Maximum number of tcp ports. Networks. TCP and UDP port ranges. Establishing a TCP connection

Transport layer

The task of the transport layer is to transfer data between various applications running on all network nodes. After the packet is delivered via IP to the receiving computer, the data must be sent to a special recipient process. Each computer can run multiple processes, and an application can have multiple entry points, acting as a destination for data packets.

Packets arriving at the transport layer of the operating system are organized into multiple queues at the entry points of various applications. In TCP/IP terminology, these entry points are called ports.

Transmission Control Protocol

Transmission Control Protocol(TCP) (Transmission Control Protocol) is a mandatory protocol of the TCP/IP standard, defined in RFC 793, "Transmission Control Protocol (TCP)".

TCP is a transport layer protocol that provides transportation (transmission) of a data stream, with the need to first establish a connection, thereby guaranteeing confidence in the integrity of the received data, and also performs a repeated request for data in the event of data loss or corruption. In addition, the TCP protocol monitors duplicate packets and, if detected, destroys duplicate packets.

Unlike the UDP protocol, it guarantees the integrity of the transmitted data and the sender’s confirmation of the results of the transfer. Used in file transfers where the loss of one packet can corrupt the entire file.

TCP achieves its reliability by:

Data from the application is divided into blocks of a certain size that will be sent.
When TCP sends a segment, it sets a timer, waiting for an acknowledgment of that segment to arrive from the remote end. If an acknowledgment is not received after a period of time, the segment is retransmitted.
When TCP receives data from the remote end of the connection, it sends an acknowledgment. This acknowledgment is not sent immediately, but is usually delayed for a fraction of a second.
TCP calculates a checksum for its header and data. This is a checksum calculated at the ends of the connection, the purpose of which is to detect any change in data during transmission. If a segment arrives with an incorrect checksum, TCP discards it and no acknowledgment is generated. (The sender is expected to time out and retransmit.)
Since TCP segments are transmitted as IP datagrams, and IP datagrams can arrive randomly, TCP segments can also arrive randomly. After receiving the data, TCP can resequence it as needed, so that the application receives the data in the correct order.
Since an IP datagram can be duplicated, the receiving TCP must discard the duplicated data.
TCP provides flow control. Each side of a TCP connection has a specific buffer space. TCP on the receiving end allows the remote end to send data only if the recipient can fit it into a buffer. This prevents slow hosts from overflowing their buffers with fast hosts.

The sequence number serves two purposes:

If the SYN flag is set, then this is the initial value of the sequence number - ISN (Initial Sequence Number), and the first byte of data that will be transmitted in the next packet will have a sequence number equal to ISN + 1.
Otherwise, if SYN is not set, the first byte of data transmitted in a given packet has this sequence number.

Acknowledgment Number - If the ACK flag is set, then this field contains the sequence number expected by the recipient next time. Marks this segment as confirmation of receipt.
Header length is specified in 32-bit words.
Window size is the number of bytes that the recipient is willing to accept without confirmation.
Checksum - includes pseudo header, header and data.
Urgency indicator - indicates the last byte of urgent data that must be responded to immediately.
URG - urgency flag, includes the "Urgency Indicator" field; if =0, then the field is ignored.
ACK - confirmation flag, includes the “Acknowledgment number” field, if =0 then the field is ignored.
PSH - the flag requires a push operation, the TCP module must urgently transfer the packet to the program.
RST - connection interrupt flag, used to refuse a connection
SYN - sequence number synchronization flag, used when establishing a connection.
FIN - end of transmission flag from the sender's side

Let's look at the header structure TCP using Wireshark network analyzer:

TCP ports

Since several programs can be running on the same computer, to deliver a TCP packet to a specific program, each program's unique identifier or port number is used.

Port number is a conditional 16-bit number from 1 to 65535 indicating which program the package is intended for.

TCP ports use a specific software port to deliver data transmitted using the Transmission Control Protocol (TCP). TCP ports are more complex and work differently than UDP ports. While a UDP port acts as a single message queue and as the entry point for a UDP connection, the final entry point for all TCP connections is a unique connection. Each TCP connection is uniquely identified by two entry points.

Each individual TCP server port can offer shared access to multiple connections because all TCP connections are identified by two values: an IP address and a TCP port (socket).

All TCP port numbers that are less than 1024 are reserved and registered with the Internet Assigned Numbers Authority (IANA).

UDP and TCP port numbers do not overlap.

TCP programs use reserved or well-known port numbers, as shown in the following figure.

Establishing a TCP connection

Let's now see how TCP connections are established. Suppose a process running on one host wants to establish a connection with another process on another host. Recall that the host that initiates the connection is called the "client", while the other host is called the "server".

Before transmitting any data, according to the TCP protocol, the parties must establish a connection. The connection is established in three stages (TCP "triple handshake" process).

The requester (usually called the client) sends a SYN segment indicating the port number of the server to which the client wants to connect and the client's original sequence number (ISN).
The server responds with its SYN segment containing the server's original sequence number. The server also acknowledges the arrival of the client's SYN using ACK (ISN + 1). A single sequence number is used per SYN.
The client must acknowledge the arrival of a SYN from the server with its SYN segments containing the client's original sequence number (ISN+1) and using an ACK (ISN+1). The SYN bit is set to 0 because the connection is established.

Once the TCP connection is established, these two hosts can transmit data to each other, since the TCP connection is full duplex, they can transmit data simultaneously.

In computer networks, a port is the end point of communication in the operating system. The term is also used for hardware devices, but in software it is a logical construct that identifies a specific process or type of service.

A port is always associated with a host IP address and type and thus completes the session address assignment. It is identified for each address and protocol using a 16-bit number, commonly known as the port number. Specific port numbers are often used to identify specific services. Of the thousands listed, 1024 well-known port numbers are protected by convention to identify specific types of services on the host. Protocols that primarily use ports are used to control processes (such as Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) from the Internet protocol suite).

Meaning

TCP ports are not needed over direct point-to-point links where the computers at each end can only run one program at a time. They became necessary as machines became capable of running more than one program at a time and were connected to modern packet-switched networks. In the client-server model, ports and network clients connect to initiate service, provide multiplexing services after the initial communication is associated with a known port number, and it is released by switching each request service instance to a dedicated line. A connection is made to a specific number, and thanks to this, additional clients can be served without waiting.

Details

Data transfer protocols - Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) - are used to indicate the destination port number and source in their segment headers. The port number is a 16-bit unsigned integer. So it can be in the range from 0 to 65535.

However, TCP ports cannot use number 0. The source port for UDP is optional, and a value of zero means it is not present.

A process communicates its input or output channels through an Internet socket (a type of file descriptor) using a transport protocol, port number, and IP address. This process is known as binding, and it enables data to be sent and received across a network.

The operating system is responsible for transmitting outgoing data from all application ports to the network, as well as forwarding incoming network packets (by mapping the IP address and number). Only one process can be bound to a specific IP address and port combination using the same transport protocol. Common application crashes, sometimes called port conflicts, occur when multiple programs try to communicate with the same port numbers on the same IP address using the same protocol.

How are they used?

Applications implementing shared services often use a specially reserved and well-known list of TCP and UDP ports to accept service requests from clients. This process is known as listening, and it involves receiving a request from a well-known port and establishing a one-to-one conversation between the server and client using the same local port number. Other clients can continue to connect - this is possible because the TCP connection is identified as a chain consisting of local and remote addresses and ports. Standard TCP and UDP ports are determined by agreement under the control of the Internet Assigned Numbers Authority (IANA).

The core network services (most notably WorldWideWeb) tend to use small port numbers - less than 1024. Many operating systems require special privileges for applications to bind to them because they are often considered critical to the functioning of IP networks. On the other hand, the end client of the connection usually uses a large number of them, allocated for short-term use, which is why there are so-called ephemeral ports.

Structure

TCP ports are encoded in the transport protocol packet header, and they can be easily interpreted not only by the sending and receiving computers, but also by other components of the network infrastructure. In particular, firewalls are typically configured to distinguish packets based on their source or destination port numbers. Redirection is a classic example of this.

The practice of trying to connect to a range of ports sequentially on a single computer is known as port scanning. This is usually due to either malicious disruption attempts or network administrators looking for possible vulnerabilities to help prevent such attacks.

Activities that focus on how often computers are monitored and recorded. This technique uses a number of spare connections to ensure an uninterrupted connection to the server.

Examples of using

The most important example where TCP/UDP ports are actively used is the Internet mail system. The server is used to work with email (sending and receiving), and in general requires two services. The first service is used for transport via email and other servers. This is achieved by using Typically, the SMTP service application listens on TCP port number 25 for the purpose of processing incoming requests. Another service is POP (Post Office Protocol) or IMAP (or Internet Message Access Protocol) which is required for email client applications on users' machines to receive email messages from the server. POP services listen for numbers on TCP port 110. The above services can both run on the same host computer. When this happens, the port number distinguishes the service requested by the remote device - the user's PC or some other mail server.

While the server's listening port number is well defined (IANA calls them well-known ports), this client parameter is often selected from a dynamic range. In some cases, clients and server separately use specific TCP ports assigned in IANA. A good example is DHCP, where the client uses UDP 68 in all cases, and the server uses UDP 67.

Usage in URLs

Port numbers are sometimes clearly visible on the Internet or other Uniform Resource Locators (URLs). By default, HTTP uses and HTTPS uses 443. However, there are other variations. For example, the URL http://www.example.com:8080/path/ indicates that the web browser is connecting to 8080 instead of the HTTP server.

List of TCP and UDP ports

As noted, the Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of DNS-Root, IP addressing, and other Internet Protocol resources. This includes logging frequently used port numbers for well-known Internet services.

Port numbers are divided into three ranges: well-known, registered, and dynamic or private. Well-known (also known as system) are those numbered from 0 to 1023. The requirements for new appointments in this range are more stringent than for other registrations.

Well-Known Examples

Examples found in this list include:

TCP 443 port: HTTP Secure (HTTPS).
22: Secure Shell (SSH).
25: Simple Mail Transfer Protocol (SMTP).
53: Domain Name System (DNS).
80: Hypertext Transfer Protocol (HTTP).
119: Network News Transfer Protocol (NNTP).
123: Network Time Protocol (NTP)..
143: Internet Message Access Protocol (IMAP)
161: Simple Network Management Protocol (SNMP)1.
94: Internet Relay Chat (IRC).

Registered ports range from 1024 to 49151. IANA maintains an official list of known and registered ranges. Dynamic or Private - 49152 to 65535. One use of this range is for temporary ports.

History of creation

The concept of a port number was created by early ARPANET developers in an informal collaboration between software authors and system administrators.

The term "port number" was not yet used at that time. The number sequence for the remote host was a 40-bit number. The first 32 bits were similar to today's IPv4 address, but the first 8 bits were the most significant. The smallest part of the number (bits 33 to 40) represented another object called AEN. This is the prototype of the modern port number.

On March 26, 1972, the creation of a socket number directory was first proposed in RFC 322, which called for each persistent number to be described in terms of its functions and network services. This directory was subsequently published in RFC 433 in December 1972 and included a list of hosts, their port numbers, and the corresponding function used on each node on the network. In May 1972, official assignments of port numbers, network services, and a special administrative function for maintaining this registry were first documented.

The first TCP port list had 256 AEN values, which were divided into the following ranges:

0 to 63: standard functions of the entire network
64 to 127: Host-specific functions
128 to 239: Reserved for future use
240 to 255: Any experimental feature.

The Telnet service received the first official assignment of the value 1. In the early days of the ARPANET, the term AEN also referred to the name of the socket that was used with the original connection protocol (MSP) and the network control program (NCP) component. Moreover, NCP was the predecessor of modern Internet protocols using TCP/IP ports.

Brief list of ports:
1. DISCARD: Discard port (RFC 863)
2. FTP: 21 for commands, 20 for data
3. SSH: 22 (remote access)
4. Telnet: 23 (remote access)
5. SMTP: 25, 587
6. DNS: 53 (UDP)
7.DHCP: 67, 68/UDP
8. TFTP: 69/UDP
9. HTTP: 80, 8080
10.POP3: 110
11. NTP: 123 (time server) (UDP)
12. IMAP: 143
13. SNMP: 161
14. HTTPS: 443
15. MySQL: 3306
16. Iserver: 3055
17. RDP: 3389 (remote access)
18. OSCAR (ICQ): 5190
19. XMPP (Jabber): 5222/5223/5269
20. Traceroute: above 33434 (UDP)
21. BitTorrent: 6969, 6881-6889
...

Description:

1. RFC 863 - Drop Protocol
This document contains a standard for the ARPA Internet community. ARPA Internet hosts that choose to support the Discard protocol are expected to conform to this specification. Discard is a useful tool for measurement and debugging. This service simply discards all received data.
The TCPO-based Discard service is one of the discard service variants that is implemented based on TCP. The server listens for TCP connections on port 9. Once the connection is established, all data received over it is discarded without sending any responses. Data discarding continues until the connection is terminated by the user.
UDP-Based Discard Service - Another variant of the discard service is built on top of UDP. The server listens for UDP datagrams on port 9 and when detected, discards the received datagrams without transmitting any information.

2. FTP (File Transfer Protocol) is a protocol designed for transferring files over computer networks. FTP allows you to connect to FTP servers, view directory contents, and download files from or to a server; In addition, a file transfer mode between servers is possible.
Outgoing port 20, opened on the server side, is used for data transmission, port 21 - for command transmission.

3. SSH (English: Secure SHell - “secure shell”) - a session-level network protocol that allows remote control of the operating system and tunneling of TCP connections (for example, for file transfer). Port 22 is used for remote administration through client programs ssh protocol (SSH - Secure SHell) You can close it by disabling the server control program.

4. TELNET (English TERminaL NETwork) - a network protocol for implementing a text interface over the network (in its modern form - using TCP transport).

5. SMTP (Simple Mail Transfer Protocol) is a network protocol designed for transmitting email over TCP/IP networks. To work via the SMTP protocol, the client creates a TCP connection to the server via port 25.
Sometimes providers prohibit sending mail through port 25, forcing the client to use only their SMTP servers. But, as you know, there is a cunning...
By default, postfix only works on port 25. But you can make it work on port 587. To do this, you just need to uncomment the line in the /etc/postfix/master.cf file:
submission inet n - - - - smtpd

6. DNS (English: Domain Name System) is a distributed computer system for obtaining information about domains. The DNS protocol uses TCP or UDP port 53 to respond to requests.

7. DHCP (Dynamic Host Configuration Protocol) is a network protocol that allows computers to automatically obtain an IP address and other parameters necessary to operate on a TCP/IP network. This protocol operates on a client-server model. For automatic configuration, the client computer, at the network device configuration stage, contacts the so-called DHCP server and receives the necessary parameters from it. The network administrator can specify the range of addresses distributed by the server among computers. This allows you to avoid manual configuration of network computers and reduces the number of errors. The DHCP protocol is used in most TCP/IP networks. The DHCP protocol is a client-server protocol, that is, it involves a DHCP client and a DHCP server. Data transmission is carried out using the UDP protocol, with the server receiving messages from clients on port 67 and sending messages to clients on port 68.

8. TFTP (English Trivial File Transfer Protocol) is used mainly for the initial boot of diskless workstations. TFTP, unlike FTP, does not contain authentication capabilities (although filtering by IP address is possible) and is based on the UDP transport protocol.

9. HTTP (abbreviated from the English HyperText Transfer Protocol - “hypertext transfer protocol”) - an application-level protocol for data transfer (initially in the form of hypertext documents). Port 80 is the port of web servers. Ports 80-83 are responsible for work via the HTTP protocol.

10. POP3. Port 110 (Opera POP3 connection) is responsible for sending and receiving mail.

11. Network Time Protocol (NTP) - a network protocol for synchronizing the computer’s internal clock using networks with variable latency. Setting up the time service (NTP) in Windows 2003 / 2008 / 2008 R2 ... with the source is carried out using the NTP protocol - 123 UDP port .

12. IMAP (Internet Message Access Protocol) is an application layer protocol for accessing email. It is based on the TCP transport protocol and uses port 143.

13. SNMP (Simple Network Management Protocol) is a communication network management protocol based on UDP architecture. Devices that usually support SNMP are routers, switches, servers, workstations, printers, modems, etc. SNMP service:
Uses Windows Sockets API.
Sends and receives messages using UDP (port 161) and uses IP to support SNMP message routing.
Comes with additional libraries (DLLs) to support non-standard MIBs.
Includes Microsoft Win32 SNMP Manager API to simplify SNMP application development.

14. HTTPS (Hypertext Transfer Protocol Secure) - an extension of the HTTP protocol that supports encryption. Data transmitted via the HTTPS protocol is “packed” in the SSL or TLS cryptographic protocol, thereby ensuring the protection of this data. Unlike HTTP, HTTPS uses TCP port 443 by default.

15. MySQL is a free database management system. ONE BUT mysql does not work. (STOPED WORKING FOR n TIME)

16. 3055-local network.

17. RDP (English: Remote Desktop Protocol) is a proprietary application-level protocol purchased by Microsoft from Citrix, used to ensure remote user work with a server running the terminal connection service. Clients exist for almost all versions of Windows (including Windows CE and Mobile), Linux, FreeBSD, Mac OS X, Android, Symbian. The default is TCP port 3389.

18. ICQ Server.

19. XMPP (Extensible Messaging and Presence Protocol), formerly known as Jabber.
5222/5223 - client-server, 5269 - server.

20. Traceroute is a computer utility program designed to determine data routes on TCP/IP networks. (some sources indicate that it is enough to specify the port range from 33434 to 33534)

21. BitTórrent (lit. English “bit stream”) - peer-to-peer (P2P) network protocol for cooperative file sharing over the Internet. 6969, 6881-6889 ports for access of torrent clients.

20:11:35 20

The port number for “binding” a service is selected depending on its functional purpose. The IANA is responsible for assigning port numbers to specific network services.

Port numbers range from 0 to 65535 and are divided into 3 categories:

Port numbers	Category	Description
0—1023	Well-known ports	Port numbers are assigned by IANA and on most systems can only be used by system (or root) processes or by applications running by privileged users. Should not be used without IANA registration. The registration procedure is defined in section 19.9 of RFC 4340.
1024—49151	Registered ports	Port numbers are included in the IANA directory and on most systems can be used by regular user processes or programs run by regular users. Should not be used without IANA registration. The registration procedure is defined in section 19.9 of RFC 4340.
49152—65535	Dynamic ports	Intended for temporary use (for example, testing applications prior to IANA registration), as well as client-side (used for private services within closed networks). These ports cannot be registered

Local copy of the list

A local copy of the list is included in the installation package of network operating systems. The file for a local copy of the list is usually called services and is located in different places in different operating systems:

Windows 98/ME

C:\Windows\services

Windows NT/XP

C:\Windows\system32\drivers\etc\services

UNIX-like OS

Go to: 1 Term should notin this context used in the meaning of definitionSHOULD NOT given in RFC 2119 (English):

"SHOULD NOT" or "NOT RECOMMENDED" means that in certain circumstances there may be individual cases, due to compelling reasons, where violation of the specified recommendations is acceptable or even preferable, but such reasons and circumstances must be understood and carefully weighed before violating the recommendations marked with this phrase.

To communicate with applications running on other network hosts (as well as with other applications on the same host).

The basic rule necessary to understand the operation of the port: 1) The port can be occupied by only one program and at this moment cannot be used by another. 2) All programs use ports to communicate with each other via the network.

For each of the TCP and UDP protocols, the standard specifies the ability to simultaneously allocate up to 65536 unique ports on a host, identified by numbers from 0 to 65535. When transmitted over a network, the port number in the packet header is used (together with the host IP address) to address a specific application (and specific network connection belonging to him).

Port numbers

TCP ports do not overlap with UDP ports. That is, TCP port 1234 will not interfere with UDP traffic over port 1234.

A number of port numbers are standardized (see List of TCP and UDP ports). The list is maintained by the non-profit organization IANA.

On most UNIX-like operating systems, listening on ports numbered 0-1023 (almost all of which are registered) requires special privileges. Each of the remaining ports can be seized by the first process that requested it. However, there are many more numbers registered than 1024.

Brief list of port numbers

TCP is assumed to be used unless otherwise noted.

DISCARD: 9, Discard port (RFC 863)
FTP: 21 for commands, 20 for data
SSH: 22 (remote access)
telnet: 23 (remote access)
SMTP: 25, 465, 587
isserver: 3055
XMPP (Jabber): 5222/5223 - client-server, 5269 - server-server
traceroute : above 33434 (UDP) (some sources indicate that it is enough to specify a port range from 33434 to 33534)

Sender and Receiver Ports

TCP or UDP packets always contain two port number fields: source and destination. The type of service program is determined by the recipient port of incoming requests, and the same number is the sender port of responses. The “reverse” port (the port of the sender of requests, also known as the port of the recipient of responses) when connecting via TCP is determined arbitrarily by the client (although numbers less than 1024 and already occupied ports are not assigned), and is of no interest to the user. The use of reverse port numbers in UDP is implementation dependent.

Notes

Wikimedia Foundation. 2010.

See what "Port (TCP/IP)" is in other dictionaries:

Name: Transport Control Protocol Layer (OSI model): Transport Family: TCP/IP Port/ID: 6/IP Specification: RFC 793 / STD 7 Main implementations ... Wikipedia

Port: Wiktionary has an entry for “port” Port (Latin portus “harbour”, “pier”) ... Wikipedia

Name: Transmission Control Protocol Layer (OSI model): Transport Family: TCP/IP Port/ID: 6/IP Specification: RFC 793 / STD 7 Main implementations: Linux, Windows Extensibility ... Wikipedia

TCP/IP protocol stack (Transmission Control Protocol/Internet Protocol) is a set of network protocols of different levels of the DOD network interaction model used in networks. Protocols work with each other in a stack (English stack, stack) ... ... Wikipedia

A TCP port number that identifies a process or application within a computer. For client applications, the port number is dynamically assigned by the operating system. For software servers, port numbers do not change and are prescribed by the Internet... ... Financial Dictionary

Network port is a parameter of the UDP protocols that determines the purpose of data packets in the format This is a conditional number from 0 to 65535, allowing different programs running on the same host to receive data independently of each other (provided like this ... ... Wikipedia