2
1
My browser is Firefox, with 3 open tabs:
tab1-->google.com
tab2-->yahoo.com
tab3-->msn.com
All of them use port 80, and so does Photoshop:
How does computer know which data belong to which process?
m-tech
Posted 2016-07-12T11:38:48.347
Reputation: 178
4
I'll correct your diagram see the pic below.
It's useful to use the word packet in the general sense, the electronic engineering sense, without much of the mess of ISO OSI "layer" terminology.
One has a packet and it has information like source IP, dest IP, And after that you have some other fields that may be called the TCP segment, and they have fields such as TCP source port, TCP dest port.
Added note-
In slightly more complex scenarios, you might have two connections, and the same source IP accessing the same dest IP and dest port. but one connection would have one local tcp port, the other another local tcp port. That could happen if you have multiple tabs open in a web browser, accessing the same web server. Another scenario is if you have multiple NICs. Bear in mind that IPs belong to network interfaces (that's more accurate than saying they belong to 'computers'). A computer might have many network interfaces, many IPs. A connection happens between network interfaces.
barlop
Posted 2016-07-12T11:38:48.347
Reputation: 18 677
1That's part of the answer, but still lacks the 'local' host:port. – user1686 – 2016-07-12T12:47:56.757
@grawity well, the local host:port is not what was tripping him up – barlop – 2016-07-12T12:49:41.353
@grawity I have added about the concept of a packet, (since it clarifies the port concept that he wasn't understanding), and that also covers a bit about source IP and source port. By the way, I think my original pic was slightly flawed 'cos I called 'port' an identifier when I think it isn't. So i've corrected my pic. (though i'll have to look into the difference between an identifier and a unique identifier) – barlop – 2016-07-12T12:50:49.807
How do you know it wasn't? If you had drawn two tabs trying to connect to the same 1.2.3.4:80, it would be very relevant. – user1686 – 2016-07-12T12:51:24.723
@grawity that's a great point, and worthy of adding to the pic or me adding another pic, though his picture showed confusion where each tab was connecting to a different server and he didn't see how that was possible, so I addressed the scenario he mentioned and why it wasn't a problem. – barlop – 2016-07-12T12:52:56.227
my computer have one ip .how it use several ip addreses ...? – m-tech – 2016-07-13T00:18:45.677
@m-tech well, try to ping 127.0.0.1 you'll see that works..that's a virtual network interface. And use ipconfig command to see your IP it might say 192.168.0.3 And if you had multiple physical network interfaces each would have its own IP. I have heard it's even possible for one network interface to have multiple IPs, which makes sense as possible. A NAPT router like you'd use, is a computer, and has two IPs, 2 network interfaces. One with a public IP, another with a private IP you http to. And a professional cisco router would have more, one per network interface. – barlop – 2016-07-13T04:25:53.657
@m-tech if you got a usb-ethernet adaptor(some may say not recommended), but then that would add an adaptor. I added a bit in an edit, about multiple source IPs. Also prior to your comment, nobody necessarily mentioned multiple source IPs. grawity's multiple tab example wasn't an example of multiple IPs. It was one where local TCP port becomes of greater relevance in knowing which connection is which. – barlop – 2016-07-13T04:32:18.183
13
A TCP connection is uniquely identified by (Local Host, Local Port, Remote Host, Remote Port). (Technically the protocol is also part of the criteria, but if we restrict ourselves to TCP, it’s of course TCP.)
An example connection with a router:
If you open another connection to Google, it’ll use a different outgoing port, so it can still be uniquely identified.
This is also what your operating system uses to route response packets back to the correct application.
Daniel B
Posted 2016-07-12T11:38:48.347
Reputation: 40 502
3
The web server process on the Server is Listening on port 80 for connections on its own IP address. A connection is to a IP address AND a port, not just one or the other. As such you computer can connect to port 80 on 3 different IP addresses without problem.
Your PC does not use port 80 on the local end of the connection. The OS will use the next free local port in the range it is written to use. For Windows, ports starting at 1024 (older versions) or at 16536 (newer versions) are used for connections. Linux boxes tend to use ports in the high range, above 38000 or so.
You can confirm this behavior in Windows (powershell) with:
netstat -a | findstr <the servers IP address>
or in Linux (as root):
netstat -ntup | grep <the servers IP address>
and noting the local port. It is not port 80.
Additionally, some servers only listen for new connections on a port (like FTP), and open a new connection for actually transferring data or providing services. This behavior is entirely dependent on the daemon in question however. if the service wants to use other means to track individual sessions, it is free to do so, and keep all traffic on a single port, like TCP/80.
Edit: to address your expanded question:
Your browser knows a site by domain and IP address, not by port number. Every OS or application runtime provides a version of the Berkeley Sockets method GetHostByName(string name) which it uses to look up a remote server by domain name.
On the TCP layer, since as I mentioned, you are not using TCP/80 locally (only the servers use 80, and there's no way a server at MSN is confused about whether it is Google) there is no ambiguity.
It is notable that when a program uses a port to send data, it appears that it sends the data stream to the local port, but it is important to remember that during the creation of that port, a TCP connection was created between the IP hosts, so the port already knows the (only) remote IP address that that local port is connected to.
Frank Thomas
Posted 2016-07-12T11:38:48.347
Reputation: 29 039
Today, Windows also has a high ephemeral port range by default, starting somewhere at 65535-16384. – Daniel B – 2016-07-12T12:13:41.177
@DanielB, noted. – Frank Thomas – 2016-07-12T12:38:52.300
yes you are right.port 80 belongs to server. you say,"As such you computer can connect to port 80 on 3 different IP addresses without problem" . if my computer uses several ip for each request (while each computer have unique ip ) how server can recognize me?do my real ip address play NAT role? – m-tech – 2016-07-12T23:31:07.733
you misunderstood me, the three addresses are the google IP, the Yahoo IP, and the MSN IP. you only have one IP address, with three different ports mapped on your end. as an example you might be using 16537 for Google:80, 16538 for Yahoo:80, and 16539 for MSN:80. – Frank Thomas – 2016-07-13T04:22:09.913
3
All of the applications will use a random port for "internal use". This is known as the local port.
By looking at Resmon.exe, under the Network tab, you can see a list of TCP connections. This is the open TCP connections each program has open. This will display:
Overall, each application/TCP connection (because some applications can have multiple, such as a web browser with multiple tabs) gets a random local port that can be used for each open TCP connection.
EDIT:
Thanks to @Hennes for identifying that the ports are more than 1023 and less than 65536.
All ports up to 1023 are reserved such as port 80 etc. And 65535 is the maximum port number.
Bitten Fleax
Posted 2016-07-12T11:38:48.347
Reputation: 632
3Where random is >1023 and <=65536 – Hennes – 2016-07-12T11:59:04.303
@Hennes Wrong hennes and hitten. Highest port number is 65535 (16 bits will go from 0-65535). That's 65536 numbers, going from the first port 0, up to 2^16 MINUS 1. and a link to confirm that the highest port is 65535 http://stackoverflow.com/questions/113224/what-is-the-largest-tcp-ip-network-port-number-allowable-for-ipv4 So your upvoted comment is wrong, and the last line of bitten's answer is wrong.
– barlop – 2016-07-12T12:57:01.323@barlop Alright dude, chill your beans man. Simple mistake, it looked odd when I read it, but just trusted him. I will edit it. – Bitten Fleax – 2016-07-12T13:13:46.863
Ports will start at 0, but the first thousand is usually reserved. And you are right, I mean < 2^16, or <+ 2^16 -1 – Hennes – 2016-07-12T14:46:12.840
Think as port 80 as an extension number. Tab 1 calls google on extension 0. It then asks the secretary for some future communications. That does not need to happen on port 80. Ditto tab 2 which calls someone else and thus it is a different IP:80 pair. – Hennes – 2016-07-12T12:00:59.617