TCP/IP For Internet Administrators
Previous Section Previous Page Query/Search Next Page Next Section

Moving Data to Application Layer Protocols

In this discussion we are primarily interested in two transport layer protocols: TCP and UDP. Once IP passes the packet to the appropriate transport protocol, the transport protocol reads two port numbers from the header, the source port and the destination port. The source port identifies the application that sent the data, and the destination port identifies the application that is to receive the data. In both TCP and UDP these are 16-bit values in the first word of the header. On most computer systems using TCP/IP the association of these numbers to specific protocols is usually defined in a text file.

On a Microsoft Windows TCP/IP system the application level protocol port numbers are defined in a file called SERVICES. On Windows NT systems this file is found in the directory %SystemRoot%\System32\drivers\etc. On a UNIX system this file is usually called \etc\protocols. On both Windows and UNIX systems the file generally follows the same format: a service name, port number/protocol, and any aliases. Each field is separated by white space (spaces or tab characters) and comments are preceded by a pound character (#). The following is an example of a typical Windows NT SERVICES file: 


    # This file contains port numbers for well-known services as defined by
    # RFC 1060 (Assigned Numbers).
    #
    # Format:
    #
    # <service name>  <port number>/<protocol>  [aliases...]   [#<comment>]
    #

    echo                7/tcp
    echo                7/udp
    discard             9/tcp    sink null
    discard             9/udp    sink null
    systat             11/tcp
    systat             11/tcp    users
    daytime            13/tcp
    daytime            13/udp
    netstat            15/tcp
    qotd               17/tcp    quote
    qotd               17/udp    quote
    chargen            19/tcp    ttytst source
    chargen            19/udp    ttytst source
    ftp-data           20/tcp
    ftp                21/tcp
    telnet             23/tcp
    smtp               25/tcp    mail
    time               37/tcp    timserver
    time               37/udp    timserver
    rlp                39/udp    resource      # resource location
    name               42/tcp    nameserver
    name               42/udp    nameserver
    whois              43/tcp    nicname       # usually to sri-nic
    domain             53/tcp    nameserver    # name-domain server
    domain             53/udp    nameserver
    nameserver         53/tcp    domain        # name-domain server
    nameserver         53/udp    domain
    mtp                57/tcp                  # deprecated
    bootp              67/udp                  # boot program server
    tftp               69/udp
    rje                77/tcp    netrjs
    finger             79/tcp
    link               87/tcp    ttylink
    supdup             95/tcp
    hostnames         101/tcp    hostname      # usually from sri-nic
    iso-tsap          102/tcp
    dictionary        103/tcp    webster
    x400              103/tcp                  # ISO Mail
    x400-snd          104/tcp
    csnet-ns          105/tcp
    pop               109/tcp    postoffice
    pop2              109/tcp                  # Post Office
    pop3              110/tcp    postoffice
    portmap           111/tcp
    portmap           111/udp
    sunrpc            111/tcp
    sunrpc            111/udp
    auth              113/tcp    authentication
    sftp              115/tcp
    path              117/tcp
    uucp-path         117/tcp
    nntp              119/tcp    usenet        # Network News Transfer
    ntp               123/udp    ntpd ntp      # network time protocol (exp)
    nbname            137/udp
    nbdatagram        138/udp
    nbsession         139/tcp
    NeWS              144/tcp    news
    sgmp              153/udp    sgmp
    tcprepo           158/tcp    repository    # PCMAIL
    snmp              161/udp    snmp
    snmp-trap         162/udp    snmp
    print-srv         170/tcp                  # network PostScript
    vmnet             175/tcp
    load              315/udp
    vmnet0            400/tcp
    sytek             500/udp
    biff              512/udp    comsat
    exec              512/tcp
    login             513/tcp
    who               513/udp    whod
    shell             514/tcp    cmd           # no passwords used
    syslog            514/udp
    printer           515/tcp    spooler       # line printer spooler
    talk              517/udp
    ntalk             518/udp
    efs               520/tcp                  # for LucasFilm
    route             520/udp    router routed
    timed             525/udp    timeserver
    tempo             526/tcp    newdate
    courier           530/tcp    rpc
    conference        531/tcp    chat
    rvd-control       531/udp    MIT disk
    netnews           532/tcp    readnews
    netwall           533/udp                  # -for emergency broadcasts
    uucp              540/tcp    uucpd         # uucp daemon
    klogin            543/tcp                  # Kerberos authenticated rlogin
    kshell            544/tcp    cmd           # and remote shell
    new-rwho          550/udp    new-who       # experimental
    remotefs          556/tcp    rfs_server rfs# Brunhoff remote filesystem
    rmonitor          560/udp    rmonitord     # experimental
    monitor           561/udp                  # experimental
    garcon            600/tcp
    maitrd            601/tcp
    busboy            602/tcp
    acctmaster        700/udp
    acctslave         701/udp
    acct              702/udp
    acctlogin         703/udp
    acctprinter       704/udp
    elcsd             704/udp                  # errlog
    acctinfo          705/udp
    acctslave2        706/udp
    acctdisk          707/udp
    kerberos          750/tcp    kdc           # Kerberos authentication--tcp
    kerberos          750/udp    kdc           # Kerberos authentication--udp
    kerberos_master   751/tcp                  # Kerberos authentication
    kerberos_master   751/udp                  # Kerberos authentication
    passwd_server     752/udp                  # Kerberos passwd server
    userreg_server    753/udp                  # Kerberos userreg server
    krb_prop          754/tcp                  # Kerberos slave propagation
    erlogin           888/tcp                  # Login and environment passing
    kpop             1109/tcp                  # Pop with Kerberos
    phone            1167/udp
    ingreslock       1524/tcp
    maze             1666/udp
    nfs              2049/udp                  # sun nfs
    knetd            2053/tcp                  # Kerberos de-multiplexor
    eklogin          2105/tcp                  # Kerberos encrypted rlogin
    rmt              5555/tcp    rmtd
    mtb              5556/tcp    mtbd          # mtb backup
    man              9535/tcp                  # remote man server
    w                9536/tcp
    mantst           9537/tcp                  # remote man server, testing
    bnews           10000/tcp 
    rscs0           10000/udp
    queue           10001/tcp
    rscs1           10001/udp
    poker           10002/tcp
    rscs2           10002/udp
    gateway         10003/tcp
    rscs3           10003/udp
    remp            10004/tcp
    rscs4           10004/udp
    rscs5           10005/udp
    rscs6           10006/udp
    rscs7           10007/udp
    rscs8           10008/udp
    rscs9           10009/udp
    rscsa           10010/udp
    rscsb           10011/udp
    qmaster         10012/tcp
    qmaster         10012/udp

Well Known Ports are those from 0 through 1023. The assignment of port numbers in this range is controlled by the IANA. On most systems port in this range can only be used by system (or root) processes or by programs executed by privileged users.

The Registered Ports are those from 1024 through 49151. They are not controlled by the IANA and on most systems can be used by ordinary user processes or programs executed by ordinary users. While the IANA can not control usage of these ports it does register or list uses of these ports as a convenience to the community.

The Dynamic and/or Private Ports are those from 49152 through 65535. These are assigned dynamically by software.

The numbers used by TCP/IP protocols are assigned and published by a group called the Internet Assigned Number Authority (IANA). The lists of assigned numbers maintained by the IANA are regularly documented as an RFC, the latest of which at the time of this writing being RFC 1700. These lists are also available via FTP.

Port numbers are not necessarily unique between transport layer protocols. TCP and UDP do assign the same port numbers for similar and sometimes different purposes. It is the combination of the transport protocol and application port that uniquely identifies the application to which the data should be delivered.

When a software application, such as Telnet or FTP, initiates a connection across TCP/IP, the application level protocol randomly selects a dynamic port number for the source, and the well-know port for the destination. This allows multiple users on a single computer or multiple instances of the same program on one computer to run concurrent sessions of the same application. The remote computer can tell the sessions apart by using the IP address and application protocol source port to uniquely identify the connection.

The combination of an IP address and a port number is called a socket. On a Microsoft Windows system the common interface for accessing TCP/IP is called Windows Sockets, or WinSock for short. A pair of sockets, one source and one destination, defines the communication session for a connection oriented protocol such as TCP.

Previous Section Previous Page Query/Search Next Page Next Section