FTC disclaimer: This post contains affiliate links and I will be compensated if you make a purchase after clicking on my link.
When data is traversed from a host source to a host destination or vice versa, then its primary concern is to reach the correct user in a network.
The end-user may be using multiple applications to generate multiple processes at the same time. Each process sends data that is further divided into multiple packets; interchangeably, we also use datagrams.
Differences between packet and datagram.
The packet and datagram in a network are a block of data. The block of data size may vary from 7 to 65542 bytes.
The term packet is used for TCP oriented connection and datagram for UDP, a connectionless protocol.
Both TCP and UDP are the main transport layer protocols. Therefore, when it is denoted as IP datagrams, then it can be referred to as IP packets.
So, the multiple processes use transport protocol, which is combined in a single stream of data and sent to the network layer.
To identify the transport protocol in a packet, IP uses protocol number, whereas transport protocol specifies each application process using the port number.
What is Protocol numbers?
The protocol numbers are single-byte numbers used to identify transport protocols like TCP or UDP in the IP header.
In the IPv4 header, you will find the protocol number in the “protocol field,” whereas, in IPv6, you will find the protocol number in a “Next header” field.
The most common transport protocol like TCP and UDP uses 6 and 17 protocol number.
How the whole process with protocol number take place?
When the packet arrives at the Internet layer, it matches the source IP address with the destination IP address.
Through this, the internet layer knows the packet is to deliver to one of the transport protocols. They decide the transport protocol by looking at the packet’s protocol number.
If the protocol number is 6, then the packet will deliver to TCP, and if the protocol number is 17, the packet will deliver to UDP.
What is a port?
As we know, the IP address in a network identifies a computer.
The IP address itself is not sufficient to identify multiple application processes or network services on a computer. So, to categorized network services, a port was introduced in a network.
The Port in a network is used to identify multiple application processes or network services in a host or computer.
IP address and Port analogy
If you use a house address analogy, then the IP address corresponds to the street address.
In a street address, there could be so many houses, and each house has an assigned house number.
The house number corresponds to the Port number in a network.
Taking the above analogy into consideration, when the incoming packet passes to transport protocol, then the transport identifies the port number in the header, and it again passes to the correct application process.
So, the source port number in a host identifies the application process that sends the data in the network. The destination port number in a host identifies the network service that receives the data.
The port number consists of 16-bit values, whose value can vary from 0 to 65535 decimal.
The port number is divided into multiple ranges, as follow:
Port number 0-1023 are reserved for well-known services like FTP, HTTP, Telnet. These port numbers are assigned by the IANA (Internet Assigned Number Authority).
The well-known port number is also considered “privileged ports,” which means it is not bound to a user process.
The well-known port number allows the client application in a source host to locate the corresponding server application processes in the destination host.
So, when you are browsing for a website from a client application like Chrome, it will locate for a server application that uses HTTP service.
The web server providing services like HTTP uses port number 80, and for HTTPS services, it uses port number 443.
Similarly, for FTP services, it uses port number 21, and for SMTP services, it uses port number 25.
Port number 1024-49151 is known as “registered port,” which is maintained by IANA, and it is not officially assigned port number. The registered Port is used to prevent any duplication.
Port number 49152-65535 is known as “dynamic or private port,” which can be used by client programs freely.
The port number is mostly of two types: persistent and ephemeral.
The persistent port number lasts for a longer time until the application is running. It is used in servers to drive different network services.
The ephemeral port number last for a short time or stay for a day. It is used in client applications.
Also, the port number is not unique between transport layer protocol, but the port number is unique within a transport protocol.
For instance, TCP and UDP are both transport layer protocols, and they can assign the same port number.
Also, the combination of protocol and port number identifies the unique application process in a network.
What is Sockets?
The combination IP address and the port number are known as Sockets. Each end of the network connection will have a socket.
For instance, if you are opening two websites like Google and Yahoo from a single browser, then one browser window will open the Google website, and another browser window will open the Yahoo website.
For the Google site, the connection would be as below:
Your computer – IP1 + port 60100 (Dynamic port) =>Google server – IP2 + port 80 (standard port)
The combination of IP1+60100 is the socket of the client host, and IP2+80 is the socket of the Google server (destination host).
For the Yahoo site, the connection would be as below:
Your computer – IP1 + port 60800 (Dynamic port) => Yahoo server – IP3 + port 80 (standard port)
The combination of IP1+60800 is the socket of the client host, and IP3+80 is the socket of the Yahoo server (destination host).
IP1 is the IP address of the client host, which remains the same for two different processes, and the port number is dynamically assigned to the network process in the client host.
The dynamically assigned Port will remain active until the session is not closed.
So, the remote computer application automatically identifies the well-known Port (or standard Port) for particular network services.
The operating system randomly selects the dynamically assigned Port in the client host. It is selected by the system and assigned to the processes when needed.
Moreover, the dynamically assigned Port also ensures that the same Port is not assigned to a different process.
So, what we have concluded from the above example is that two processes (opening Google and Yahoo site) are allocated with two different port number by the system, that is 60100 and 60800.
Also, each network service is uniquely identified in a network when we take the combination of source port and destination port.
In other words, a socket in a network can quickly identify a unique network process. A pair of sockets in a network, one socket for the source host, and another socket for the destination host defines the connection-oriented protocols such as TCP.
Another example for well-known ports and dynamically assigned ports
Let’s build another example for well-known ports and dynamically assigned ports.
Assume, source end having an IP address 172.16.12.2 and using Telnet service. The dynamically assigned Port for the sources is 3382.
The destination host IP address is 192.168.16.2. The remote host is using Telnet service to connect to the destination host. The pre-assigned, well-known Port for Telnet is 23.
Now, the socket for the source end is 172.16.12.2 3382 (IP address + port number), and the socket for the destination end is 192.168.16.2 23 (IP address + Port number).
The socket pair by both the source and destination host has uniquely identified this connection.
Conclusion
When data is sent in a network from source to destination, then it is divided into packets. Each packet carries a protocol number which identifies the transport port in a network.
The transport port, on the other hand, identifies the network process port number. So, the IP address and port number of one end defines the socket of that end and establishes a unique connection in a network with socket pairs.