Ports are one of those mysterious things that actually have a very specific and very well defined meaning to computers and the internet. But for the rest of us, well they’re just so much magic.
Let’s see if I can clear some of that magic up.
Ports are constructs
First, you’re right, a port is nothing more or less than a software construct. It’s an idea; a concept, a number – nothing more. It’s not a physical thing at all.
It lives in the software that’s written to run on devices that interconnect to each other over the internet; more correctly, any TCP/IP based network. But I’ll focus on the internet as the most ubiquitous example.
And for clarity, TCP/IP is just the protocol; the language that defines how computers talk to each other over a network.
Computers talking to one another
To understand how ports work, we need to step back just a little and first understand what happens when computers attempt to communicate with each other on the internet.
When you, for example, go to a web page from a website like askleo.com, several things happen. First, your computer, or more correctly the web browser running on your computer, has to turn that string, “askleo.com”, into the IP address of the computer out there on the internet that actually holds the askleo.com website.
Now the internet is all about numbers and in fact, only numbers at its core, and this is no exception. So, step one is that askleo.com is transformed into an IP address: 220.127.116.11 in this case. That number is used by all of the networking equipment between you and the askleo.com web server to route your request to that server.
That means your ISP; the ISP your ISP connects to; the ISP that the server hosting company connects to; they all use that number just like you might use someone’s street address to send them a letter – except that on the internet, that street address is just a number – a number as it turns out between 0 and 4 billion (with a few exceptions).
Ports specify the topic of conversation
So, your request makes it to the server; what then?
Most servers sitting on the internet can actually do many things. More than just give you web pages, they can send and receive email, manage databases, upload and download files and much, much more. How does the server know what it is that you’re asking it to do?
That’s where port numbers come in. The request so far has been to an address. That identifies the server. And the port number, 80 in this case, tells the server what it is you want it to do.
Port 80 happens to be the port number used to identify requests for web pages, specifically web pages that you ask for using http. There’s nothing special about 80. It could be any number actually but sometime back people that designed all of these things decided to standardize on the number 80 to represent web pages.
Different ports for different tasks
If you are connecting to download a file while using FTP, you might use port 21.
If you are requesting an encrypted web page using https, well, that’s a different port number too – port 443.
Normally, you never need to know about these ports because the software you use, your web browser, your email program and whatnot already know which port to use for what kind of request. But ultimately, a port is nothing more than a standardized number that’s included in a request that your computer makes of another computer to identify exactly what kind of request it is.
Ports are kind of like department numbers
You might think of it as a department if you were sending a letter to a large company.
The IP address would be equivalent to the physical address of the company and the port number might be the department within the company that’s supposed to handle your letter. Rather than having someone read your letter as soon as it gets to the company to try and figure out where it’s supposed to go within the company, the port number, the department, tells exactly who in the company should handle your letter.
That metaphor is actually not too far off when it comes to what’s actually happening on the server.
Remember, a server is just a computer, not unlike yours or mine. It has programs running on it. often times many programs. Some of those programs are conceptually said to be “listening” for incoming requests on the ports that they’ve been assigned. So, when a request arrives at the server the number 80, as part of that request, tells the server’s networking software, also just another program, that the request should be handled by the program that’s currently listening to handle http requests. In other words, as soon as it sees the number 80, it knows that this request is for the web server “http department”.
If it’s email you’re sending to the server, then port 25 tells the server to hand off the request to the mail server software that’s running on that machine.
Let’s say you make an attempt to send mail to a server that’s not running mail server software. What then?
The request your computer makes of the server at its IP address includes the port number 25 indicating that it wants the request to be handled by the SMTP mail server software running on that machine. But there’s no mail server software running there to handle it. The networking software with no program to handle a request to that service identified by that port number rejects the request. In fact, it rejects even the attempt to connect because there’s nothing to connect to. That server simply doesn’t handle mail requests, which are identified by port 25.
That would be like your written mail being addressed to a department that doesn’t exist at the company that you send it to. The letter’s going to get rejected.
If you’ve ever manually configured an email program like Outlook or Thunderbird, you’ve seen port numbers. There are defaults like 25 for sending but sometimes your ISP will tell you to use a different number. They’ve set up their servers to use a different number to identify the mail that’s being sent by their customers. If you enter that number wrong, mail fails to send because the port number you entered is like addressing to a department that doesn’t exist.
Ports and firewalls
Port numbers also play an important role in how firewalls work.
A firewall might sit conceptually in front of a server on the internet. It could be software on the server itself or it could be hardware. One of the firewall’s jobs is to look at each request that’s being made of the server and decide if that request should be allowed through. And one of the things it looks at is the port number identifying the service that’s being requested and that’s included with the request.
Let’s say I want to disable remote administration of my server from any IP address other than my own. Requests for other services like web pages on the askleo.com website, need to be allowed through.
The firewall needs only to look at the port number included in incoming requests and if it’s port 22, indicating the administration access that I’ve talked about, it automatically then denies the request unless it happens from my IP address. If the port number is something other than 22, the request is allowed through without any further checking. For me, that’s an added layer of security preventing hackers from trying to break in through an administration port while still allowing the server to continue act as a web server to anybody.
So, ultimately, a port number is just a number that’s included with requests made at servers to indicate what kind of service the request is all about. It’s just a concept – a number that’s used by the software at both ends of an internet connection.