TCP/IP First-Step [Electronic resources] نسخه متنی

A Closer Look at Port Numbers

You have seen how both TCP and UDP use port numbers as a form of application address. You learned how this information is explicitly embedded in the header of each packet that those two protocols create. The concept of port numbers or why they are so critical to the health and well-being of the Internet and other TCP/IP networks.

In order for people and/or machines to communicate, it is essential that they agree on each other's addresses. This correlation between popular applications and their TCP/IP port numbers is maintained by Internet Assigned Numbers Authority (IANA) as a courtesy to maintain the Internet's operating integrity. Otherwise, absolute chaos would set in! If we didn't have such a list, one of two things would have to happen:

Each application on a computer would have to listen to every port to figure out which, if any, inbound calls were destined to it.

Computer operating systems would have to become much more sophisticated and adept at figuring out how to forward packets of data received from the network.

Either way, your computer's workload would spike up and the performance of communicating applications would hit the floor.

socket is the concatenation of the source machine's IP address, source port address, the destination machine's IP, and port addresses. Together these components uniquely identify a specific communications session between the source computer and destination application.

TCP and UDP both utilize port numbers to uniquely identify an application. In fact, the concatenation of the source machine's IP address and port number with the destination machine's IP and port number form a socket. By virtue of how it is formed, a socket can uniquely describe a specific communications session. These numbers, particularly destination port addresses, are not just randomly picked. In fact, to avoid confusion many applications use the same port number all the time. That's not always the case! When you research port numbers you'll find four categories:

Well-known port numbers

Registered port numbers

Dynamic port numbers

Private port numbers

Although they work the same from TCP/IP's perspective, they differ in a few significant ways, including their numeric range, how they get assigned to a specific application, and whether any given port number is assigned to the same host for both TCP and UDP.

That last point is a subtle but critical one. Remember: Port numbers are application addresses. Applications tend to be developed to use either TCP or UDP depending upon their network performance requirements (timely versus guaranteed delivery, for instance). Thus, it makes sense to keep two lists of port assignments: one for TCP and one for UDP. That is, in fact, the way it is done. However, to avoid confusion it has become common practice for an application to be assigned the port number it needs in both the TCP and UDP lists of assigned ports.

When you stop to think about keeping lists of port assignments per application, one question might pop into your head: Who is responsible for creating and maintaining that list? Fair question! The answer is Internet Assigned Numbers Authority (IANA). IANA is part of the Internet Engineering Task Force (IETF), the guardians of the Internet's technology.

Let me take a few minutes to walk you through some of the other critical differences between port number types. Table 5-1 shows you a bit more detail at a glance about the various types of port numbers.

If that range sounds weird to you, please take a moment to calculate out 2 to the 16th power. The number 16 is significant because the port number is a 16-bit binary number. In binary, you only have two symbols to work with: 0 and 1. Calculating 2 (for example, the number of symbols) to the 16th (for example, the number of digits in the address) power gives you the total number of unique addresses possible with a number of that size. You find that 2 to the 16th power works out to be 65,536. Because you start counting at 0 instead of 1, you have a range of 65,536 valid addresses that ends at 65,535.

Well-Known Port Numbers

The well-known port numbers represent some of the oldestbut not necessarily the most widely usedapplications on the Internet. To be fair, some of the well-known port numbers are assigned to truly indispensable applications such as e-mail (port 25) or the World Wide Web (port 80). Others are so esotericincluding the Quote of the Day in port 17as to have faded into obscurity.

IANA regulates membership in this exclusive club. Software developers or standards bodies must have IANA review and approve their application and/or technology before it can receive one of the precious few well-known port numbers still unassigned. A couple of criteria must be met before any application or proposed technology qualifies for a well-known port number. Perhaps the most stringent requirement is that it must be a system-level process! That means that it's not something you will ever find yourself consciously running or using. Instead, it will be a process kicked off by an application that you use.

One way to better appreciate the complexity of port numbers is to look at the WWW. Although that application uses well-known port 80, you don't run it directly. Instead, you launch your browser and your browser runs WWW. Perhaps a better example is Doom. You can play the game Doom against the computer or against someone else across a network. In either case, you are launching the same application. When you play against the computer, you have no need to communicate. Consequently, you are not using TCP/IP. However, when you choose to play against an opponent elsewhere on the network, you are using TCP/IP. In that case, Doom launches a background task to handle the communications between you and your opponent. That background task meets the criteria for a well-known port number. Perhaps in an effort to prove that even standards bodies have a sense of humor, Doom was assigned the well-known port number 666.

Upon approval by IANA, a well-known port number is assigned to that piece of software from both the TCP and UDP lists of assigned numbers. Thus, port 80 is assigned to the WWW on both lists even though it may not be used by both protocols. That's just to avoid confusion.

If your curiosity has been piqued, you can find a complete list of all well-known and registered port numbers in an online database at http://www.iana.org/assignments/port-numbers.

Registered Port Numbers

The next category that IANA maintains is known as the list of registered port numbers. As with well-known port numbers, applications that receive registered port numbers usually receive that number from both the TCP and UDP lists. Again, that's just to avoid confusion and does not indicate that an application needs both to function properly.

The key distinction between a well-known and registered port number is that registered port numbers are assigned to applications that can be run directly by people. If you'll recall, well-known port numbers are only assigned to system-level processes that users can't directly run. Registered port numbers span from number 1024 to 49151.

Private and Dynamic Port Numbers

The last two categories of port numbers are private and dynamic. Although these different tools serve different purposes, a couple of similarities make it logical to look at them together. For example, both share the range from port address number 49152 through 65535. IANA doesn't regulate this range of port addresses. That's not necessarily either a good thing or a bad thing; it just creates yet another option for software manufacturers.

Instead of going through the potentially arduous process of getting approval for either a well-known or registered port number, it may be quicker and easier to just develop your application software to use the next available port number from a pool of available numbers. Thus, your software would monitor a range of addresses and coordinate with the application to determine which free port to use. That coordination is a dynamic process and you can't reliably predict which port number will get assigned to your communications session. This coordination would have to occur each time you run that application.

Private port addresses are a close cousin to dynamic port addresses. Rather than develop your software to select the next available port number, you can further simplify your workload by picking an oddball port number from this range. This is sort of a luck-of-the-draw approach to developing applications: There are no guarantees! In theory, by picking a port number from this range of addresses you won't have any conflicts from the applications that dynamically choose ports because they will see that port in use and select a different one.

The other worry is that two or more applications will have been written to use the same port number. That's a risk, but is mitigated by the sheer number of addresses available in this range. What are the odds that you will need two applications that were both designed to use the same application? Pretty remote! Generally speaking, this high range of port addresses is used by applications that either don't have extensive communications requirements or are relatively unsophisticated and inexpensive. That's a polite way of saying quick-and-dirty applications.