v.F21.0.

0 – © 2021 Simon Galton

COMP-CO910
Introduction to Networking

Module 8: Network Ports

v.F21.0.0 – © 2021 Simon Galton

Today’s Agenda
• A high-level explanation of network ports
• “Well-known ports”
• “Registered ports”
• “Dynamic ports” / “Ephemeral ports”
• Commonly used ports

• Your presentation assignment!

2
v.F21.0.0 – © 2021 Simon Galton

Network Ports
• In our last discussion we introduced the concept of ports (and,
when combined with a node’s IP address, sockets)
• Recall that although every network node on a TCP/IP network
has an IP address (actually, it can have more than one, but
that’s not really the point), but if we want to provide lots of
services from that host we need a secondary identifier to
connect to that service – that’s our port number
• Our analogy compared system addresses + port numbers to
the street addresses of apartment buildings + apartment unit
numbers
3
v.F21.0.0 – © 2021 Simon Galton

Network Ports
• Ports are really the endpoints for communications with a
network device
• With TCP/IP networking you must use a socket – in other words
you never just connect to a server via its address, you must
always specify a port at that address
• Both the TCP and UDP transport protocols use ports
• A port is a number between 0 and 65535 – but there’s some
structure to that range (we’ll get back to that idea shortly)
4
v.F21.0.0 – © 2021 Simon Galton

Network Ports
• When writing a network application, programmers create a
type of file descriptor (don’t worry, you’ll be doing that in your
programming classes soon enough, if you haven’t done so
already) called an internet socket that combines the
specification for the transport protocol, the IP address and a
port number
 This is called binding – it’s how a socket is created
• The OS now transmits outgoing data from all the application
ports onto the appropriate network and forwards incoming
packets to running processes by matching the packet’s
destination IP address and port number to a socket
5
v.F21.0.0 – © 2021 Simon Galton

Network Ports
• Only one process can bind to a specific port number on a given
address
 After all, how would the OS know which process to hand the incoming
packet to if many of them could bind to the same socket?
• In situations where many incoming connections to a port are
expected, such as a web server, a commonly used technique
has one process monitoring the port for incoming requests (this
process is then known as a listener) that hands off incoming
clients to other processes to do the work requested, while the
listener immediately goes back to monitoring for incoming
connections
6
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Well-Known Ports

• So how does a network service pick a port to use? There are
over 65 000 of them – is there a system here?
 As we mentioned, there is indeed some structure to all of this
• Scenario: you are using your computer to browse a website –
let’s use MyMohawk as our example
• You use MyMohawk.mohawkcollege.ca as your URL in your
browser – you initiate a new socketed connection
• Hold on – we have repeatedly said that a socket is an IP address
and a port number and we’re not specifying a port number here!
7
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Well-Known Ports

• Let’s peel things back and look at what’s happening behind
the curtain
 The URL is the nice, human-readable name for the website but, of
course, the computer needs the IP address – so, it gets that name into
an IP by using a DNS resolver
 You’ve probably noticed that web browsers don’t ask you what protocol
you want to use – they just assume you want to use HTTP (HyperText
Transfer Protocol)
 Did you know that most browsers support many other protocols? That’s a fun gopher
hole to dive down (that’s another networking joke – you’ll have to look it up)…

8
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Well-Known Ports

• Let’s peel things back and look at what’s happening behind
the curtain
 How do you know they assume HTTP? Depending on the browser it is
automatically displayed, or you may have to double-click on the URL:

 You are likely to see a variant of HTTP on most modern websites called
HTTPS, but the underlying idea we’re explaining here is the same

9
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Well-Known Ports

• Let’s peel things back and look at what’s happening behind
the curtain
 Because you’re using HTTP as your protocol, the browser automatically
chooses port 80 when connecting to the remote machine
 Why port 80? Well, it’s the well-known port number for web services!
 When creating the socket on your computer, the web browser also
needs a port number for your side
 It can’t choose port 80 – for one thing, that’s for web servers, not for
web clients and it would also be inconvenient if you were requesting
multiple web pages at once (which one can use port 80 now?)
10
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Well-Known Ports

• Let’s peel things back and look at what’s happening behind
the curtain
 So, your web browser chooses a random port number from a very
specific range of numbers (we’ll get back to this later)
 Your side of the socketed connection will therefore be your IP address +
the (randomly) selected port number (for example, 192.168.0.10:60189)
 The connection now looks like this:

192.168.0.10:60189 52.60.149.28:80 11
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Well-Known Ports

• Clearly, then, certain services are known to listen on specific
network ports – but which ones?
• Common services are assigned to what we call well-known ports
• The port number range for them is 0-1023
• 0 is reserved, so it doesn’t really count
• This range is for system-level services as well as a large number
of core applications, such as E-mail, printing, web services,
databases, directory services, etc.
12
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Well-Known Ports

• In most operating systems, for a process to bind to a well-
known port it must be running as an administrator
Editing a Document
• What does this mean? Print Services
Network File Services

• Every process runs under the authority of a specific user on the

system:
System
Administrator

Regular
Users

13
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Well-Known Ports

• In the picture we just displayed (which was an abbreviated list
of processes on a Linux system) we pointed out that several
processes were running as the user named root, which is the
system administrator user on UNIX-based systems
 These processes would be allowed to bind to a well-known port
 The other processes are running as regular system users, so they would
not be allowed to bind to a well-known port
 This restriction is in place because client nodes will be trying to locate
known server applications on these ports, which are often infrastructure-
level (e.g. DNS) and you don’t want some game or other user-run
application to interfere with that!
14
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Registered Ports

• Ports in this range are not controlled or assigned and processes
run by regular system users are permitted to bind to them
• The port number range for registered ports is 1024 to 49151
 On some operating systems this range can overlaps with another range
we’ll discuss shortly, but current practices generally guarantee this range
to be safe to use as registered ports
• Not every application or service can be granted a well-known
port, and software authors should be allowed to innovate – this
is the port range they should use
15
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Registered Ports

• Of course, it is possible (and, in fact, common) for different
programs to choose the same port number for their services
 If they were to run on the same system only the first one would be able to
bind to that port, and the others would get an error from the OS reporting
that the port is in use
 Programmers generally write their software to allow users to configure
which port the application will try to use
• A registry of these ports has been established so that the
default port number chosen by the programmer is far less likely
to be “taken” – hence the name registered ports
16
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Dynamic/Ephemeral Ports

• The remaining port numbers are set aside for what are known
as dynamic ports, ephemeral ports, or sometimes private ports
(yes, these three names all refer to the same range) (sorry)
• The port number range for this group is 49152-65535
 Some operating systems that routinely simultaneously run a large
number of client applications (e.g. Linux) use a range of 32768-65535
when needed
 Of course, applications are not permitted to bind to one of these
ports if it is already in use on the system
17
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Dynamic/Ephemeral Ports

• The intention behind ephemeral/dynamic ports is that they be
used only for a short time (for the duration of a specific
communication session)
• These ports are allocated as needed on a temporary basis and
are only valid for the single session they are allocated for – after
the session is complete the port is released and is available for
reuse
• We have already mentioned using these ports (well, we showed
it, but never explained it)…
18
v.F21.0.0 – © 2021 Simon Galton

Network Ports: Dynamic/Ephemeral Ports

• In our example of client systems requesting a resource from a
server (e.g. a web page request) we have shown the client side
of the socketed connection using a port in this range:

192.168.0.10:60189 52.60.149.28:80
Client computer requesting a web page Web server for
from mymohawk.mohawkcollege.ca mymohawk.mohawkcollege.ca
19
v.F21.0.0 – © 2021 Simon Galton

Commonly Used Ports

• Systems and network administrators (as well as many
programmers) tend to learn and remember the commonly used
port numbers – largely because they use them so regularly
• A few items from this list include:
Port # Service Port # Service Port # Service
20 FTP (Data) 67 DHCP Server 143 IMAP4
21 FTP (Control) 68 DHCP Client 389 LDAP
22 SSH 69 TFTP 443 HTTPS
23 Telnet 80 HTTP 445 Active Directory
25 SMTP 88 Kerberos Auth. 445 SMB file sharing
53 DNS 110 POP3 873 rsync
20
v.F21.0.0 – © 2021 Simon Galton

Presentations! Yay!
• There are a LOT of protocols and ports out there – far too many
for us to discuss in any detail as a class
• However, we can still spend some time learning about them
then presenting our findings to the rest of the class
• That’s right – you’re each going to investigate a protocol and
port and give a 7-10 minute presentation about it to the class!

21
v.F21.0.0 – © 2021 Simon Galton

Presentations! Yay!
• I have no doubt that you’ll be spellbound by your colleagues
work and will be eager to attend all the presentations
• Of course, because you will also be contributing feedback to
the presenter of two other presentations you’ll have yet
another reason to listen closely and appreciate their efforts!
 Did you know that you’ll soon be taking a class that is designed to boost
your presentation skills?
 Communications skills are ranked even higher than many technical skills
by the companies that employ our students and graduates, so it’s one of
our priorities to build your presentation confidence and skills!
22
v.F21.0.0 – © 2021 Simon Galton

Presentations! Yay!
• I have posted a signup form and you will put your name against
the protocol you want to research and present
• First-come, first-served – sign up quickly if there’s something
that catches your eye
• If there’s a protocol not on the list that you really, really want
to share with us just let me know – I’d be happy to add it to the
list with your name on it!

23
v.F21.0.0 – © 2021 Simon Galton

Presentations! Yay!
• I know you’ve got lots of other stuff going in your other classes,
so you’ll have a few weeks to come up with something you’ll
be proud to present
• I’ll also give you some time in this class to take a look at the list
of options and to investigate which one you might want to sign
up for
• Some of you may choose to start pulling some facts together as
well

24
v.F21.0.0 – © 2021 Simon Galton

Presentations! Yay!
• The details of the assignment are posted, including how the
presentations will be graded – but I know it’s a little daunting
when you don’t know what I’m looking for (and this is probably
the first presentation you’re doing here at College)
• So, I think I’ll spend a few minutes modelling what I’m looking
for! I’m going to give you an example presentation!
 Of course, I’m not going to use a real protocol – I’ll save them for
you to present!
 Will someone be willing to time me? I’m shooting for 7-8 minutes,
which should leave a couple of minutes for questions at the end
25
v.F21.0.0 – © 2021 Simon Galton

EXAMPLE PRESENTATION
v.F21.0.0 – © 2021 Simon Galton

Welcome!
• Today’s Agenda:
• Introduction
• My Protocol!
• What is it?
• What port does it use?
• What was it created to do?
• Two fun facts about my chosen protocol
• Q+A
27
v.F21.0.0 – © 2021 Simon Galton

Introduction
• My name is Simon Galton
• My student number is, well, I
don’t have one because I am a
Professor at Mohawk College
• I have worked in the IT field for
almost 30 years
• For a large part of my career I
built giant Linux computer
clusters!
28
v.F21.0.0 – © 2021 Simon Galton

My Protocol
• After reading the list I realized there was only one protocol that
I wanted to present:

TERMNATR

29
v.F21.0.0 – © 2021 Simon Galton

My Protocol: TERMNATR
• The TERMNATR protocol uses port 1984
• It was created by Cyberdyne systems
• Most of the work was done by Skynet, one of their subsidiaries
• Several updated versions have also been created
• Runs on many platforms
• Can often be mistaken for other protocols

30
v.F21.0.0 – © 2021 Simon Galton

My Protocol: TERMNATR
• The TERMNATR protocol was created to eliminate running or
potential occurrences of any process name John Connor
• If it cannot find John Connor it will seek to stop it’s parent
process that is usually called Sarah Connor
• The protocol follows a simple multi-step process:

31
v.F21.0.0 – © 2021 Simon Galton

My Protocol: TERMNATR
T T
A
E R
G
R E
M T

N S
Y
A S
T T
E
R M
32
v.F21.0.0 – © 2021 Simon Galton

My Protocol: TERMNATR – Fun Fact #1

• There are several fun facts that I’d like to share about the
TERMNATR protocol
• Several newer versions have been released:
• TERMNATR2 Port # 1991
• TERMNATR3 Port # 2003
• TERMNATR:S Port # 2009
• TERMNATR:G Port # 2015
• TERMNATR:DF Port # 2019

33
v.F21.0.0 – © 2021 Simon Galton

My Protocol: TERMNATR – Fun Fact #1

• When TERMNATR:G was created the writers discarded
anything added to the codebase since version TERMNATR2
• It is unknown if the original author had anything to do with
this decision
• Interestingly, it seems the same applied to the TERMNATR:DF
update, as it also discarded anything added since TERMNATR:2
• Many users remain unhappy with the performance of the
later releases
34
v.F21.0.0 – © 2021 Simon Galton

My Protocol: TERMNATR – Fun Fact #2

• To date, the original TERMNATR version has yet to successfully
complete its mandate
• Neither has TERMNATR2, TERMNATR3, TERMNATR:S, or
TERMNATR:G
• TERMNATR:DF, on the other hand, has been successful – but
because it was not coded with instructions for what to do after
it was successful it actually helps the system prevent other
versions of TERMNATR from running

35
v.F21.0.0 – © 2021 Simon Galton

My Protocol: TERMNATR
• Are there any questions?

36
v.F21.0.0 – © 2021 Simon Galton

End