how TCP port bind - sockets

Any body knows how is the port number bound with a socket in detail and how is the port used to forward the packet received in transport layer to a socket which is reading on this port?
thanks.

The application binds to a local IP address and port using the bind() function. The remote IP address and port is determined by the other end of the connection at the time a connection is established.
In the kernel, at the time a tcp connection is established the socket is put into a hash table based on data including the local address, local port, remote address, and remote port. When an incoming tcp segment arrives, these values are extracted from the header and used to look up the corresponding socket in the hash table. In Linux this lookup occurs in the function inet_lookup_established(). A similar function, inet_lookup_listener() is used to look up a listening socket from a different hash table for a new connection; in that case the remote IP address and port are not used.

Related

Is welcoming port the same as listening port? [duplicate]

This question already has answers here:
Does the port change when a server accepts a TCP connection?
(3 answers)
Closed 4 years ago.
Hi I'm just a newbie in networking,
just want to ask, is welcoming port of welcoming socket on a server the same as listening port?
For example, we all know HTTP use port 80, so is port 80 the welcoming port of the web server to initialize TCP's three way handshake? and actual port number of connection socket (for transmission of http message) can be arbitrary number assigned by the server?
From the accept manpage:
The accept() system call is used with connection-based socket types
(SOCK_STREAM, SOCK_SEQPACKET). It extracts the first connection
request on the queue of pending connections for the listening socket,
sockfd, creates a new connected socket, and returns a new file
descriptor referring to that socket. The newly created socket is not
in the listening state. The original socket sockfd is unaffected by
this call.
"welcome" port is the listening port. All client initiate connections to webserver "listening" on port 80 ( clients are "welcome" on port 80). The connection in ESTABLISHED state will have a different socket fd than listen fd.
is welcoming port of welcoming socket on a server the same as listening port?
The port on the server stays the same, i.e. 80 for all the clients even after the three-way handshake.
I guess what you really ask is how sever distinguish simultaneous client connections.
Usually network sockets use unique 4-tuples to identify the connection, i.e. source IP, source port, destination IP, destination port: https://en.wikipedia.org/wiki/Network_socket#Socket_pairs
So the destination IP and port stays the same for all the clients (i.e. server's IP and port 80) but the source IP and ports are different. That is how server distinguish different connections to the same port 80.
actual port number of connection socket (for transmission of http message) can be arbitrary number assigned by the server?
The destination port stays the same, i.e. 80 as described above. Instead each client selects its unused source port before establish the TCP connection.

On successful TCP connection between server and client

RELATED POST
The post here In UNIX forum describes
The server will keep on listeninig on a port number.
The server will accept a clients connect() request using accept(). As soon as the server accepts the client request, the kernel allocates a random port number for the server for further send() and receive(), since the same port number on the server can't be used for sending as well as listening, and the previous port is still listening for new connections
QUESTION
I have a server application S which is constantly listening on port 18333 (this is actually bitcoind testnet). When another client node C connects with it on say 53446 (random port). According to the above post, S will be able to send/receive data of 'C' only from port 53446.
But when I run a bitcoind testnet. This perfectly communicates with other node with only one socket connection in port 18333 without need for another for sending/receiving. Below is snippet and I even verified this
bitcoin-cli -testnet -rpcport=16591 -datadir=/home/user/mytest/1/
{
"id": 1,
"addr": "178.32.61.149:18333"
}
Can anyone help me understand what is the right working in TCP socket connection?
A TCP connection is identified by a socket pair and this is uniquely identified by 4 parameters :
source ip
source port
dest ip
dest port
For every connection that is established to a server the socket is basically cloned and the same port is being used. So for every connection you have a socket using the same server port. So you have n+1 socket using the same port when there are n connections.
The TCP kernel is able to make distinction between all these sockets and connections because the socket is either in the listening state, or it belongs to the socket pair where all 4 parameters are considered.
Your second bullet is therefore wrong because the same port is being used as i explained above.
The server will accept a clients connect() request using accept(). As
soon as the server accepts the client request, the kernel allocates a
random port number for the server for further send() and receive().
On normal TCP traffic this is not the case. If a webserver is listening on port 80, all packets sent back to the client wil be over server port 80 (this can be verified with WireShark for example) - but there will be a different socket for each connection (srcIP:port - dstIP:port). That information is sent in the headers of the network packets - IP and protocol code (TCP, UDP or other) in the IP header, port numbers as part of the TCP or UDP header).
But changing ports can happen when communicating over ftp, where there can be a control port (ususally 21) and a negotiated data port.

Transmission Control Protocol socket

When I open TCP with the server (on 7 layer of OSI), the layer 5 create socket with port number and IP.
I want to know if this socket include my IP/the server IP, and my (random) port or the server port (e.g. 80 for HTTP)
And when I open TCP with server we open TCP together
So it's mean we have common socket?
When I open TCP with the server (on 7 layer of OSI)
Forget about OSI. It is obsolete, and TCP/IP doesn't follow it. It has its own layer model.
The layer 5 create socket with port number and IP
TCP creates it at the TCP layer.
I want to know if this socket include my IP/the server IP, and my (random) port or the server port (80 for HTTP for ex.)
All of the above.
And when I open TCP with server we open TCP together So it's mean we have common socket?
No. A socket is an endpoint of a connection. There are two ends, and two sockets.
TCP is a Layer 4 as it is called - or a Transport Layer, so ignore the OSI model for the time being.
Generally - 'a socket' is just an end point without any identity. The socket gets it's identity when you bind to an address or connect to an address.
When you bind to an address - you only get your local port and local IP address in it's end point, but not the remote IP and port address. As such such socket is not very useful unless you listen on it. This is typically done on the server. Also note that you can bind to 'All Addresses on the machine' and then you really don't have any one end-point per se.
When you connect to a server (a TCP server # port 80 say), your OS TCP/IP stack makes use of a local IP address and chooses a random port to connect to a sever socket (like say one listening above). This is when all the 4 addresses come into picture. This socket is a connected socket and all 4 values will be present.

sockets, its attributes and SO_REUSEADDR option

i have a few basic questions:
1.A socket is represented by a protocol, a local ip, local port, remote ip and remote port. Suppose such a connection exists between a client and a server. Now when i bind another client to same local port and ip, it got bound(i used SO_REUSEADDR) but connect operation by second client to the same remote ip and port failed.So, is there no way a third process can share the same socket?
2.When we call listen() on a socket bound to a local port and ip, it listens for connections. When a client connects, it creates a socket (say A). It completes 3 way handshake and then starts a different socket(say B) and also deletes the socket A (Source) .The new client is taken care of by the new socket B. So, what kind of a socket represents a listening socket i.e. what is the remote ip and port and is socket A different than that socket or just addition of remote ip and port to listening socket forms A?
3.I read that SO_REUSEADDR can establish a listening socket on a port if there is no socket listening on that port and ip and all sockets on that port and ip have SO_REUSEADDR option set.But then i also came across a text which said if a client is bound to a port and ip, another client can't bind to it(even if SO_REUSEADDR is used) unless the first client successfully calls connect(). There was no listening socket(it is a client so we there is no call to connect()) on that port and ip in this example. So, why isn't another client allowed?
Thanks in advance.
Correct: there is no way to create two different sockets with the same protocol, local port, local address, remote port, and remote address. There would be nothing to tell which packets belonged to which socket!
A listening socket does not have a remote address and remote port. That's OK, because there are no packets on the wire associated with this socket (yet). Actually, all sockets start out with neither a local nor remote address or port. These properties are only assigned later when bind() (for local) and connect()/accept() (for remote) are called.
Until you call connect() or listen() on a socket, there isn't any different between a server (listening) or client socket. They're the same thing. So it would be more correct here to say that no two sockets are allowed to share the same protocol, local address, and local port if neither has a remote address or port.
This isn't a problem in practice though, because you usually don't call bind() on a client socket, which means there is an implicit bind() to an ephemeral port at connect() time. These typical client sockets can't conflict with a listening socket because they go from having no addresses associated with them to having both local and remote addresses associated with them, skipping the state where they have only a local one.

Getting the IP of the interface that received a recvfrom() UDP packet (Microsoft)

Using recvfrom() on a socket bound to INADDR_ANY on a Microsoft multihomed PC.
when recvfrom() gets an UDP packet: how can I find the Interface (IP) that received the packet?
There is no way to know the receiving IP when a single listening socket is bound to multiple IPs. Instead of binding a single socket to INADDR_ANY, you can query the machine's list of local IPs using GetAdaptersInfo() and/or GetAdapterAddresses(), then create a separate listening socket for each IP. You can use getsockname() to know which IP a given socket is bound to, but only when that socket is bound to a specific IP, not multiple IPs.