahoo IP3 +port 80 (standard port)

The combination IP1+60401 = the socket on the client computer and IP3 + port 80 = destination socket on the Yahoo server.

Notes: IP1 is the IP address of your PC. Client port numbers are dynamically assigned, and can be reused once the session is closed.

TCP and UDP -The Transport Layer

Note: You may find reading the article on the TCP/IP protocol suite useful to understand the following

IP addresses are implemented at the networking layer which is the IP layer.

Ports are implemented at the transport layer as part of the TCP or UDP header as shown in the schematic below:

tcp-ip-packet

The TCP/IP protocol supports two types of port- TCP Port and UDP Port.

TCP – is for connection orientated applications. It has built in error checking and will re transmit missing packets.

UDP – is for connection less applications. It has no has built in error checking and will not re transmit missing packets.

Applications are designed to use either the UDP or TCP transport layer protocol depending on the type of connection they require.

For example a web server normally uses TCP port 80.

It can use any port, but the web server application is designed to use a TCP connection. See TCP vs UDP

Here is a very good video that explains ports and sockets really well

Checking For Open Ports

Windows and Linux systems have a utility called netstat which will give you a list of open ports on your computer.

These articles show you how to use netstat on windows and on linux.

You can check the port status of remote machines using a port scanner line nmap.

You can install NMAP on windows,Linux and Apple. It can be used with a graphical user interface of as a command line tool.

Here is a useful article on using NMAP from the command line.

Here is a good video on using Nmap and also covers TCP/IP connection procedures which is useful for understanding ports.

References and resources:

TCP and UDP basics -Connecting to a website- This is for programmers but there is no coding just an explanation of ports and sockets.

Connection states– if you are wondering what established and listening and the other state descriptions mean. here is a good state diagram that it refers to.

Online port tester Collection of tools for port scanning and web server testing.



Related Articles:

Please rate? And use Comments to let me know more

58 comments

  1. I have a problem with an application that uses fixed source ports in the communication with the server.
    If the communication ends for some reason the clients tries to put the communication up again using the same source port. The problem is that the server have not gotten a fin packet that takes down the communication and it still listens for the communication from the client in a ESTABLISHED status if you run netstat -a on the server. If the client had not used fixed ports I would think that the communication would reconnect with a new session because the client had used “+1” on its source port and the server would connect the communication with a new socket.

    Is there a “best practice” rfc that explains why it is not a good idea to use fixed ports?

  2. Wonderful, I’ve sent it over email along with some info
    It runs on Ubuntu
    Thank you for your time on this and God bless
    Al

  3. Hi

    I have a software which creates 4 sockets with apparently random numbers (the person who developed left no documentation)

    However, the client which connects to it only sends over port 9091

    Is there a way to interconnect those random number sockets and port 9091 so the client is able to connect to the software?

    Thanks in advance and God bless

    1. Hi
      It sounds like the software is supposed to be a server which usually has fixed ports. What does the software do?

      1. It receives video data, connects to a MariaDB server, and serves as an API to it, receiving calls from a mobile app and sending customer data back

        I wonder if the reason why it opens 4 sockets is to receive and send video data and receive and send customer data

        Either way, the problem is that it creates sockets of random numbers instead of a 9091 port which is what the android app uses

        Below its log, hope that sheds some light and thanks

        [0121/06/01 12:55:01][0000-00000001] SDSS int server v1.2.0 – b6 (01/03/2021) run up at Thu Jul 1 12:55:01 2021
        [0121/06/01 12:55:01][0000-00000002] debug level set to 99
        [0121/06/01 12:55:01][0000-00000003] args[ ./dvis -d99 ]
        [0121/06/01 12:55:01][0000-00000004] startup info follows:
        [0121/06/01 12:55:01][0000-00000005] stdin handle 0
        [0121/06/01 12:55:01][0000-00000006] openSQL( 0x5f687580 )
        [0121/06/01 12:55:01][0000-00000007] openSQL: Connection successful to ‘127.0.0.1’ as ‘sa’
        [0121/06/01 12:55:01][0000-00000008] hostname being used is ‘stipra.com’
        [0121/06/01 12:55:01][0000-00000009] get_ipaddress()
        [0121/06/01 12:55:01][0000-00000010] lo IP Address 127.0.0.1
        [0121/06/01 12:55:01][0000-00000011] wlo1 IP Address 192.168.1.142
        [0121/06/01 12:55:01][0000-00000012] lo IP Address ::1
        [0121/06/01 12:55:01][0000-00000013] wlo1 IP Address fe80::d6a7:186d:aa86:5311
        [0121/06/01 12:55:01][0000-00000014] get_ipaddress: returning an IP4 address of 192.168.1.142
        [0121/06/01 12:55:01][0000-00000015] Running on server stipra.com IP address 192.168.1.142
        [0121/06/01 12:55:01][0000-00000016] setsockopt returned 0, errno 11
        [0121/06/01 12:55:01][0000-00000017] sockets created
        [0121/06/01 12:55:01][0000-00000018] 63420
        [0121/06/01 12:55:01][0000-00000019] 29616
        [0121/06/01 12:55:01][0000-00000020] 6052
        [0121/06/01 12:55:01][0000-00000021] 43464
        [0121/06/01 12:55:01][0000-00000022] wait_for_cmd(0x1)
        [0121/06/01 12:55:01][0000-00000023] stdin(0)
        [0121/06/01 12:55:01][0000-00000024] recv_d( 0, 0x7f90fdd4e010, 8 )
        [0121/06/01 12:56:01][0000-00000025] recv_d: Select timeout, retrying
        [0121/06/01 12:57:01][0000-00000026] recv_d: Select timeout, retrying
        [0121/06/01 12:58:01][0000-00000027] recv_d: Select timeout, retrying
        [0121/06/01 12:59:01][0000-00000028] recv_d: Select timeout, retrying
        [0121/06/01 13:00:01][0000-00000029] recv_d: Select timeout, retrying
        [0121/06/01 13:01:01][0000-00000030] recv_d: Select timeout, retrying
        [0121/06/01 13:02:01][0000-00000031] recv_d: Select timeout, retrying
        [0121/06/01 13:03:01][0000-00000032] recv_d: Select timeout, retrying
        [0121/06/01 13:04:01][0000-00000033] recv_d: Select timeout, retrying
        [0121/06/01 13:05:01][0000-00000034] recv_d: Select timeout, retrying
        [0121/06/01 13:06:01][0000-00000035] recv_d: Select timeout, retrying
        [0121/06/01 13:07:01][0000-00000036] recv_d: Select timeout, retrying
        [0121/06/01 13:08:01][0000-00000037] recv_d: Select timeout, retrying
        [0121/06/01 13:09:01][0000-00000038] recv_d: Select timeout, retrying
        [0121/06/01 13:10:01][0000-00000039] recv_d: Select timeout, retrying
        [0121/06/01 13:10:01][0000-00000040] wait_for_cmd: Initial receive is not 8 bytes
        [0121/06/01 13:10:01][0000-00000041] pipe broken exiting

        1. Sorry don’t know, It looks like it is creating client connections but not sure what to.
          When you say it receives video data I assume that that is coming in on a port. The database would need another. The mobile app is used to view the video I assume.
          Is any part of it working.
          Where is the mobile App located(internet or same network).
          Is this a standard kit or is it put together by yourself?
          Rgds
          Steve

          1. The software creates 4 sockets with random port numbers but none of them are the port 9091 which the APP uses. The mobile App is on the internet.

            The software connects to a tunnel connection 10.8.0.0, which leads me to believe it requires the creation of some kind of tunnel to capture anything received from the internet on port 9091 from 192.168.1.142 and forward it to those 4 sockets through some kind of dynamic port forwarding thing or something like that

            I tried to use ssh -D 192.168.1.142:9091 -N -f user@10.8.0.0 and I am able to telnet 192.168.1.142 and connect the app, but no data seems to go or come back 🙁

            The software connects to the database, and that’s actually the only thing it is doing well

          2. Does it have any setup instructions. Is it off the shelf software and does it have a website that I can take a look at.
            Rgds
            Steve

          3. It is a bespoke software made by a person who left the company and never left any documentation.
            It is developed in C++ 32 bits
            I can send it to your email which I believe is steve@steves-internet-guide.com as it is rather small, along with how to run itm (the little I know at least)

  4. Hi, I have a question, is it possible for me to run 2 applications and connect to different ip but using same port number (example 6000) ?

    1. Yes you are doing that when you connect to two different websites as they both use port 80
      rgds
      steve

  5. So I have a question. Let’s say there is a webserver A which hosts a website and that server A has the port 443 open and let’s say I have written a code as part of a webpage on that website and that code connects to a remote server B to get some data. Can server A somehow restrict me and only allow connections to the port 443 on the remote server B and not allow me to connect me to any other port on remote server B? Have you seen such a restriction before and if yes then what would be the reason behind such a restriction?
    Thank you

    1. Not quite sure exactly what restriction you mean but you can restrict on destination port and ip and source port and IP if that helps
      rgds
      steve

      1. Hi Steve,
        So here is the scenario. The webserver A has the port 443 open for any incoming requests. The webserver A hosts a website and one of the pages of that website has C# code which makes API calls to a remote server B. I was told by the network admin of Webserver A that the C# API call should be made only to the port 443 of the remote server B.
        Currently the remote server B has port 7093 open and it’s listening to any API requests on that port.
        So my questions are:-
        1. Is it possible for the network admin to disallow API calls to ports other than 443?
        2. What could be the reason for such a restriction? After all, how can restricting a destination port give you any sort of advantage? Port is just a number on which the server listens. Please help.
        Thank you

        1. Yes
          you can filter incoming traffic on port, ip address and protocol even on basic firewalls.
          Restricting ports is for security reasons
          Rgds
          Steve

  6. I want to read a data from a machine which supports open protocol if the machine is in network and if I know IP address and port number(socket) how can I read a data from it(I know it send and receive data in packet format )

  7. Thank you, Steve!
    Is it possible with TCP/IP sockets to send requests to one IP:PORT and listen for responses on a different IP:PORT. E.g. we want to send to a load balancer IP but listen for response on localhost.

  8. Question: When a program on your computer sends or receives data over the Internet it sends that data to an ip address and a specific port on the remote computer. How does my computer know what port a specific application is working on another computer to populate the TCP Header?

  9. Hi Steve,
    Thanks for the tutorial can you please help me with the following issue
    I have multiple devices connected to the same network and I want to transfer data across them, how can I transmit the data the IP of some devices changes after a particular time I can keep the port number constant but the devices don’t know each others IP address and also I don’t want to use UDP because it is not reliable

  10. Hi,

    Great site. I have a quick question. If I receive a UDP datagram using recvmsg(), will the msghdr structure be filled out with the sender’s IP and port (in the msg_name field, which is a sockaddr struct)?

    Many thanks.

  11. hi ,I have some questions
    When using TCP protocol, the client must use in its message the IP address and Port number of the server. And it must also include its own IP address and port number. why?

    4- When using UDP protocol, the client is required to use in its message the IP address and Port number of the server. But it is not required to include its own IP address and port number.why?

    1. TCP is a connection orientated protocol and so the destination device needs to know who to send a reply to.
      UDP is connectionless and so doesn’t require a response and hence the source IP address is optional.
      Rgds
      Steve

  12. Hi Steve,

    Can Server and client share the port number, eg : Server is listening at port num : 51001 and client also listens on the same port num : 510001 .

    Can you pls explain this

    1. Yes providing they are on different hardware.
      A port is simply a door into the machine the numbers themselves aren’t really important except for the conventions already adopted and standardised. Machines use 16bits for the port numbers hence the limitation of 64,000.

  13. Good job Steve. I have a question, and it goes like this: if i have 2 browsers from my PC connecting to the same service, for example both browsers are connecting to google.com, does that mean that the two browsers from my computer are connecting to the same socket in the google server? Meaning can more than one socket connect to a socket at the same time?

  14. Hi, Thanks for this information sharing. It is very well explained.
    I have following doubt,
    What I understand is TCP protocol takes care of data transmission error that duplication of packets or packet in true form delivered to other end. This is not done in UDP protocol. But when I see the Schematic of TCP, UDP & IP in your article I do not find any block for error checking in TCP where as UDP has checksum. Could you please clear my doubt.

  15. In above example, google application/service and yahoo application/service both uses same port number i.e:80.
    Then there should be ambiguity that is to which application/service it should refer to either google or yahoo ;How it knows that it is google or yahoo as both has same port number?
    Answer will help me alot.

    1. Google and Yaoo have different IP addresses. When you connect to google you use Google_IP +port 80.
      When you connect to Yahoo you connect to Yahoo_IP + port 80.
      Does that make sense?
      rgds
      steve

    2. The IP address of google and yahoo is different.
      say for google 172.13.73.130
      and for yahoo 172.23.73.128
      so even accessing the same port the two sockets will be totally different and hence different connections.

      using the real world analogy two rooms of two different apartments may have the same room number and hence two server system may have same port number as well.

    3. The port number 80 is the open port of server.here Google server had an open port (80) also Yahoo had an open port (80).

      Both Google and Yahoo had different IP addresses.

      If I want to connect Google server,I will open a new port,for example I will open port 5000, at the same time I will open another port 5002 to connect with Yahoo server.

      Example :

      My IP + 5000 — connects — Google IP + 80

      My IP + 5002 — connects — Yahoo IP + 80

  16. Hi! keep up the good work. I have few doubts though, hope you can clear them:
    1. Can you tell if a server uses a single port 80 on all of its connections to clients? Or is it used only by the Welcoming socket?
    Can port 80 handle multiple connections simultaneously?

    1. A port (e.g port 80) can handle multiple connections each connection is a socket and will have a different source IP address and port number.

    2. No… a session needs to be established at said layer. A is lessening on port 443 (SSL) for incoming packets and firewall infront is in addition to alllowing 443 to A also policing 25, 80 etc
      Whatever….

  17. The way you explain ed it, now it’s very easy understand the whole thing thanks alot sir .

Leave a Reply

Your email address will not be published. Required fields are marked *