Sign in with
Sign up | Sign in
Your question
Solved

Packets Vs Port-Forwarding

Tags:
  • Internet Access
  • Port Forwarding
  • Networking
  • Games
  • Web Server
Last response: in Networking
Share
September 20, 2014 6:51:12 PM

I run a web server which of course runs on port 80, and there is one thing I never quite understood: why do ports need to be used? If you take something like a video game console, there are no ports opened in order for people to chat with each other and play games with each other, so why in some cases are ports needed and other times not? Why not just use packets instead of ports for things like web servers?

More about : packets port forwarding

a b 2 Internet access
September 20, 2014 7:00:51 PM

Of course game consoles use ports. It is a fundamental part of TCPIP. If you did not run a web server how would you even know it used port 80. To the uneducated user they just type the name of the site in the url bar and it magically works.
Just search for firewall ports and the name of the game console you use. You will quickly get a list of the common ports that brand uses
m
0
l
September 20, 2014 7:03:23 PM

bill001g said:
Of course game consoles use ports. It is a fundamental part of TCPIP. If you did not run a web server how would you even know it used port 80. To the uneducated user they just type the name of the site in the url bar and it magically works.
Just search for firewall ports and the name of the game console you use. You will quickly get a list of the common ports that brand uses

I understand ports are always used when accessing websites. But why is port-forwarding not needed for something such as an Xbox or gaming console whereas port-forwarding is necessary for a web server? Without forwarding ports, how are gaming consoles identified uniquely? If I have two identical gaming consoles playing a game online, how does data not then get confused between the two?
m
0
l
September 20, 2014 7:04:52 PM

TCP/IP configuration/theory could take hours to discuss and even longer to learn all the concepts....there are many reasons for this - security being one of them. You don't want just anyone to have complete access to your computer/gaming console/web server.....
m
0
l
a b 2 Internet access
September 20, 2014 7:14:05 PM

Port forwarding is related to how NAT works. Game consoles use a feature called UPNP that dynamically port forwards some things but it does not work for all. Just because you did not key it in does not mean there is not port forwarding. This is also why you see massive discussions of how do I fix strict nat. Also the game console many times connect via a central server so all session appear to be outgoing.
m
0
l

Best solution

September 20, 2014 7:50:30 PM

turkey3_scratch said:
I run a web server which of course runs on port 80, and there is one thing I never quite understood: why do ports need to be used? If you take something like a video game console, there are no ports opened in order for people to chat with each other and play games with each other, so why in some cases are ports needed and other times not? Why not just use packets instead of ports for things like web servers?


Ports need to be used to separate flows of data.

A combination of IP Address and Port forms what is known as a socket. A server application can listen on a socket and accept any number of incoming connections on that socket (TCP) or read bulk unsorted data (UDP).

When an Ethernet frame arrives at an NIC the device driver inspects the header of the frame and decides what to do with it. It first inspects the physical address (MAC Address) attached to the frame to ensure that the frame was in fact destined for that particular NIC (this may be done by the NIC itself). If the physical address doesn't match, the frame will be discarded.

If the physical address matches, the contents of the Ethernet frame will then be inspected. The contents of the frame form a packet conforming to a particular protocol (packet and frame are used somewhat interchangeably, but I prefer to use frame at the link layer and packet for the rest). Most of the time the packet will be an IP packet.

The header of the IP packet is inspected for a virtual address (also known as an IP Address). The operating system tries to match the IP address to one that is bound to the NIC (each NIC can have multiple IP addresses). If the IP packet does not contain a destination IP address that matches one bound to the NIC, the packet is discarded.

If the IP address matches, the port and transmission protocol are then inspected. The operating system will attempt to match the port and protocol to a socket that is open by an application on the computer. If the port is not open, the packet is discarded. If the protocol doesn't match, an error may be returned or the packet may be discarded.

If the protocol is TCP, the data will further be sorted by connection. TCP guarantees that each client communicating with a server can send data to that server independently of all other clients and that the data from each client will either arrive intact (to the application) and in the order that it was sent or it will not arrive at all.

If the protocol is UDP, the data will not be sorted. It may arrive out of order, it may not arrive at all, and packets from clients may be interleaved.

TCP is a stateful, connection oriented protocol. It places a large burden on the operating system and demands very little from the application; as a consequence though, it has a large amount of overhead. UDP on the other hand places a large burden on the application.

TCP is not idea for applications that are time sensitive. Most games will use TCP for establishing and setting up the game environment, and UDP for transmitting player actions. Player actions are not critical as there's rarely any grave consequences if a few player packets go missing as the missing data will be replaced by later transmissions.

Just to be clear, all internet communication uses packets and ports.

Each socket (an IP and Port combination) can only be bound by one process at a time. A computer may have several services including a web server, mail server, DNS server, and FTP server all running at the same time. These services may all share the same IP address, but they must use different ports. Fortunately, those services that I listed are all well established and use well known port numbers.

Web servers run on port 80 by default
Mail servers use a variety of ports including 25 for SMTP, 110 for POP, and 143 for IMAP
DNS uses port 53 by default
FTP servers run on port 20 and 21

You can see a list of well known port numbers here

The port number is used by the operating system to sort the incoming IP data and ensure that it is sent to the correct process. It would be problematic if HTTP traffic intended for a web server were instead sent to an SMTP mail server.

So why don't regular users have to worry about ports?

IP communication (which includes UDP, TCP, and other transmission layer protocols) occur between socket pairs. One half of the pair belongs to the client and the other half of the pair belongs to the server. Each IP packet includes the source IP, source port, destination IP, and destination port. This works in both directions, so when the client initiates the connection to the server it places its own IP and Port in the source socket, and the server's IP and Port in the destination socket. When the server responds, its own IP and Port will be the source, and the client's IP and Port will be the destination.

Above I discussed well known server ports for various services such as HTTP, SMTP, DNS, and FTP. When the appropriate service is running, these ports must be open and reachable from the outside world. If the service is running behind a consumer gateway/router the owner may have to use Network Address Translation to forward an external socket to an internal socket. However, the client also needs a socket to reach out, so where do these come from? Client sockets are no different than server sockets with the exception that the port number is different. Client ports are called ephemeral ports or dynamic ports. Ephemeral ports are designed to be short lived, and the numeric range for these ports is recommended to be 49152 to 65535. When your web browser connects to Tom's Hardware's web server to fetch this page it will most likely use a port in that range for the client socket.

Of course, the port number would be meaningless if the server's reply is simply blocked at the NAT gateway. Fortunately, NAT gateways can detect outbound connection attempts and will automatically port forward ephemeral ports. The forwarding will be terminated several minutes after the connection is closed. Since the client is always the connection initiator, the same cannot be done for server sockets. A bound server socket will not have any outbound traffic until a client connects to it. The gateway/firewall has no knowledge of an open server socket on the inside and will not forward an outward facing port automatically. Many NAT gateways and routers support Universal Plug and Play (UPnP) which allows supporting operating systems to inform the device of the new socket and will forward the port automatically. This is not always advised though as it can be insecure.

I hope that this post was helpful!
Share
September 20, 2014 8:25:17 PM

@pinhedd: Thank you so much! And to all of you!
m
0
l
!