Why do you say "TCP port"? - port

I'm learning networking and sockets and there's something I don't understand. I often heard about "TCP ports"
But I think ports are related to the application layer (80 for HTTP servers for example).
So why don't you say "applications ports" ? Why port seems associated with TCP layer (it should be associated with an higher layer) ?
For me ports have nothing to do with TCP protocol
Thanks

Your understanding is incorrect, and you need to clarify this point before moving on to other networking concepts.
Port is a fundamental concept of TCP.
TCP is a bidirectional communication protocol between two endpoints (Source and Destination), which are identified by 2 things: IP address and Port. TCP is meant to extend the IP protocol (which identifies hosts only by IP address) by adding the Port and allowing multiple communication endpoints to exist for a single IP address.
In fact TCP packets (sent over the wire) encapsulate IP packets, but add some extra information on top of IP, information like the Port and some transmission control flags. This is why people often use the term TCP/IP.
On top of TCP/IP, people have built other protocols, like HTTP.
An HTTP packet (or request) consists of multiple TCP/IP packets exchanged between the client and the server. HTTP uses TCP/IP, and all packets sent with HTTP are TCP/IP packets. HTTP commonly uses the TCP port 80, however it can run on any other port without issues.
Also, any other application level protocol can be configured to use port 80.
Ports are associated with application level protocols only by convention. Similarly, SSH is commonly configured on port 22, but can be used on any other port.

I don't know if there is a official definition of you people say it like this :)
This is only my idea, maybe it will help you :)
Because applications are using 2 protocols:
TCP and UDP and people to express both the using protocol of an application and the port, they say TCP:80 or UDP:5000 (torrent example)
For example HTTPS can run over any reliable stream transport protocol. Normally that's TCP, but it could also be SCTP. It is NOT expected to run over UDP.
So you can say HTTPS:443 or TCP:443 referring at the HTTPS discussion of course.
They guy that you are talking to, understands from the start that HTTPS uses TCP protocol and it is on 443 port.
Combining the port number and the TCP/UDP you "create" the name of the assigned protocol, not vice-versa.
Eq:
TCP:80 = HTTP
TCP:23 = Telnet
UDP:220 = IMAP
You don't say HTTP:80 is TCP. The TCP port 80 is known as HTTP.
For a list or protocols and ports see: http://www.pearsonitcertification.com/articles/article.aspx?p=1868080

Related

What is the significance of port number in localhost?

Different websites uses different ports, like Codecademy uses localhost:8000 in its AngularJS and Ruby On Rails tutorials. So, I want to know what is the use of this 8000 in localhost:8000. Thanks in advance :-)
This is not specific to one framework, it's a much lower level. From Wikipedia:
In computer networking, a port is a software construct serving as a communications endpoint in a computer's host operating system. A port is always associated with an IP address of a host and the protocol type of the communication. It completes the destination or origination address of a communications session. A port is identified for each address and protocol by a 16-bit number, commonly known as the port number.
Specific, well-known port numbers are often used to identify specific applications and services. Of the thousands of enumerated ports, 1024 well-known port numbers are reserved by convention to identify specific service types on a host. The protocols that primarily use ports are the Transport Layer protocols, such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) of the Internet Protocol Suite.
In the client-server model of application architecture, ports are used to provide a multiplexing service on each port number that network clients connect to for service initiation, after which communication is reestablished on another connection-specific port number.
I assume, there's a task runner like grunt or gulp serving the page via BrowserSync (or similar). They use a different port than 80 to not interfere with an already occupied port by a local web server (apache, nginx,...).
This is just a port which rails is listening to. It depends on how you configure your rails server, and, IMHO does not mean anything useful. Sometimes you have to assign service to a different port because default port is occupied by some other service. Sometimes it is done by security reasons, so the hacker from outside world has to know the port you are using. But it's actually not very hard to know
Just to add to what the others have said: all network communications require an ip address (which can be got from a domain name like www.google.com) and a port number. However, if a port number is not supplied then the http server uses the default: this is usually port 80. So, if you were to go to "localhost" without a port, you are effectively saying "localhost:80". Your computer probably doesn't know what to do with this. If you say "localhost:8000", and there's a rails server there, then it will handle the request.

send non-flow message from controller to OpenFlow switch

I'm using a real machine (hp procurve) for my project, I need to send message of other protocol format, OSPF for instance, instead of flows, from controller side to OpenFlow switch through socket(by specifying ip address and port of the OF switch).
But everytime I try to do this, I get "Connection refused" error message, I guess that it might be that the port on OpenFlow switch I'm sending the message to is not listening, so I think I might need to use the same port for the sending which OpenFlow switch uses to talk to the controller, like the port 51067 in the log info :
Switch:192.168.1.11:51067 is connected to the Controller
My question is, how do I retrieve the port information on the controller side, since it is changing every time I restart it? I couldn't find this information.
Or am I going the wrong direction that I need to go another way around instead of sending the message using socket?
Thanks a lot in advance, any suggestions will be appreciated.
jonesir
I think you are misunderstanding the nature of networking ports, protocol numbers, and protocols such as OSPF. Let me clear those up:
Port numbers: Usually, there is exactly one application listening on a single port: The operating system/networking stack checks each packet of certain types (e.g. TCP or UDP) for the port number and then passes the packet to the application that registered itself for that specific port. If the application cannot handle the received packet then usually it will just ignore it or log an error.
Aside: It is possible for two applications to communicate on the same port only if you put some sort of multiplexing application before both (usually a reverse proxy, possibly a TCPMUX application). This multiplexing application would take incoming packets, determine what type of packet it is and then pass it to the correct application.
Protocol numbers: The protocol number is a field inside an IP packet that tells the networking stack what type of data is contained inside. For example, TCP is protocol 6, ICMP is 1, and OSPF is 89.
OF switches: Now, logically an OF switch consists of two components: 1) the switching fabric (which includes the physical ports and OF flow tables), and 2) a separate physical port to for out-of-band control, with several applications running behind it. One of these applications is the OpenFlow application, which in your case happens to listen on port 51067. But in real switches, other applications might also be running on different ports, e.g. a web interface running on port 80 for maintenance etc.
OSPF: If you now wanted to talk to the application serving the web interface, you'd send a TCP packet with destination port 80 from your controller to the switch. Similarly, if you'd like to install a new flow, you'd send an TCP packet with port 51067 in your case. OSPF is quite different, as it directly uses IP packets and does not use port numbers. To process an OSPF packet, an application needs to use a raw socket to process the incoming IP packets that have protocol number 89, and skip all others. See also the raw manpage here. This will already be built into your OF switch.
Thus, if you want to send an OSPF packet to the OF switch (and your OF switch supports OSPF on the separate physical port!), you'd just send an OSPF IP packet to the switch's IP address (192.168.1.11), no port needed!
Note that the separate physical port might not support all of the features of the other ports on the OF switch, as they are not intended for the same uses.

How/where is port-forwarding needed to establish a server-client connection

I am attempting to establish a connection between two computers using MSDN codes:
Client code:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms737591(v=vs.85).aspx
Server code:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms737593(v=vs.85).aspx
These codes run perfectly on a local network, but my intention is to establish a connection over the internet, where both computers are behind routers. I know port-forwarding is a viable solution. But I just don't know how.
For example, does even the client need port-forwarding, not just the server?
Further more, I am unable to properly configure my router to port-forward. Its model is Level One WBR-3407a. I tried this guide:
http://portforward.com/english/routers/port_forwarding/LevelOne/WBR-3407a/defaultguide.htm
But it didn't work. As you may note, this guide doesn't anywhere in it specify what port to use? is it possible to port-forward without specifying which port to forward?!
You need to configure port forwarding on the router to which the "server" is connected, and yes, you do need to specify a port (there's an exception, but let's not worry about it now). You typically wouldn't need port forwarding on the router to which the client computer connects.
Looking at the MSDN code you linked, you need to port forward port 27015, so on the router for your server, you want to add port forwarding entries for incoming TCP connections on port 27015 and to forward them to the IP address of the computer running the server, also on port 27015.
For future reference, this question is more appropriate for SuperUser or, less likely, for ServerFault.

how to see exact communication in wireshark?

We have installed a proxy inbetween host and internet. when i make a request google.com and if i see the communication in wireshark, i can just see the communication to proxy and reply from proxy, since proxy makes the actual request and reply to host.
in this case, how do we see the actual communication even if proxy is in intermediate. i have tried to open the packet and saw "Follow TCP Stream", but i could not find more information from it.
like communication from host to google.com in wireshark?
If you want to capture the traffic between the proxy and the destination, You would need to run wireshark on a machine that can see the traffic between the proxy and the destination. Eg, on the proxy, or on a machine connected to a switch setup to do port mirroring, or ...........
Basically though, without telling us the exact network layout, we cant help.

Why DHCP client listens on port 68?

If suppose client does not listen on 68 port,when DHCP server receives the request, it can send it to the address from where it received request (with ephemeral port chosen by client at time of sending), then why does protocol specifies client to be listening on port 68?
The main reason is that the DHCP server might broadcast the "DHCP offer" on the mac level, instead of sending it unicast to the mac address it had received the request.
If the port wasn't constant, some hosts that are listening by chance to the this same random port, will accept the packet to layer 5 - the application layer.
In other words, an application will get message from completely different application, not an healthy situation.
I just had to face the same question myself, and after some research, I found the following on the RFC 2131, which describes the DHCP protocol, under section 1.6 Design Goals:
DHCP must provide service to existing BOOTP clients
Also on the RFC 951, which describe the BOOTP protocol, we can find the following:
The UDP header contains source and destination port numbers. The
BOOTP protocol uses two reserved port numbers, 'BOOTP client' (68)
and 'BOOTP server' (67). The client sends requests using 'BOOTP
server' as the destination port; this is usually a broadcast. The
server sends replies using 'BOOTP client' as the destination port;
depending on the kernel or driver facilities in the server, this may
or may not be a broadcast (this is explained further in the section
titled 'Chicken/Egg issues' below). The reason TWO reserved ports
are used, is to avoid 'waking up' and scheduling the BOOTP server
daemons, when a bootreply must be broadcast to a client. Since the
server and other hosts won't be listening on the 'BOOTP client' port,
any such incoming broadcasts will be filtered out at the kernel
level. We could not simply allow the client to pick a 'random' port
number for the UDP source port field; since the server reply may be
broadcast, a randomly chosen port number could confuse other hosts
that happened to be listening on that port.
So the answer to the question comes from the above. DHCP clients need to use the UDP port 68, in order for the DHCP to be compatible with the BOOTP protocol and the BOOTP protocol requires a specific port for the client, since BOOTPREPLIES can be broadcasted, and if a random port was chosen for the client, it could result in the confusion of other hosts listening on the same port.
Because it's in the RFC (Request for Comments) that specifies how DHCP behaves. RFC 2131 is the document that specifies how a DHCP client and server must behave.
See here for more info on DHCP (section 4.1 in particular). See here for info on what the RFCs are.

Resources