这是我所在组织的一位软件工程师提出的问题。我感兴趣的是最广义的定义。


当前回答

单个端口可以有一个或多个连接不同外部IP的插座,如多个电源插座。

  TCP    192.168.100.2:9001     155.94.246.179:39255   ESTABLISHED     1312
  TCP    192.168.100.2:9001     171.25.193.9:61832     ESTABLISHED     1312
  TCP    192.168.100.2:9001     178.62.199.226:37912   ESTABLISHED     1312
  TCP    192.168.100.2:9001     188.193.64.150:40900   ESTABLISHED     1312
  TCP    192.168.100.2:9001     198.23.194.149:43970   ESTABLISHED     1312
  TCP    192.168.100.2:9001     198.49.73.11:38842     ESTABLISHED     1312

其他回答

港口定义

文顿·g·瑟夫和罗伯特·e·卡恩(1974年5月)。分组网络互通协议。IEEE通讯汇刊,第22卷,第5号。IEEE。

端口是“一对(实体)在一段时间内交换一条或多条消息”的单元。

“……我们可以看到一个端口产生的消息序列,就好像它嵌入在一个无限长的字节流中……我们强调,与给定数据包相关联的序列号仅对通信的端口对是唯一的…对到达的数据包进行检查,以确定它们要发送到哪个端口。目标进程应该指定它愿意侦听特定端口或‘任何’端口。”

一个“端口只是一个的指示器……双工…消息流……[在一个或多个]信息流中…与流程相关联。”

信息科学研究所:南加州大学(1981年9月)。RFC 793:传输控制协议:DARPA互联网程序协议规范。

端口是一个或多个实体的一个实体,进程通过一个或多个通信流与一个或多个其他进程通信。

由于一个进程可能需要区分它自己和另一个进程(或多个进程)之间的几个通信流,我们设想每个进程都可能有若干端口,通过这些端口与其他进程通信。

“这样做的目的是,只允许在具有完全相同的安全性和隔间值的端口之间进行连接,并且在两个端口要求的优先级中具有更高的优先级。” 注意,此检查放在顺序检查之后,以防止来自这些具有不同安全性或优先级的端口之间的旧连接的段导致当前连接中断。

端口是一个地址,它指定进程的哪个逻辑输入或输出通道与[数据流]相关联。 为了允许单个主机内的多个进程同时使用TCP通信设施,TCP在每台主机内提供了一组地址或端口。

套接字中指定进程的哪个逻辑输入或输出通道与数据相关联的部分。

Socket的定义

甲骨文(2020)。类套接字。Java平台,标准版7 API规范。

套接字是两台机器之间通信的端点。

信息科学研究所:南加州大学(1981年9月)。RFC 793:传输控制协议:DARPA互联网程序协议规范。

A socket is a string consisting of an Internet address [i.e., the first eight-bit number (e.g., 123) of a network address (e.g., 123.45.78.0), a period, the second eight-bit number (e.g., 45) of the network address, a period, the third eight-bit number (e.g., 78) of the network address, a period, and a host address (e.g., 90)], a colon, and a TCP port (e.g., 1234). A socket is a unit of “A pair of [entities that] uniquely identify [a] connection[, and that] may be simultaneously used in multiple connections.”

"To allow for many processes within a single Host to use TCP communication facilities simultaneously, the TCP provides a set of addresses or ports within each host. Concatenated with the network and host addresses from the internet communication layer, this forms a socket. A pair of sockets uniquely identifies each connection. That is, a socket may be simultaneously used in multiple connections." “To provide for unique addresses within each TCP, we concatenate an internet address identifying the TCP with a port identifier to create a socket which will be unique throughout all networks connected together.”

上面描述的可靠性和流量控制机制要求tcp初始化和维护每个数据流的特定状态信息。这些信息(包括套接字、序列号和窗口大小)的组合称为连接。每个连接都由一对识别其两端的套接字唯一指定。”

首先,我认为我们应该先了解一下什么构成了从a到B的数据包。

网络的一个常见定义是使用OSI模型,该模型根据目的将网络分离为许多层。有几个重要的,我们将在这里介绍:

The data link layer. This layer is responsible for getting packets of data from one network device to another and is just above the layer that actually does the transmitting. It talks about MAC addresses and knows how to find hosts based on their MAC (hardware) address, but nothing more. The network layer is the layer that allows you to transport data across machines and over physical boundaries, such as physical devices. The network layer must essentially support an additional address based mechanism which relates somehow to the physical address; enter the Internet Protocol (IPv4). An IP address can get your packet from A to B over the internet, but knows nothing about how to traverse individual hops. This is handled by the layer above in accordance with routing information. The transport layer. This layer is responsible for defining the way information gets from A to B and any restrictions, checks or errors on that behaviour. For example, TCP adds additional information to a packet such that it is possible to deduce if packets have been lost.

TCP包含了端口的概念。这些实际上是Internet套接字(AF_INET)可以绑定到的同一IP地址上的不同数据端点。

UDP和其他传输层协议也是如此。从技术上讲,它们不需要以端口为特色,但这些端口确实为上层的多个应用程序提供了一种使用同一台计算机接收(实际上是发出)传出连接的方法。

这就把我们带到了TCP或UDP连接的解剖。每个都有一个源端口和地址,以及一个目标端口和地址。这样,在任何给定的会话中,目标应用程序都可以从源进行响应和接收。

因此,端口本质上是一种规范强制的方式,允许多个并发连接共享相同的地址。

现在,我们需要看看如何从应用程序的角度与外部世界通信。要做到这一点,你需要询问你的操作系统,因为大多数操作系统都支持伯克利套接字的方式来做事情,我们看到我们可以从应用程序创建包含端口的套接字,像这样:

int fd = socket(AF_INET, SOCK_STREAM, 0); // tcp socket
int fd = socket(AF_INET, SOCK_DGRAM, 0); // udp socket
// later we bind...

太棒了!因此,在sockaddr结构中,我们将指定端口,bam!完成工作!嗯,差不多了,除了:

int fd = socket(AF_UNIX, SOCK_STREAM, 0);

也是可能的。啊,这可真是个麻烦!

好吧,实际上并没有。我们所需要做的就是想出一些合适的定义:

internet套接字是IP地址、协议及其相关端口号的组合,服务可以在其上提供数据。tcp端口80,stackoverflow.com是一个互联网套接字。 unix套接字是一个在文件系统中表示的IPC端点,例如/var/run/database.sock。 套接字API是一种请求应用程序能够向套接字读写数据的方法。

瞧!这样就把事情整理好了。在我们的方案中,

端口是一个数字标识符,作为传输层协议的一部分,标识应该响应给定请求的服务号。

因此,端口实际上是形成互联网套接字所需的一个子集。不幸的是,“套接字”这个词的意思恰好被应用到几个不同的概念中。所以我衷心建议你为你的下一个项目命名套接字,只是为了增加混乱;)

An application consists of pair of processes which communicate over the network (client-server pair). These processes send and receive messages, into and from the network through a software interface called socket. Considering the analogy presented in the book "Computer Networking: Top Down Approach". There is a house that wants to communicate with other house. Here, house is analogous to a process, and door to a socket. Sending process assumes that there is a infrastructure on the other side of the door that will transport the data to the destination. Once the message is arrived on the other side, it passes through receiver's door (socket) into the house (process). This illustration from the same book can help you: Sockets are part of transport layer, which provides logical communication to applications. This means that from application's point of view both hosts are directly connected to each other, even though there are numerous routers and/or switches between them. Thus a socket is not a connection itself, it's the end point of the connection. Transport layer protocols are implemented only on hosts, and not on intermediate routers. Ports provide means of internal addressing to a machine. The primary purpose it to allow multiple processes to send and receive data over the network without interfering with other processes (their data). All sockets are provided with a port number. When a segment arrives to a host, the transport layer examines the destination port number of the segment. It then forwards the segment to the corresponding socket. This job of delivering the data in a transport layer segment to the correct socket is called de-multiplexing. The segment's data is then forwarded to the process attached to the socket.

A socket is a communication endpoint. A socket is not directly related to the TCP/IP protocol family, it can be used with any protocol your system supports. The C socket API expects you to first get a blank socket object from the system that you can then either bind to a local socket address (to directly retrieve incoming traffic for connection-less protocols or to accept incoming connection requests for connection-oriented protocols) or that you can connect to a remote socket address (for either kind of protocol). You can even do both if you want to control both, the local socket address a socket is bound to and the remote socket address a socket is connected to. For connection-less protocols connecting a socket is even optional but if you don't do that, you'll have to also pass the destination address with every packet you want to send over the socket as how else would the socket know where to send this data to? Advantage is that you can use a single socket to send packets to different socket addresses. Once you have your socket configured and maybe even connected, consider it to be a bi-directional communication pipe. You can use it to pass data to some destination and some destination can use it to pass data back to you. What you write to a socket is send out and what has been received is available for reading.

Ports on the other hand are something that only certain protocols of the TCP/IP protocol stack have. TCP and UDP packets have ports. A port is just a simple number. The combination of source port and destination port identify a communication channel between two hosts. E.g. you may have a server that shall be both, a simple HTTP server and a simple FTP server. If now a packet arrives for the address of that server, how would it know if that is a packet for the HTTP or the FTP server? Well, it will know so as the HTTP server will run on port 80 and the FTP server on port 21, so if the packet arrives with a destination port 80, it is for the HTTP server and not for the FTP server. Also the packet has a source port since without such a source port, a server could only have one connection to one IP address at a time. The source port makes it possible for a server to distinguish otherwise identical connections: they all have the same destination port, e.g. port 80, the same destination IP (the IP of the server), and the same source IP, as they all come from the same client, but as they have different source ports, the server can distinguish them from each other. And when the server sends back replies, it will do so to the port the request came from, that way the client can also distinguish different replies it receives from the same server.

端口和插座可以比作银行分行。

“银行”的门牌号与IP地址类似。 银行有不同的部分,比如:

储蓄帐务部 个人贷款部 房屋贷款部 投诉部门

因此,1(储蓄账户部)、2(个人贷款部)、3(住房贷款部)和4(申诉部)是端口。

现在让我们假设你要开一个储蓄账户,你去了银行(IP地址),然后你去了“储蓄账户部门”(端口号1),然后你遇到了在“储蓄账户部门”工作的一名员工。让我们称他为SAVINGACCOUNT_EMPLOYEE1,用于开户。

SAVINGACCOUNT_EMPLOYEE1是套接字描述符,因此可能存在 SAVINGACCOUNT_EMPLOYEE1到SAVINGACCOUNT_EMPLOYEEN。这些都是套接字描述符。

同样地,其他部门将有员工在他们之下工作,他们类似于插座。