A host in a network can send traffic to or receive traffic from different hosts at the same time. The system has no way to know which data belongs to which application. TCP and UDP solve this problem by using port numbers in their header. Common application layer protocols have assigned port numbers in the range of 1 to 1024.TCP and UDP on the receiving host know which application to send the data to based on the port numbers received in the headers.
On the source host, each TCP or UDP session assign a random port number above the range of 1024. So that returning traffic from the destination can be identified as belonging to the originating application. A combination of the IP address, Protocol (TCP or UDP) and the Port number forms a socket at both the sending and receiving hosts. in view of the fact that each socket is unique, an application can send and receive data to and from multiple hosts.
Figure 1-8 shows two hosts communicating using TCP to a single host. Notice that the hosts A and host C are sending traffic to host B. Both A and C are sending traffic destined to Port 80 but from different source ports. Host B is able to handle both the connections at the same time because of the combination of IP address, Port numbers and Protocols makes each connection different.
Figure 1-8 Multiple Sessions using Port Numbers
Following table shows the transport layer protocol and port numbers used by different common application layer protocols.
Well-known Port Numbers
POP (Post Office Protocol) is an Internet standard that defines an email server (the POP server) and a way to retrieve mail from it (using a POP client).
|Application Protocol||Transport Protocol||Port Number||Description|
|HTTP||TCP||80||HTTP is the most commonly used protocols over the Internet and private networks. HTTP is the main protocol for all web browsers and is thus used by any client that uses files on these servers.|
|FTP (control)||TCP||21||FTP is one of the protocols which is regularly used for the file transfer on the Internet and within private networks. The FTP server provides the ability to easily transfer files from one system to another. With little networking knowledge, anybody can set up the FTP server. FTP control handled on TCP port 21 and its data transfer can use TCP port 20 as well as dynamic ports depending on the specific configuration.|
|SSH||TCP||22||SSH is used to connect and manage network device remotely. It is typically used as a secure substitute to Telnet which does not support secure connections.|
|TCP||23||Telnet is the primary method used to manage network devices remotely. Like SSH it does not give a secure connection, it simply provides a basic unsecured connection. Many lower level network devices support Telnet and not SSH as it required some additional processing. Caution is important when connecting to a device using Telnet over a public network as the login credentials will be transmitted in the clear.|
|DNS||TCP, UDP||53||The DNS translate domain names into IP addresses, typically it is used for network routing. It converts the alphabetic names into numeric IP addresses. For example, when a Web address (URL) is typed into a browser, DNS servers return the IP address of the Web server associated with that name.|
|SMTP||TCP||25||SMTP has two primary functions, transfer mail (email) from source to destination between mail servers and end users email to a mail system.|
|UDP||67/68||DHCP assigning IP address automatically to the network. A DHCP server can be set up by an administrator or engineer with a pool of IP addresses that are available. When a client device is turned on it will send a request for assigning an IP address to the local DHCP server, the local server then assigns an IP address to a client device. This assignment is not on a permanent basis, all IP addresses are assigned . If an address renewal is not requested and the lease expires the address will be put back into the poll for assignment.|
|TFTP||UDP||69||TFTP offers a method of file transfer without the session establishment. It is used where user authentication and directory visibility are not required. TFTP is used by devices to upgrade software and firmware, this includes Cisco and other network vendors’ equipment.|
|POP2||TCP, UDP||109||Post Office Protocol is an Internet standard that defines an email server (the POP server) and a way to retrieve mail from it. POP has three version POP1, POP2, and POP3. POP was designed to allowing a client to retrieve the complete contents of a server mailbox and then deleting the contents from the server by a simple way.|