I think most folks understand port assignment but I would like to add my twist to the explanations. It is not a good idea to address the subject of "Ports" without addressing the subject of "Sockets" and the Client/Server paradigm. Well-known ports allow client computers to know ahead of time which service is being offered by Servers. These were established to represent common services. A good example is the Telnet service which is offered by well-known port 23. I do not have to call the Administrator of a Server to ask which port to use if he is offering standard telnet services. My standard telnet client will be assigned a dynamic source port above 1023 which the operating system chooses and passes to the TCP stack. At the same time my client knows that the standard telnet destination port is always 23. The source IP address, the random( dynamic) source port and the destination IP, well-known destination port(23) are placed in the TCP/IP packet and sent on its way. The operating system keeps track of the random ports. Several telnet client sessions can be fired up on the same client and each will be given a different random source port number combined with the same well known destination port number(23). The combination of an IP address and a source port number is known as a "socket". So this client may have several sockets operating at the same time, each of which will be unique because of the randomly selected port number. IP address remains the same and destination port(23) remains the same for each socket. On the Telnet Server side, each "socket" consists of the Server's IP address and the well-known port. It has the client's IP address and the client's randomly generated source port which was provided in every TCP packet. Each combination of two sockets , one for client and one for server is unique in the entire Internet and allows for multiplexing several telnet sessions from the same client to the same server at the same time. This is the backbone of Client/Server technology. It is entirely possible for a programmer to write a TCP/IP stack and select any port number he/she likes for his Telnet Server daemon to listen on. But he/she would also have to write the telnet client portion to use the new number. No standard telnet client would know his/her new non-standard number. Folks who are writing new apps which "register" their ports are writing both Server and client side. The Server daemon or Service listens at the "registered" port and the client side seeks out that number. e.g. A GroupWise client knows that the standard GroupWise Server is listening at 1677. In the final analysis, it really does not matter which ports are used where as long as both client and server agree. It is not wise to use any well-known ports for new applications because they were programmed into the Operating Systems (starting with UNIX) or added as third party stacks a long time ago. Winston. > -----Original Message----- > From: Chuck Larrieu [SMTP:[EMAIL PROTECTED]] > Sent: Tuesday, November 07, 2000 2:24 AM > To: Cisco Mail List > Subject: TCP protocol behaviour - Ports above 1023 > > Got a question about this. > > Application wants to open a TCP connection to something - say http, so the > application issues the request, TCP on the application side uses some > random > port number above 1023 as the source port number. The destination port is > the well know port on the distant end. > > However, I see from the IANA port listings > (http://www.isi.edu/in-notes/iana/assignments/port-numbers ) that there > are > any number of registered ports above 1023. For example L2TP uses port > 1701, > Groupwise uses port 1677, ands WINS uses port 1512. The IANA page itself > calls ports 1024 through 49151 "registered" and further states that only > ports 49152 and beyond are "dynamic and / or private" > > Anyone ever sniffed outbound traffic and seen apps using source ports in > the > 1024 through 49151 range? > > It just occurs to me that this has the potential of creating problems, if > an > application uses a port reserved for some other application. Since most of > the ports in this "registered" range appear to be for obscure kinds of > services or applications, perhaps this isn't really and issue. > > Comments? > > Chuck > > _________________________________ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _________________________________ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
