this post was submitted on 09 Apr 2024
227 points (95.2% liked)

Asklemmy

43936 readers
577 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
 

It's the one thing when I'm configuring things that makes me wince because I know it will give me the business, and I know it shouldn't, but it does, every time. I have no real idea what I'm doing, what it is, how it works, so of course I'm blindly following instructions like a monkey at a typewriter.

Please guide me into enlightenment.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 26 points 7 months ago (1 children)

If IP addresses are for finding the specific computer on a network you're wanting to talk to, Ports are for finding the specific application you want to talk to on that computer. So kinda like a phone extension. When an application "opens" a port, they're just telling the OS "hey, if any packets come in on this port, send the data my way, I'll know what to do with it".

A firewall is a special program the OS uses to control access to its ports. It says what programs are allowed to access what ports, effectively controlling the ability for all apps to access the network.

The only other thing to know is that the first 1024 port values are usually heavily controlled by the OS because there are specific protocols that are traditionally used on those specific ports, so you usually don't want just any application claiming one of those ports willy-nilly.

Oh, and you may have had to deal with "port forwarding" on your router. This is because, if some computer outside your network sends a packet to your router targeting a specific port number, the router doesn't know which computer it should go to. So by default, it just ignores it (which is usually the safest thing to do). Port forwarding tells your router, "if any packets come in on this port, send them to the computer at this IP, they'll know what to do with it."

[โ€“] [email protected] 3 points 7 months ago* (last edited 7 months ago) (1 children)

This is really good, I just want to clarify one thing:

there are specific protocols that are traditionally used on those specific ports

Protocols are not 'used on ports', it's actually the other way around: TCP and UDP are both protocols operating on top of IP, each with its own set of ports to help direct traffic, exactly as you explained.

There are other protocols, like ICMP or GRE, that exist quite happily without knowing anything about ports (ICMP has types and codes, GRE doesn't).

Edit: I suppose it is actually a bit ambiguous because we also refer to applications (HTTPS, telnet) as protocols. I'm not sure if there is a standard way to differentiate when discussing other than just saying transport layer protocol / application layer protocol.

[โ€“] [email protected] 2 points 7 months ago

Yeah, didn't want to dig deep in the interest of brevity, but I didn't want to say that specific applications use those ports, even though I already said that ports in general are for applications. You can use whatever ftp, ssh, or http server you want as long as they "speak" the expected protocol.