这是我所在组织的一位软件工程师提出的问题。我感兴趣的是最广义的定义。


当前回答

A socket is a communication endpoint. A socket is not directly related to the TCP/IP protocol family, it can be used with any protocol your system supports. The C socket API expects you to first get a blank socket object from the system that you can then either bind to a local socket address (to directly retrieve incoming traffic for connection-less protocols or to accept incoming connection requests for connection-oriented protocols) or that you can connect to a remote socket address (for either kind of protocol). You can even do both if you want to control both, the local socket address a socket is bound to and the remote socket address a socket is connected to. For connection-less protocols connecting a socket is even optional but if you don't do that, you'll have to also pass the destination address with every packet you want to send over the socket as how else would the socket know where to send this data to? Advantage is that you can use a single socket to send packets to different socket addresses. Once you have your socket configured and maybe even connected, consider it to be a bi-directional communication pipe. You can use it to pass data to some destination and some destination can use it to pass data back to you. What you write to a socket is send out and what has been received is available for reading.

Ports on the other hand are something that only certain protocols of the TCP/IP protocol stack have. TCP and UDP packets have ports. A port is just a simple number. The combination of source port and destination port identify a communication channel between two hosts. E.g. you may have a server that shall be both, a simple HTTP server and a simple FTP server. If now a packet arrives for the address of that server, how would it know if that is a packet for the HTTP or the FTP server? Well, it will know so as the HTTP server will run on port 80 and the FTP server on port 21, so if the packet arrives with a destination port 80, it is for the HTTP server and not for the FTP server. Also the packet has a source port since without such a source port, a server could only have one connection to one IP address at a time. The source port makes it possible for a server to distinguish otherwise identical connections: they all have the same destination port, e.g. port 80, the same destination IP (the IP of the server), and the same source IP, as they all come from the same client, but as they have different source ports, the server can distinguish them from each other. And when the server sends back replies, it will do so to the port the request came from, that way the client can also distinguish different replies it receives from the same server.

其他回答

尽可能简单地说,套接字和端口之间没有物理区别,例如PATA和SATA之间的区别。它们只是一些读写网卡的软件。

A port is essentially a public socket, some of which are well-known/well-accepted, the usual example being 80, dedicated to HTTP. Anyone who wants to exchange traffic using a certain protocol, HTTP in this instance, canonically goes to port 80. Of course, 80 is not physically dedicated to HTTP (it's not physically anything, it's just a number, a logical value), and could be used on some particular machine for some other protocol ad libitum, as long as those attempting to connect know which protocol (which could be quite private) to use.

套接字本质上是一个私有端口,为连接方知道但其他人不一定知道的特定目的而建立。底层传输层通常是TCP或UDP,但也不一定非得如此。最基本的特征是两端都知道发生了什么,不管发生了什么。

这里的关键是,当在某个端口上接收到连接请求时,应答握手包括有关为服务特定请求者而创建的套接字的信息。后续通信通过该(私有)套接字连接进行,而不是服务继续侦听连接请求的公共端口连接。

简短的回答。

端口可以被描述为主机中的内部地址,用于标识程序或进程。

套接字可以被描述为一个编程接口,允许一个程序在internet上或本地与其他程序或进程通信。

套接字是一种数据I/O机制。端口是通信协议的契约概念。套接字可以没有端口而存在。一个端口可以没有特定的套接字而存在(例如,如果同一个端口上有几个活动的套接字,这可能是某些协议允许的)。

端口用于确定接收端应该将数据包路由到哪个套接字,在许多协议中,但它并不总是必需的,接收套接字的选择可以通过其他方式完成——端口完全是网络子系统中协议处理程序使用的工具。例如,如果协议不使用端口,数据包可以到所有侦听套接字或任何套接字。

套接字地址是一个IP地址和端口号

123.132.213.231         # IP address
               :1234    # port number
123.132.213.231:1234    # socket address

当两个套接字绑定在一起时,就发生了连接。

在阅读了这些优秀的向上投票的答案后,我发现对于我这个网络编程新手来说,有以下几点需要强调:

TCP-IP连接是连接一个地址:端口组合和另一个地址:端口组合的双向路径。因此,每当您打开从本地计算机到远程服务器上的端口的连接(例如www.google.com:80)时,您也将计算机上的一个新端口号与该连接关联起来,以允许服务器将内容发回给您(例如127.0.0.1:65234)。使用netstat查看你机器的连接是很有帮助的:

> netstat -nWp tcp (on OS X)
Active Internet connections
Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)    
tcp4       0      0  192.168.0.6.49871      17.172.232.57.5223     ESTABLISHED
...