I have a few questions in regard to the following explanation of ports I found.
The Application layer talks to the Transport layer through a port. Ports are numbered and standard applications always use the same port.
The use of a port number allows the Transport protocol (typically TCP) to know which kind of contents is inside the packet, allowing it to know, at the reception side, to which Application protocol it should deliver the received data.
Why would a port number ever be used to tell what kind of application data protocol resides inside when there's not absolute guarantee?
To my understanding, there are no restrictions to what kind of application data you send over a port (it's just a suggestion). Plus isn't the protocol data already included somewhere in the packet for this purpose?
Also, What happens to the data if you send HTTP or some other kind of protocol to a destination of port 25 (which expects SMTP)?
Third, what happens to the data if you send it to a port that isn't bound with any program, and therefore not being listened to?
**Finally, if a port can only be bound to a single program, how can multiple programs that depend on incoming HTTP data be running on my computer at the same time?****
Thanks in advance!
Answer
Why would a port number ever be used to tell what kind of application data protocol resides inside when there's not absolute guarantee?
Because guessing is a terrible way to run things, and there is no way you can stop, for example, someone malicious from sending the wrong thing anyway. So, it helps in the case where everyone is playing nice, and doesn't make anything worse.
To my understanding, there are no restrictions to what kind of application data you send over a port (it's just a suggestion).
Correct. In fact, it isn't even a suggestion, just an agreement that a lot of people happen to share.
Plus isn't the protocol data already included somewhere in the packet for this purpose?
No. At least, not at the level that the port usually indicates: you know what sort of higher level IP protocol is being sent (eg: TCP, UDP), but not what the content of that is (eg: HTTP, SMTP).
Also, What happens to the data if you send HTTP or some other kind of protocol to a destination of port 25 (which expects SMTP)?
TCP just passes the data to the application layer, which can do anything to it that it wants. Most of the time, you just get errors. Sometimes you get exploitable security holes.
Occasionally you get nice behaviour for incorrect clients, like the plain text HTTP errors that some HTTPS servers will give when you don't use SSL to the port.
Third, what happens to the data if you send it to a port that isn't bound with any program, and therefore not being listened to?
You get an ICMP error message from the receiving system. Technically, the receiver could do anything it pleased, but in practice, that is what happens.
Finally, if a port can only be bound to a single program, how can multiple programs that depend on incoming HTTP data be running on my computer at the same time?
When your browser makes an HTTP connection to a remote server it uses a random local port, and talks to the well known port (80 or 443) on the remote server. IN this case the is unique for each distinct outbound connection. (Though, technically, it doesn't have to be, as for the server case.)
On the server side, when you listen, only one process can accept new connections on a port (in Unix / BSD sockets), but it can pass the established connection to other processes to service. Because the set is unique, traffic can be routed to the right connection.
No comments:
Post a Comment