一般来说，你会得到很多理论，但区分这两个概念的最简单方法之一是:

为了获得服务，你需要一个服务号码。这个服务号码称为端口。就这么简单。

例如，HTTP as a service运行在端口80上。

现在，许多人都可以请求该服务，并建立了来自客户机-服务器的连接。会有很多联系。每个连接代表一个客户端。为了维护每个连接，服务器为每个连接创建一个套接字来维护其客户端。

套接字由三部分组成:

IP地址 传输协议 端口号

端口是1到65535之间的数字，表示设备中的逻辑门。 客户端和服务器之间的每个连接都需要一个惟一的套接字。

例如:

1030为端口。 (10.1.1.2, TCP，端口1030)是一个套接字。

An application consists of pair of processes which communicate over the network (client-server pair). These processes send and receive messages, into and from the network through a software interface called socket. Considering the analogy presented in the book "Computer Networking: Top Down Approach". There is a house that wants to communicate with other house. Here, house is analogous to a process, and door to a socket. Sending process assumes that there is a infrastructure on the other side of the door that will transport the data to the destination. Once the message is arrived on the other side, it passes through receiver's door (socket) into the house (process). This illustration from the same book can help you: Sockets are part of transport layer, which provides logical communication to applications. This means that from application's point of view both hosts are directly connected to each other, even though there are numerous routers and/or switches between them. Thus a socket is not a connection itself, it's the end point of the connection. Transport layer protocols are implemented only on hosts, and not on intermediate routers. Ports provide means of internal addressing to a machine. The primary purpose it to allow multiple processes to send and receive data over the network without interfering with other processes (their data). All sockets are provided with a port number. When a segment arrives to a host, the transport layer examines the destination port number of the segment. It then forwards the segment to the corresponding socket. This job of delivering the data in a transport layer segment to the correct socket is called de-multiplexing. The segment's data is then forwarded to the process attached to the socket.

A socket is a communication endpoint. A socket is not directly related to the TCP/IP protocol family, it can be used with any protocol your system supports. The C socket API expects you to first get a blank socket object from the system that you can then either bind to a local socket address (to directly retrieve incoming traffic for connection-less protocols or to accept incoming connection requests for connection-oriented protocols) or that you can connect to a remote socket address (for either kind of protocol). You can even do both if you want to control both, the local socket address a socket is bound to and the remote socket address a socket is connected to. For connection-less protocols connecting a socket is even optional but if you don't do that, you'll have to also pass the destination address with every packet you want to send over the socket as how else would the socket know where to send this data to? Advantage is that you can use a single socket to send packets to different socket addresses. Once you have your socket configured and maybe even connected, consider it to be a bi-directional communication pipe. You can use it to pass data to some destination and some destination can use it to pass data back to you. What you write to a socket is send out and what has been received is available for reading.

Ports on the other hand are something that only certain protocols of the TCP/IP protocol stack have. TCP and UDP packets have ports. A port is just a simple number. The combination of source port and destination port identify a communication channel between two hosts. E.g. you may have a server that shall be both, a simple HTTP server and a simple FTP server. If now a packet arrives for the address of that server, how would it know if that is a packet for the HTTP or the FTP server? Well, it will know so as the HTTP server will run on port 80 and the FTP server on port 21, so if the packet arrives with a destination port 80, it is for the HTTP server and not for the FTP server. Also the packet has a source port since without such a source port, a server could only have one connection to one IP address at a time. The source port makes it possible for a server to distinguish otherwise identical connections: they all have the same destination port, e.g. port 80, the same destination IP (the IP of the server), and the same source IP, as they all come from the same client, but as they have different source ports, the server can distinguish them from each other. And when the server sends back replies, it will do so to the port the request came from, that way the client can also distinguish different replies it receives from the same server.

端口是网络协议用来访问连接的主机的实体。端口可以是特定于应用程序的，也可以是与特定通信媒介相关的。不同的协议使用不同的端口访问主机，如HTTP使用80端口或FTP使用23端口。您可以在应用程序中分配用户定义的端口号，但这些端口号应该大于1023。

端口打开到所需主机的连接，而套接字是网络间或进程间通信的端点。 套接字是由系统通过api(应用程序编程接口)分配的。

更微妙的区别是，当系统重新启动时，端口将出现，而套接字将被销毁。

套接字是软件中的一种结构。它差不多是一个文件;它有读和写这样的操作。它不是一个物理的东西;它是你的软件引用物理事物的一种方式。

端口是一个类似设备的东西。每台主机都有一个或多个网络(这些是物理网络);主机在每个网络上都有一个地址。每个地址可以有数千个端口。

只有一个套接字可能在某个地址上使用某个端口。套接字分配端口类似于为文件系统I/O分配设备。一旦分配了端口，就没有其他套接字可以连接到该端口。当套接字被关闭时，端口将被释放。

看一下TCP/IP术语。