When a computer is multitasking, it needs more than an IP address to keep track of all the different things it’s doing. If you have three tabs open from the same web server they should all work! While the IP address gets a data packet to the right computer, it’s the port number that gets it to the right application within the computer.
Generically, everything on the internet is a client or a server. In the process of accessing data from the internet, somebody(generically called the “client”) needs to communicate with someone holding the information (generically called the “server”). When a client sends a packet to a server requesting data, it includes a port number in the packet. This in forms the server which application the packet needs to go to within the server to be processed correctly. Likewise, on the client machine there might be 4, 5, or many more port numbers open (imagine the browser overflowing with tabs). Each process taking place on these ports holds a different port number spun up by the operating system. This way the server knows exactly where to send its response after the initial request.
Moreover – just as you have a source and destination IP address – there’s always a source port number to and destination port number in a transport of data. Let’s say a web server is listening for HTTP requests (on port 80). When you enter a website name into your web browser, a data packet is sent out to a web server requesting a webpage. This packet (in a simplified version) includes the destination IP address (the server’s IP address), the source IP address (your computer’s IP address), the destination port number (port 80 in this case), the source port number (a high number generated by your computer), and the data requesting the webpage. When the packet reaches the server (via IP address), it’s sent to whichever application is listening for the packet’s destination port number (port 80 in this case). From here, a returning data packet is derived where the destination and source information of both the IP address and port numbers are flipped– leading to the reverse transportation of data. This packet is sent from the server back to your computer, delivering the data that containing your desired webpage!
Of the list of port numbers ranging from 0 to 65535 (wow), there are three main categories of ports.
Well-Known Ports (0-1023) are assigned and controlled.No one can use them other than for protocols assigned to them.
Registered Ports (1024-49151) are not assigned or controlled,but can be registered to prevent duplication. These came after well-known ports for those who wanted their own ports to use.
Dynamic/Ephemeral (49152-65535) are spun up by the client system every time it makes a connection which will act as the return port number for the server’s response.
On the transport layer of the TCP/IP model – where network ports lie – there are two main categories of Transport Protocols. Some protocols have components for both: TCP and UDP.
TCP – Transmission Connection Protocol prioritizes the safe transfer off data. Before any communication takes place, a 3-Way Handshake is used to make the connection. The “sender” computer first sends a SYN (SYNchronization)packet to the “receiver” computer. The “receiver” then responds with a SYN-ACK (SYNchronization ACKnowledgment) packet to confirm that it has received the message. And lastly the “sender” sends a final ACK (ACKnowledgment)packet back to the “receiver”. Only once this has taken place will data be delivered. TCP is also stateful, meaning every data packet transmitted has a confirmation packet in return. If a confirmation isn’t received, one’s packet is sent back. By guaranteeing the delivery of each piece of data, TCP ensures reliable transmission.
UDP – User Datagram Protocol prioritizes low latency over reliable data transmission. By reducing the number of security checks, it increases the quality of speed. This focus on reduced latency over reliability makes it useful for gaming and video streaming.
Not nearly covering the extensive list, here are some of the well-known port numbers and their designated protocols.
21 – FTP (File Transfer Protocol) is a standard for transferring computer files.
22 – SSH (Secure Shell Protocol) is a way to operate network services securely over an unsecure network. By encrypting the data while going over the public internet, it enables safe communication. It enables commands to be sent remotely to a server for administration from miles away.
23 – TELNET (Teletype Network) is basically SSH without the encryption.
25 – SMTP (Simple Mail Transfer Protocol) is for electronic mail transmission.
53 – DNS (Domain Name System) enables internet users and network devices to find websites with human-readable host names rather than having to memorize IP addresses. When typing in “Greatheart.io” to access the website instead of a sequence of numbers and dots, this is DNS at work.
80 – HTTP (Hypertext Transfer Protocol) is for transferring hypermedia documents (e.g. HTML). It’s design is for communication between web browsers and web servers.
110 – POP3 (Post Office Protocol version 3) is for retrieving emails from a mail server. It simply downloads the email onto the client from the server. It only downloads what’s in your inbox folder (this excludes other folders, Drafts, Sent items, Deleted items, etc.), thus your application’s folder structure can differ between devices as is isn’t synchronized. By default, the email is deleted on the mail server once downloaded to a client device (the email reaches only one device).
137-139 – NetBIOS (Network Basic Input/Output System) is a standard API (Application Programming Interface) for using services of installed network protocol stacks. NetBT (NetBIOS over TCP/IP) isa Windows implementation of NetBIOS with a name service (udp 137 and tcp 137), datagram service (udp 138), and session service (tcp/139).
143 – IMAP (Internet Message Access Protocol), like POP3, is for retrieving emails from a mail server. However the email is kept on the server, caches local copies of the email on each of your devices, and synchronizes ALL your folders and everything that’s in them so your emails are the exactly the same between your tablet, smart phone, computer, etc.
427 – SLP (Server Location Protocol) is for computers to discover services in a local area network without prior configuration. This is common for finding network printers in Windows and in various Linux distros.
443 – HTTPS (Hypertext Transfer Protocol Secure) is an extension of HTTP that encrypts the data in-transit over the public internet.
445 – SMB (Server Message Block) is for sharing access to files on remote servers or other resources (printers, serial ports, mail slots, named pipes,etc.) on a network. While SMB2 is faster than SMB3, the latter introduced end-to-end encryption. CIFS (Common Internet File System) is an implementation of SMB rarely used now.
548 – AFP (Apple Filing Protocol) is a MacOS proprietary file protocol that’s for users to access outside system files. It also provides security features restricting access to certain files. This is specifically designed for Mac-based platforms.
3389 – RDP (Remote Desktop Protocol) is a Microsoft proprietary protocol for remote connections to other computers with encryption.
Network ports are pretty conceptual given there's no physical element to distinguish them (as "port" might make one think). It’s fascinating that we have such a variety of processes to exchange data with and exciting that we have such a list to learn about. Now you have an insight into the types, functions, and process of network ports. For more insights like this, check out our other posts!