this post was submitted on 09 Apr 2024
228 points (95.2% liked)
Asklemmy
43895 readers
1067 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If IP addresses are for finding the specific computer on a network you're wanting to talk to, Ports are for finding the specific application you want to talk to on that computer. So kinda like a phone extension. When an application "opens" a port, they're just telling the OS "hey, if any packets come in on this port, send the data my way, I'll know what to do with it".
A firewall is a special program the OS uses to control access to its ports. It says what programs are allowed to access what ports, effectively controlling the ability for all apps to access the network.
The only other thing to know is that the first 1024 port values are usually heavily controlled by the OS because there are specific protocols that are traditionally used on those specific ports, so you usually don't want just any application claiming one of those ports willy-nilly.
Oh, and you may have had to deal with "port forwarding" on your router. This is because, if some computer outside your network sends a packet to your router targeting a specific port number, the router doesn't know which computer it should go to. So by default, it just ignores it (which is usually the safest thing to do). Port forwarding tells your router, "if any packets come in on this port, send them to the computer at this IP, they'll know what to do with it."
This is really good, I just want to clarify one thing:
Protocols are not 'used on ports', it's actually the other way around: TCP and UDP are both protocols operating on top of IP, each with its own set of ports to help direct traffic, exactly as you explained.
There are other protocols, like ICMP or GRE, that exist quite happily without knowing anything about ports (ICMP has types and codes, GRE doesn't).
Edit: I suppose it is actually a bit ambiguous because we also refer to applications (HTTPS, telnet) as protocols. I'm not sure if there is a standard way to differentiate when discussing other than just saying transport layer protocol / application layer protocol.
Yeah, didn't want to dig deep in the interest of brevity, but I didn't want to say that specific applications use those ports, even though I already said that ports in general are for applications. You can use whatever ftp, ssh, or http server you want as long as they "speak" the expected protocol.