Network Basics: TCP/UDP Socket and Port Overview
To manage the connection between application layer network protocols, TCP and UDP use ports and sockets. TCP and UDP operate at the host-to-host layer in the IP communication model and provide host-to-host communication services for the application layer protocol. This means an application layer protocol is on one IP host connecting to an application layer protocol on another IP host.
In most situations, these host-to-host connections have a sever process running on one host and a client process running on the other host. Examples of this host-to-host connection include a web browser connecting to a web server; or a Secure Copy Protocol (SCP) client (such as WinSCP) connecting to an SCP server.
A port is a TCP or UDP connection point. Think of them as receptacles on an old-fashioned telephone switchboard. There are 65,536 (or 2^16) ports available for a host to manage connections, numbered from 0 to 65,535 for each TCP and UDP. When you establish an application server running on an IP host, you configure that server to be used (or bound to) a specific TCP or UDP port.
By associating the application layer server to use a specific port, you have created a destination that a remote IP host can connect to.
When the remote IP host connects to an application layer server, the connection the host makes is to a port operating on a specific IP host (identified by an IP address). This pairing of an IP address and a port as a connection endpoint is a socket.
In that old-fashioned switchboard analogy, the socket has two connectors connected to each client’s phone: one is a receptacle, and the other is a plug. Think of these connectors as the ports, but because the port is associated with a phone, together they make a socket, such as the TCP or UDP port, when paired with an IP address is a socket.
To make a phone connection for a client, the operator takes the plug for one client and connects it to the socket for the other client. With IP, the client application has a port that it operates on, so on the client host, there is an IP address and port for the client side of the connection; this is a socket.
On the server side of the connection is an IP address for the server and a port to make a socket on the server host. To establish a connection between the client application layer and the server application layer is a virtual connection between these two sockets.
This example will walk you thru the process of connecting to a website, such as Wiley. You would open your web browser (like Mozilla Firefox) and type www.wiley.com into the address bar. Your web browser uses a Domain Name System (DNS) server to look up the name www.wiley.com to identify its IP address is. For this example, the address is 192.0.2.100.
Firefox makes a connection to the 192.0.2.100 address and to the port where the application layer web server is operating. Firefox knows what port to expect because it is a well-known port . The well-known port for a web server is TCP port 80.
The destination socket that Firefox attempts to connect is written as socket:port, or in this example, 192.0.2.100:80. This is the server side of the connect, but the server needs to know where to send the web page you want to view in Mozilla Firefox, so you have a socket for the client side of the connection also.
The client side connection is made up of your IP address, such as 192.168.1.25, and a randomly chosen dynamic port number. The socket associated with Firefox looks like 192.168.1.25:49175. Because web servers operate on TCP port 80, both of these sockets are TCP sockets, whereas if you were connecting to a server operating on a UDP port, both the server and client sockets would be UDP sockets.