Why are there different Internet ports?

The place for all kinds of software for all kinds of operating systems.

Moderator: Dposcorp

Why are there different Internet ports?

Postposted on Fri Nov 01, 2013 12:16 pm

Of my searches online, I've found out that ports exist and that they organize specific types of packets being sent over a network.

What I can't find, and what I don't understand, is why ports exist in the first place and what the benefits of port-mapping are. I don't know why someone would want to take port 80 and map it to port 40, for example. I can't even find the most basic information on why someone would do that, every web site, especially wikipedia, just assumes that the information is common knowledge.

With this question apparently being too dumb for Google to provide me an answer, would any of you be kind enough to let me know a bit of this 101 stuff?
Star Brood
Gerbil First Class
Silver subscriber
 
 
Posts: 182
Joined: Wed Mar 21, 2012 4:57 am

Re: Why are there different Internet ports?

Postposted on Fri Nov 01, 2013 12:27 pm

Ports exist in the first place to direct traffic to specific applications. So you have one server that hosts web and email. One program runs on the server and looks for any incoming traffic using port 80. One program listens for incoming traffic on port 25. If ports weren't specified, the OS running on the server would have to try to figure out who goes with what program, what format the traffic is supposed to be in, etc.

The applications listening for incoming traffic on these ports are then in charge of sorting out the different connections and data streams and managing that junk.

Ok, so why do people map different ports? Here, look at this:

http://customer.comcast.com/help-and-su ... ked-ports/

What if you want to run a web server or email server off your home connection? Or maybe remote into your home computer from work? If the ports are blocked, you can run the applications to listen on different ports that aren't blocked. If the applications are too stupid to be configured like that, often a router can do the port mapping for you.

To expound on that, even if the ports aren't blocked, Comcast forbids home users from running web servers off their home-use connections. They examine their traffic to see if this is happening. People then run web servers on non-standard ports so Comcast doesn't see them and terminate their connection or send nasty letters/warnings.
Scrotos
Graphmaster Gerbil
 
Posts: 1035
Joined: Tue Oct 02, 2007 12:57 pm
Location: Denver, CO.

Re: Why are there different Internet ports?

Postposted on Fri Nov 01, 2013 12:33 pm

control is one reason. only allowing traffic on certain ports gives control over your traffic (ie only allow ports 80 and 443 almost guarantees only web browsing is going on). You can also stealth a port so someone needs to know it is there and open to use it.

other is to allow sharing of traffic, I had a game (Neverwinter Nights) that 3 people played in my house. each of us had to be on a different port or the game picked up the others packets.
this one is definately older and things have come a long way.

See Scrotos post for more info.
Arvald
Gerbil XP
Silver subscriber
 
 
Posts: 355
Joined: Tue Sep 27, 2011 12:14 pm
Location: Gerbil-land, Canada

Re: Why are there different Internet ports?

Postposted on Fri Nov 01, 2013 12:47 pm

Think of the IP address as being like a street address, and the port being like an apartment number. If mail to residents of a large apartment building had no apartment numbers on the envelope, all the mail would arrive in one massive jumbled heap, and each resident would need to sort through the heap to find their own mail.

Likewise, without port numbers, the network interface on a system would not know which service to route each incoming packet to. Furthermore, it may not even be possible to look at an incoming packet and determine by inspection what service it "belongs" to, since the contents may be ambiguous.

When a service runs, it registers itself to "listen" on a particular port. In effect, this tells the network interface "when you receive a packet that is tagged with this port number, send it to me". Many services have standard port numbers which they normally use, e.g. web servers listen on ports 80 (HTTP) and 443 (HTTPS) by default; SSH (secure shell) listens on port 22; SMTP (e-mail transport) listens on port 25; and so on.

Non-standard ports (or port remapping) may be used for a variety of reasons. The most common one is that a system is behind a NAT router/firewall, and therefore shares a public IP address with many other systems. If multiple systems behind a NAT router all want to be able to receive unsolicited packets from the public Internet, they can't all use the same port number (otherwise the NAT router would not know which system to forward the packet to). So let's say you have multiple web servers running behind a NAT. They can't all listen on the standard port 80, so maybe you use port 80 for the first one, port 10080 for the second one, 10081 for the third, and so on. (In HTTP/HTTPS, URLs need to have the port number appended if a non-standard port is to be used, e.g. http://www.somedomain.com:10080.)

Another reason for non-standard ports is to cut down on the number of brute force password cracking attacks for protocols like SSH. If you run SSH on the standard port 22 the system logs will be filled with spewage from script kiddies trying to guess the password to the root account. Moving the service to a high-numbered non-standard port reduces that kind of nonsense by orders of magnitude.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 37845
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Why are there different Internet ports?

Postposted on Fri Nov 01, 2013 12:51 pm

When you write a program that listens for incoming network connections, you have to tell it a port to listen on. So by convention, SSH will listen on port 22, and web serves on port 80, and so on.

But only one application can listen on a given port -- if more than one were listening, how would the OS know which program to forward the connect request to? So if you have two web servers running on one computer, say a public one and a private one, you need to tell one of them to listen on a different port, because both can't listen on 80.

Okay, that's fine, but how about if you have two computers, each running a web server? Well, now both servers can listen on port 80, because they're on different computers. But what if you're behind a router, so the outside world doesn't know how to reach an individual computer? Well, you can tell the router to forward along the connections, but now you run into the same problem: you can't have port 80 on the router doing two different things. Sol, now you can just pick two ports on your router and have it forward each one to one of these two computers. So it might forward connection attempts on port 5555 to computer A's port 80, and on port 6666 to computer B's port 80.
cobalt
Gerbil
Gold subscriber
 
 
Posts: 40
Joined: Mon Oct 30, 2006 11:28 am


Return to General Software

Who is online

Users browsing this forum: Google [Bot] and 4 guests

cron