单个端口可以有一个或多个连接不同外部IP的插座，如多个电源插座。

  TCP    192.168.100.2:9001     155.94.246.179:39255   ESTABLISHED     1312
  TCP    192.168.100.2:9001     171.25.193.9:61832     ESTABLISHED     1312
  TCP    192.168.100.2:9001     178.62.199.226:37912   ESTABLISHED     1312
  TCP    192.168.100.2:9001     188.193.64.150:40900   ESTABLISHED     1312
  TCP    192.168.100.2:9001     198.23.194.149:43970   ESTABLISHED     1312
  TCP    192.168.100.2:9001     198.49.73.11:38842     ESTABLISHED     1312

端口是最简单的部分，它只是套接字的唯一标识符。套接字是进程可以用来建立连接和相互通信的东西。高个子杰夫有一个很好的电话比喻，但并不完美，所以我决定修正它:

IP和端口~电话号码 插座~电话设备 连接~电话 建立连接~拨打号码 流程，远程应用程序~人员 留言~语音

套接字基本上是网络通信的端点，至少由一个ip地址和一个端口组成。在Java/ c#中，套接字是双向连接一侧的高级实现。

还有Java教程中的一个(非规范的)定义。

尽可能简单地说，套接字和端口之间没有物理区别，例如PATA和SATA之间的区别。它们只是一些读写网卡的软件。

A port is essentially a public socket, some of which are well-known/well-accepted, the usual example being 80, dedicated to HTTP. Anyone who wants to exchange traffic using a certain protocol, HTTP in this instance, canonically goes to port 80. Of course, 80 is not physically dedicated to HTTP (it's not physically anything, it's just a number, a logical value), and could be used on some particular machine for some other protocol ad libitum, as long as those attempting to connect know which protocol (which could be quite private) to use.

套接字本质上是一个私有端口，为连接方知道但其他人不一定知道的特定目的而建立。底层传输层通常是TCP或UDP，但也不一定非得如此。最基本的特征是两端都知道发生了什么，不管发生了什么。

这里的关键是，当在某个端口上接收到连接请求时，应答握手包括有关为服务特定请求者而创建的套接字的信息。后续通信通过该(私有)套接字连接进行，而不是服务继续侦听连接请求的公共端口连接。

一个连接套接字(fd)用于本地地址+本地端口+对端地址+对端端口。通过套接字抽象处理recv/发送数据。 一个监听套接字(fd)用于本地地址+本地监听端口。进程可以通过套接字接受新的连接。

An application consists of pair of processes which communicate over the network (client-server pair). These processes send and receive messages, into and from the network through a software interface called socket. Considering the analogy presented in the book "Computer Networking: Top Down Approach". There is a house that wants to communicate with other house. Here, house is analogous to a process, and door to a socket. Sending process assumes that there is a infrastructure on the other side of the door that will transport the data to the destination. Once the message is arrived on the other side, it passes through receiver's door (socket) into the house (process). This illustration from the same book can help you: Sockets are part of transport layer, which provides logical communication to applications. This means that from application's point of view both hosts are directly connected to each other, even though there are numerous routers and/or switches between them. Thus a socket is not a connection itself, it's the end point of the connection. Transport layer protocols are implemented only on hosts, and not on intermediate routers. Ports provide means of internal addressing to a machine. The primary purpose it to allow multiple processes to send and receive data over the network without interfering with other processes (their data). All sockets are provided with a port number. When a segment arrives to a host, the transport layer examines the destination port number of the segment. It then forwards the segment to the corresponding socket. This job of delivering the data in a transport layer segment to the correct socket is called de-multiplexing. The segment's data is then forwarded to the process attached to the socket.