• Post Reply Bookmark Topic Watch Topic
  • New Topic

Doubt in socket - local port  RSS feed

 
Mike Thomson
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have doubt in Socket programming.

1. We are running a service in a server in IP (ex: 190.165.1.103) and port (4242)

2. We don't want everyone to connect to our service. Those who want to connect to our service they need to provide their IP address and we will configured it to allow them in our firewall.

3. For Example: one of the client (IP: 167.158.25.100) has been allowed to consume our service at (190.165.1.103:4242)
SO this client is having access to our server's port 4242. because our firewall configured to allow connections to port 4242 only.


Based on the below, I have some doubts.

The server listens to the socket for a client to make a connection request . If everything goes well, the server accepts the connection.
Upon acceptance, the server gets a new socket bound to a different port.
It needs a new socket (consequently a different port number) so that it can continue to listen to the original socket for connection requests while serving the connected client.


4. Client connects to the server 190.165.1.103:4242 and server creates a new socket (example: 2478) and again starts to listen in port 4242 for other incoming client requests.

My question, how the client will able to connect to port 2478 (local port at server side), as it is allowed to connect only server port 4242?

I think somewhere I misunderstood the concept and I don't know how it will work?
 
Henry Wong
author
Sheriff
Posts: 22865
119
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mike Thomson wrote:My question, how the client will able to connect to port 2478 (local port at server side), as it is allowed to connect only server port 4242?

I think somewhere I misunderstood the concept and I don't know how it will work?



Don't worry about that...

Firewalls are smart enough to know that port 4242 is a rendevous port, and the TCP connection will be picking another port (aka. the ephemeral port) for actual data communications.

Henry
 
Mike Thomson
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks a lot for your quick reply, Henry.

So firewall will allow the ephemeral port associated with this rendezvous port (4242) even though those ports are not opened for the external world?
Is there a way to capture what are all the active ephemeral port associated with this rendezvous port 4242?.

Also, below quotes says "new socket object which is bound to same local port". I am not getting what is the meaning of same local port?

Note that The Java Tutorial says:

"When a connection is requested and successfully established, the accept method returns a new Socket object which is bound to the same local port and has it's remote address and remote port set to that of the client. The server can communicate with the client over this new Socket and continue to listen for client connection requests on the original ServerSocket."


Is this mean, the server indeed creates a new socket per client, but ALL these new sockets bind on same port on which Server is listening (port 4242 in this case)? or some other random port?
Because calling getLocalPort() on the newly created socket always returns 4242
 
Henry Wong
author
Sheriff
Posts: 22865
119
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mike Thomson wrote:
Also, below quotes says "new socket object which is bound to same local port". I am not getting what is the meaning of same local port?

Note that The Java Tutorial says:

"When a connection is requested and successfully established, the accept method returns a new Socket object which is bound to the same local port and has it's remote address and remote port set to that of the client. The server can communicate with the client over this new Socket and continue to listen for client connection requests on the original ServerSocket."



Not sure what it means -- perhaps we can get more context?

Mike Thomson wrote:
Because calling getLocalPort() on the newly created socket always returns 4242


Can't say one way or otherwise, as I have not tested it. However, regarding the TCP protocol, the local port for the data socket, once a socket has been accepted, uses a port from the Ephemeral port range.

Also, it is not legal for more than one socket to bind to the same combination of interface, port, and protocol. The only exception is multicast, which doesn't support TCP.

Henry
 
Mike Thomson
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Not sure what it means -- perhaps we can get more context?


I have got it from https://docs.oracle.com/javase/tutorial/networking/sockets/definition.html

So as you told definitely at the server side new socket opened at random port for handling the client request and the actual port (in this case: 4242) where service is running is only for accepting the connection and hand it over it to random port (Ephemeral)

Because friend of mine told no ports at server side is opened, as client is opened the firewall only for 4242 (where service is running) and client won't be able to connect to that random port.
 
Mike Thomson
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
In the below program, I am running the simple service at 162.96.24.142:2403
The client is connecting from 192.108.0.109:63432.

There should be 3 ports involoved.

1. ServerSocket (2403)
2. ClientSocket (63432)

3. ConnectionPort (Ephemeral port) at the server side 162.96.24.142 right? I want to display that port.

Once the serverSocket.accept(), new Socket object is bound to which port (some random - ephemeral port right?)
The server can communicate with the client over this new Socket (what is that port?) and continue to listen for client connection requests on the original ServerSocket (2403)






netstat from client machine


netstat from server machine
 
Mike Thomson
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
any help?
 
Henry Wong
author
Sheriff
Posts: 22865
119
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mike Thomson wrote:any help?


Well, I hope you are not expecting an answer from me -- as I already mentioned (in a previous post) that my knowledge of this doesn't extend to what the API does. I never cared about the local bind address/port. I just know that the firewall is smart enough to let it through.

Henry
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!