networking - Use of ephemeral port for server

07
2014-07
  • PrimosK

    In general ephemeral ports are used by clients when establishing connection with the server.

    For example:

    1. Server listens on port 80
    2. A client (browser, FTP client, bittorent client) send a request to server including ephemeral port assigned by OS
    3. Server responds using provided ephemeral port as destination port

    And now the question:

    I wrote a server application which I would like to start on random free port each time it is started (To keep this question consist I will not explain why I would like this behaviour). Now my question is what implications would it have if I use one of ephemeral ports for server to listen on. Are there any drawbacks (also in terms of security) of doing this?

    Do you maybe know any example of a server that is also make use of ephemeral ports in practise?

    One of my concerns is also statement from The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference (page 705):

    Just as well-known and registered port numbers are used for server processes, ephemeral port numbers are for client processes only.

    • Answers
  • Richard

    As a help the Wikipedia page on Ephemeral Port gives more information about the port numbers actually used by OS.

    From this one can immediately see there are many ports available that are not typically used by server (processes) and are not in the ephemeral range.

    Thus the obvious solution would be to randomly select from one of those other ports. This avoids needing to make assumptions about how the OS allocates from the ephemeral range: does it check actual use or just its allocations to avoid collisions for new allocations?.

    That question might seem minor, but with a client port the process does not usually directly use the port number (it is allocated when the process opens the connection, only by looking at the socket's properties can the process find the number: and usually this is completely unnecessary). However to accept incoming connections the socket must be bound to a specific port, thus the server process is responsible for getting a port number.


    • Related Question

    How do networking ports work? Can I configure the ports that client and server use?
  • joedotnot

    Let's say i have a "server" program listening on address 1.2.3.4:69 (i.e. remote port 69)

    When i connect from a "client" program to it, typically i would specify the IP address + port of the target or server system;

    But what port would the client be using ? And how does the server know which port to connect back to the client on?

    I understand this question is very general, but just wanting to get a general feel for how things work.

    Then extending this to a specific protocol, say FTP (typical port 21), can I change it such that the server uses port 69, but the client uses port 100?

    And similarly, for Remote Desktop in WinXP (typical port 3389), i know how to change the server port to be something other than 3389, but how does one change what port the client uses (if at all possible)?


    • Related Answers
  • sleske

    When i connect from a "client" program to it, typically i would specify the Ip address + port of the target or server system;

    Yes, correct.

    But what port would the client be using ?

    The client usually uses a random port. More precisely: For TCP to work, the only requirement is that the combination of destination address, destination port, source address, source port is unique - because this is used to keep track of TCP connections. So in principle the OS could just increment the source port number for each new connection. Actually, many OSes used to do this, but it made certain kinds of attacks easier, because an attacker could predict the next port number. So most modern OSes now use random source ports.

    And how does the server know which port to connect back to the client on?

    A TCP packet contains both the destination and the source port, so each side knows both port numbers. See e.g. the diagram for the data inside a TCP packet on http://en.wikipedia.org/wiki/Transmission_Control_Protocol .

    Then extending this to a specific protocol, say Ftp (typical port 21), can i change it such that the server uses port 69, but the client uses port 100?

    Usually you can configure a server to use any port you choose (though this depends on the individual server application). So you could configure the FTP server to use port 69. The client port cannot be configured as far as I know. The same goes for any other protocol such as RDP.

    At any rate, why would you want to change the client port?