What is a port?

TCP/IP explained.

HTTP 80, SSH 22, FTP 20 et 21... ports are everywhere as soon as we start working in IT. So, what is it?

According to their function, the protocols are classified into layers. The 2 most famous models are OSI and TCP/IP. TCP/IP being easier, we will use it to understand what a port is.

The TCP/IP model

It's based on 4 layers:

  • 4 - Application : it's the hidden face of your software. The protocols of this layer are the best known : HTTP, FTP, SMTP, POP3...
  • 3 - Transport : Manage the communication between processes : error handling, multiplexing... Protocols : TCP, UDP...
  • 2- Network / Internet : Create the path to route data from the host to the destination. The host does not know the full path. The packet is routed step-by-step. It is sent to a machine, knowing a machine,..., until it reaches the final destination. Protocols : IPv4, IPv6, ARP....
  • 1 - Link / Physical : Prepare to emit and to receive frames. Then write / listen to the physical medium. Protocols : Ethernet, WiFi...

We speak of high layers to designate those close to the user. The lower layers are, conversely, those close to the physical medium.

Data encapsulation

When an application sends a request, it goes through every layer from top to bottom. During this journey, the data will be updated. Every layer will add something linked to its function, usually headers. This is called encapsulation. During the reception phase, data will go through the opposite path.

So, what is a port?

Example : you are visiting a website with your browser. You are connected to your internet box by a twisted pair cable.

  • 1 - The browser asks the system to send an HTTP request.
    Output : [HTTP request].
  • 2 - TCP adds its header.
    Output : [TCP header][HTTP request].
  • 3 - The TCP segment is provided to IP which adds its header. It contains, among others, your IP address and the website's one.
    Output : [IP header][TCP header][HTTP request].
  • 4 - Ethernet receives the IP packet which adds its header and a checksum. The header contains your MAC address and your box's one.
    Output : [Ethernet header][IP header][TCP header][HTTP request][Ethernet checksum].

The server responds with the content of the webpage. The response arrives to your computer.

Every layer will decapsulate its data. It will especially wonder who should be the next protocol to receive the data.

  • 1 - The Ethernet header contains a field "type of protocol" : data are for IP.
  • 2 - The IP header contains a field "protocol" : data are for TCP.
  • 3 - The TCP header contains a field "destination port" : data are for HTTP.

A port is nothing more than an identifier that let TCP or UDP know who to send data to.

Best known ports are : 20 et 21 : FTP, 22: SSH, 23 : Telnet, 25 : SMTP, 53 : DNS, 80 : HTTP, 8080 : HTTP alternative, 110 : POP3, 115 : SFTP, 443 : HTTPS, 546 : DHCP, 3306 : MySQL.

The ports below 1024 are reserved. They are called "well known ports".