207

It's from this answer:

https://stackoverflow.com/questions/2482411/is-this-pdo-bug-fixed-now/2482424#2482424

When the host is "localhost", MySQL Unix clients use a Unix socket, AKA Unix Domain Socket, rather than a TCP/IP socket for the connection, thus the TCP port doesn't matter.

Jesse Nickles
  • 250
  • 1
  • 12
apache
  • 3,027
  • 6
  • 25
  • 25

3 Answers3

320

A UNIX socket, AKA Unix Domain Socket, is an inter-process communication mechanism that allows bidirectional data exchange between processes running on the same machine.

IP sockets (especially TCP/IP sockets) are a mechanism allowing communication between processes over the network. In some cases, you can use TCP/IP sockets to talk with processes running on the same computer (by using the loopback interface).

UNIX domain sockets know that they’re executing on the same system, so they can avoid some checks and operations (like routing); which makes them faster and lighter than IP sockets. So if you plan to communicate with processes on the same host, this is a better option than IP sockets.

Edit: As per Nils Toedtmann's comment: UNIX domain sockets are subject to file system permissions, while TCP sockets can be controlled only on the packet filter level.

Fenhl
  • 103
  • 3
pQd
  • 29,561
  • 5
  • 64
  • 106
  • 30
    Maybe add that UNIX domain sockets are subject to file system permissions, while TCP sockets are not. As a result, it is much easier to regulate which users have access to a UNIX domain socket than it is for a TCP socket. – Nils Toedtmann Feb 12 '15 at 15:59
  • @pQd, Dude can you call it Unix IPC instead of Unix Sockets? – Pacerier Feb 19 '17 at 22:25
  • 7
    @Pacerier Unix sockets is simply one way to achieve unix IPC (shared Interprocess memory amongst others), so it wouldn't be correct to call unix sockets unix IPC . – fyquah95 May 28 '17 at 17:53
  • TCP sockets are handled by Unix too? TCP sockets is part of the TCP protocol specification or any protocol could use IP Sockets ? – Federico Jun 01 '17 at 14:48
  • @Federico I posted an answer which tries to address your query, if you require more depth please post a new question. – Peter Green Sep 13 '18 at 17:31
41

You can list your own machine local unix sockets with the following command:

Linux:

netstat -a -p --unix

MacOS: [jbmeerkat comment]

netstat -a -f unix

Have fun!

The Unix Janitor
  • 2,388
  • 14
  • 13
  • Is there a similar command for windows? – apache Mar 20 '10 at 14:28
  • 10
    Unix sockets don't exist on Windows. `netstat` does however work on Windows. – Mark Tomlin Jul 17 '12 at 14:29
  • 6
    @apache, similar thing in Windows called "Named pipes". – expert Nov 01 '12 at 06:34
  • 8
    Named pipes are present on Linux as well. – Sahil Singh Aug 04 '16 at 23:23
  • 12
    @expert, named pipes in Windows is equal to named pipes in Unix. IPC sockets in Unix have no equivalence in Windows – Pacerier Feb 19 '17 at 22:29
  • https://msdn.microsoft.com/en-us/library/windows/desktop/aa365574(v=vs.85).aspx#base.using_pipes_for_ipc – Ejoso Aug 11 '17 at 15:19
  • 4
    Note one difference is that named pipes can only have one client connected at a time (2 processes communicating total). UNIX sockets, like IP sockets, can have multiple clients connected at once, each getting separate responses back. – peterflynn Aug 16 '17 at 21:36
  • 2
    Ejoso in that article it says that in order to have two way communication you have to create two separate pipes, same as if you were doing pipes on linux. Also you cannot distinguish between multiple clients connected to one server address. Unix domain sockets allow two way comm and multiple clients, same as IP sockets. Named pipes are not the same as sockets. – theferrit32 Mar 02 '18 at 15:37
  • 7
    Windows 10 has support for Unix sockets. There are some limitations, but it's available: https://blogs.msdn.microsoft.com/commandline/2017/12/19/af_unix-comes-to-windows/ – Tyson Jul 30 '18 at 02:45
  • 4
    or `netstat -a -f unix` on MacOS – jbmeerkat Jun 07 '19 at 09:37
30

What's the difference between Unix socket and TCP/IP socket?

A TCP/IP socket is used for communication across TCP/IP networks. A connected TCP socket is identified by the combination of local IP, local port, remote IP and remote port. A listening TCP socket is identified by local port and possibly local IP. As I understand it, at least on linux TCP/IP sockets always result in the generation and decoding of TCP/IP packets, even if the client and server are on the same machine.

A unix domain socket (sometimes shortened to unix socket) on the other hand operates on a single machine. Listening sockets live in the filesystem hierarchy and access to them can be controlled by filesystem permissions.

Furthermore a process accepting a connection on a Unix socket can determine the user ID of the process that connects. This can avoid the need for an authentication step. Rather than generating a password for your database server and including a copy of it in your webapp's code you can just tell the database server that the user running the webapp has access to the corresponding user account in the database.


TCP sockets are handled by Unix too?

Of course

TCP sockets is part of the TCP protocol specification

Internet protocol specifications only tend to concern what happens on the wire, the TCP spec contains a definition of Socket but that definition is not the same as how the term is used by the "sockets API".

The "sockets API" as we know it was introduce by BSD but was later copied all over the place and is included as part of the posix standard. The basic stuff for TCP and UDP sockets tends to be much the same across different platforms but more advanced stuff and stuff that interacts with other parts of the OS varies, for example on unix-like systems a socket is identified by a file handle and can be read/written by the file APIs, this is not the case on windows.

Some extensions to the sockets API have been documented in rfcs but those RFCs are only "informational".

or any protocol could use IP Sockets ?

When an application explicitly creates a socket using the "socket" function (sockets are also created by the accept function) it passes three parameters, "domain", "type" and "protocol". Between them these three parameters can be used to select many different types of socket.

  • domain selects the family of protocols/addresses in use, e.g. AF_INET for ipv4, AF_INET6 for ipv6, AF_Unix for unix filesystem paths etc.
  • type selects the communication semantics, the main ones being datagram and stream but there are also other more specialised types.
  • protocol selects the protocol to use, if it is set to 0 a default protocol for the combination of Domain and type will be used.
Peter Green
  • 4,056
  • 10
  • 29
  • " Listening sockets live in the filesystem hierarchy and access to them can be controlled by filesystem permissions." Does this mean that two servers that have access to the same filesystem might be able to communicate over a socket? – user5359531 Mar 21 '19 at 21:18
  • 2
    AIUI unfortunately not. https://superuser.com/questions/352263/ssh-sharing-control-sockets-over-nfs – Peter Green Mar 21 '19 at 21:29