Ephemeral port

Last updated

An ephemeral port is a communications endpoint (port) of a transport layer protocol of the Internet protocol suite that is used for only a short period of time for the duration of a communication session. Such short-lived ports are allocated automatically within a predefined range of port numbers by the IP stack software of a computer operating system. The Transmission Control Protocol (TCP), the User Datagram Protocol (UDP), and the Stream Control Transmission Protocol (SCTP) typically use an ephemeral port for the client-end of a client–server communication. At the server end of the communication session, ephemeral ports may also be used for continuation of communications with a client that initially connected to one of the services listening with a well-known port. For example, the Trivial File Transfer Protocol (TFTP) [1] and Remote Procedure Call (RPC) applications can behave in this manner.

Contents

The allocation of an ephemeral port is temporary and only valid for the duration of the communication session. After completion of the session, the port is destroyed and the port number becomes available for reuse, but many implementations simply increment the last used port number until the ephemeral port range is exhausted, when the numbers roll over. Ephemeral ports are also called dynamic ports, because they are used on a per request basis, and are only known by number once allocated.

Range

RangeOperating system
49152-65535suggested by RFC 6335 and the Internet Assigned Numbers Authority (IANA) for dynamic or private ports. [2] [3] FreeBSD has used the IANA port range since release 4.6. Windows Vista, Windows 7, and Server 2008 use the IANA range by default. [4]
32768-60999used by many Linux kernels. [note 1] [5]
32768-65535used by Solaris OS [ citation needed ] and AIX OS.[ citation needed ]
1024-65535 RFC 6056 [6]
1025-60000default of Windows Server 2008 with Exchange Server 2007 installed. [7] In addition to the default range, all versions of Windows since Windows 2000 have the option of specifying a custom range anywhere within 102565535. [8] [9]
1024-5000 FreeBSD versions before 4.6, including the Berkeley Software Distribution (BSD). [10] [11] Default range of Microsoft Windows operating systems through Windows XP. [12]
1025-5000used by Windows Server 2003, until Microsoft security update MS08-037 from 2008 is installed, after which it uses the IANA range by default. [13]

Configuration characteristics

If certain server software is used, that uses non-ephemeral custom port ranges for initiating some further connections, it needs to be ensured by configuration that this custom port range and the ephemeral port range do not overlap.[ citation needed ]

See also

Notes

  1. The effective range is accessible via procfs at node /proc/sys/net/ipv4/ip_local_port_range.

Related Research Articles

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture.

An Internet Protocol address is a numerical label such as 192.0.2.1 that is connected to a computer network that uses the Internet Protocol for communication. An IP address serves two main functions: network interface identification, and location addressing.

The Internet Control Message Protocol (ICMP) is a supporting protocol in the Internet protocol suite. It is used by network devices, including routers, to send error messages and operational information indicating success or failure when communicating with another IP address, for example, an error is indicated when a requested service is not available or that a host or router could not be reached. ICMP differs from transport protocols such as TCP and UDP in that it is not typically used to exchange data between systems, nor is it regularly employed by end-user network applications.

The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suite are the Transmission Control Protocol (TCP), the User Datagram Protocol (UDP), and the Internet Protocol (IP). Early versions of this networking model were known as the Department of Defense (DoD) model because the research and development were funded by the United States Department of Defense through DARPA.

The Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, and terminating communication sessions that include voice, video and messaging applications. SIP is used in Internet telephony, in private IP telephone systems, as well as mobile phone calling over LTE (VoLTE).

The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network. Major internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP, which is part of the Transport Layer of the TCP/IP suite. SSL/TLS often runs on top of TCP.

In computer networking, the User Datagram Protocol (UDP) is one of the core communication protocols of the Internet protocol suite used to send messages to other hosts on an Internet Protocol (IP) network. Within an IP network, UDP does not require prior communication to set up communication channels or data paths.

Trivial File Transfer Protocol (TFTP) is a simple lockstep File Transfer Protocol which allows a client to get a file from or put a file onto a remote host. One of its primary uses is in the early stages of nodes booting from a local area network. TFTP has been used for this application because it is very simple to implement.

<span class="mw-page-title-main">Network address translation</span> Protocol facilitating connection of one IP address space to another

Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. The technique was originally used to bypass the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the network's address space. It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion. One Internet-routable IP address of a NAT gateway can be used for an entire private network.

SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.

In computer networking, Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It uses encryption ('hiding') only for its own control messages, and does not provide any encryption or confidentiality of content by itself. Rather, it provides a tunnel for Layer 2, and the tunnel itself may be passed over a Layer 3 encryption protocol such as IPsec.

<span class="mw-page-title-main">Preboot Execution Environment</span> Standard for booting from a server

In computing, the Preboot eXecution Environment, PXE specification describes a standardized client–server environment that boots a software assembly, retrieved from a network, on PXE-enabled clients. On the client side it requires only a PXE-capable network interface controller (NIC), and uses a small set of industry-standard network protocols such as DHCP and TFTP.

A Service record is a specification of data in the Domain Name System defining the location, i.e., the hostname and port number, of servers for specified services. It is defined in RFC 2782, and its type code is 33. Some Internet protocols such as the Session Initiation Protocol (SIP) and the Extensible Messaging and Presence Protocol (XMPP) often require SRV support by network elements.

This article lists communication protocols that are designed for file transfer over a telecommunications network.

A registered port is a network port designated for use with a certain protocol or application.

A network socket is a software structure within a network node of a computer network that serves as an endpoint for sending and receiving data across the network. The structure and properties of a socket are defined by an application programming interface (API) for the networking architecture. Sockets are created only during the lifetime of a process of an application running in the node.

In computer networking, a port or port number is a number assigned to uniquely identify a connection endpoint and to direct data to a specific service. At the software level, within an operating system, a port is a logical construct that identifies a specific process or a type of network service. A port at the software level is identified for each transport protocol and address combination by the port number assigned to it. The most common transport protocols that use port numbers are the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP); those port numbers are 16-bit unsigned numbers.

An IPv6 packet is the smallest message entity exchanged using Internet Protocol version 6 (IPv6). Packets consist of control information for addressing and routing and a payload of user data. The control information in IPv6 packets is subdivided into a mandatory fixed header and optional extension headers. The payload of an IPv6 packet is typically a datagram or segment of the higher-level transport layer protocol, but may be data for an internet layer or link layer instead.

The Stream Control Transmission Protocol (SCTP) is a computer networking communications protocol in the transport layer of the Internet protocol suite. Originally intended for Signaling System 7 (SS7) message transport in telecommunication, the protocol provides the message-oriented feature of the User Datagram Protocol (UDP), while ensuring reliable, in-sequence transport of messages with congestion control like the Transmission Control Protocol (TCP). Unlike UDP and TCP, the protocol supports multihoming and redundant paths to increase resilience and reliability.

References

  1. Karen R.Sollins (July 1992). The TFTP Protocol (Revision 2). IETF. doi: 10.17487/RFC1350 . RFC 1350 . Retrieved 2020-10-18.
  2. IANA port number assignments
  3. Cotton, M.; Eggert, L.; Touch, J.; Westerlund, M.; Cheshire, S. (August 2011). "Port Number Ranges". Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry. IETF. sec. 6. doi: 10.17487/RFC6335 . RFC 6335 . Retrieved November 14, 2021. the Dynamic Ports, also known as the Private or Ephemeral Ports, from 49152-65535 (never assigned)
  4. Microsoft KB Article 929851
  5. "IP Sysctl". The Linux Kernel documentation. Retrieved 2021-06-27. The default values are 32768 and 60999 respectively.
  6. M. Larsen; F. Gont (January 2011). Recommendations for Transport-Protocol Port Randomization. sec. 3.2. Ephemeral Port Number Range. RFC   6056 . However, ephemeral port selection algorithms should use the whole range 1024-65535.
  7. Microsoft KB Article 929851
  8. Microsoft KB Article 929851
  9. Microsoft KB Article 196271
  10. UNIX Network Programming, Volume 1, Second Edition: Networking APIs: Sockets and XTI. Prentice Hall. 1998. pp. 42–43. ISBN   0-13-490012-X.
  11. Mike Gleason (2001). "The Ephemeral Port Range" . Retrieved 2018-01-15. note that the Linux 2.4 kernel will default the range of 32768 through 61000 if adequate kernel memory is available
  12. Microsoft Windows Technet Library
  13. Microsoft KB Article 956188