First I'll give you links to port assignments and documents that will
help, then I'll give you my understanding of the workings of TCP and UDP (if
you don't mind doing a little reading). The first link is to a listing of
UDP/TCP ports:
http://www.networkice.com/advice/Exploits/Ports/
Additionally, I would advise you to go to the Cisco Web site www.cisco.com,
and investigate the details concerning TCP/IP. I'm sure you've already
checked there, and I don't mean to offend you by indicating this, however
the issue concerning ports and transport protocols is vague and needs to be
investigated at length in order for someone to gain a clear understanding.
That being said, here is what I personally know (once again, this is not
gospel, this is one persons understanding).
We first have to agree that TCP/IP does not directly correlate to the OSI
Reference Model. If we can agree on that, then we can discuss how an
application or service talks to the TCP/IP protocol, and how TCP and UDP
relate to port assignments. If you looked at the first link I indicated,
you will see that there are no specific listings for TCP or UDP ports, only
listings for services that operate over certain ports. There are two kinds
of port assignments: those that are well known and used to provide specific
services using the TCP/IP suite as an application level service, and those
ports that are negotiated for a particular application that exists outside
of TCP/IP. An analogy would be: If you choose to Telnet into another
computer, you are using an application which is part of the TCP/IP suite.
The innerworkings of Telnet are included in the TCP/IP specification. If,
however, you are going to connect to a server to play Quake III or something
of that nature, you are using TCP/IP only as a transport. Quake III is an
application, but is not an application that is contained in the TCP/IP
suite. To that end, you are not using TCP/IP on the Application,
Presentation, or Session layers of the OSI, but rather the Quake III
application uses TCP or UDP as a transport for communication. In the case
of Quake III, it provides it's own application, presentation, and session
layer information, and then communicates with the TCP/IP protocol, telling
it whether it needs connection-oriented or connectionless transmission. And
now the discussion turns to which ports are TCP (connection-oriented) ports
and which ports are UDP (connectionless) ports.
Regarding the issue of which ports are UDP and which are TCP; I've never
seen a document which explains this to my satisfaction. This is where my
logic (and or the failure there of) comes into play. My understanding is
that TCP and UDP do not have port assignments. If you are using an
application that is outside of the services of the TCP/IP protocol suite,
the application must request either a connection-oriented (TCP), or
connectionless (UDP) transport. If this train of thought is correct, then
it doesn't matter what port an application requests, it will be able to
request either TCP or UDP based on whether the application needs a
connection-oriented or connectionless transport. There are (by RFC
specification I believe) 1024 well known ports. The first 1024 have been
reserved (so to speak)for the TCP/IP protocol. This logic might indicate
that these ports (for the purposes of security and convenience) have been
designated as either UDP or TCP, however I'm not sure this is the case. I
will give you an example, however, to clarify this point. FTP is known as a
TCP/IP suite protocol known to be a File Transfer Protocol. It is also
known to use the Transport Control Protocol (TCP) as its transport (end to
end connection)and actually uses two ports: 20 and 21. If you look at those
ports, one controls data flow and the other actually transmits data. This
is important in that when we use FTP we are declaring that the information
being sent is critical and we need confirmation that it is being received
correctly. Conversly, TFTP uses port 69. The Trivial File Transport
Protocol uses UDP, a connectionless protocol, which assumes that the data is
not critical. In the case of UDP, we're saying that we'd like to send
information, but It's not neccessary to acknowledge it. Both these
protocols are part of the TCP/IP suite, and both use a different transport
method. My question would be in regards to the 1024 well known ports and
whether there are assignments specifically designated to the TCP/IP suite,
or is rather just a matter that applications developed using these ports use
this standard for the sake of continuity?
If you wish to extend this discussion, we could consider why anyone would
consider using a connectionless protocol at all, considering it's unreliable
nature. The answer lies (lays?) in its history. At a certain point in
time, applications didn't provide any error correction, they merely provided
information. As technology evolved, programs were capable of providing this
service, thereby not needing error correction at the network level.
Additionally, some services will not benefit from this error correction
since they are time critical. Examples of this would be streaming
Audio/Video media or interactive games. If I'm watching a movie over the
Internet, and my computer drops a packet, that moment is gone. No mater how
fast it can recouprerate from this, there's going to be some interruption in
my media flow. This is an example of where UDP plays an important role.
UDP requires far less overhead than TCP in transmission, thus allowing
faster transport and greater bandwidth to other users.
""shella kevin"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am confusing little about the UDP and TCP ports in the access list
> statement. Can any one tell me any document explaining it ?
>
> Also any document showing the ports information like port 5001 or 2918 ?
> what are they for and what is the function ?
>
> Thanks
> S. Kevin
>
>
> _________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9659&t=9638
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
