What is the difference between a port and a socket?

Question

This was a question raised by one of the software engineers in my organisation. I'm interested in the broadest definition.

Answer 1

A socket = IP Address + a port (numeric address)
Together they identify an end-point for a network connection on a machine. (Did I just flunk network 101?)

Answer 2

From here

A socket represents a single connection between two network applications. These two applications nominally run on different computers, but sockets can also be used for interprocess communication on a single computer. Applications can create multiple sockets for communicating with each other. Sockets are bidirectional, meaning that either side of the connection is capable of both sending and receiving data. Therefore a socket can be created theoretically at any level of the OSI model from 2 upwards. Programmers often use sockets in network programming, albeit indirectly. Programming libraries like Winsock hide many of the low-level details of socket programming. Sockets have been in widespread use since the early 1980s. A port represents an endpoint or "channel" for network communications. Port numbers allow different applications on the same computer to utilize network resources without interfering with each other. Port numbers most commonly appear in network programming, particularly socket programming. Sometimes, though, port numbers are made visible to the casual user. For example, some Web sites a person visits on the Internet use a URL like the following:

http://www.mairie-metz.fr:8080/ In this example, the number 8080 refers to the port number used by the Web browser to connect to the Web server. Normally, a Web site uses port number 80 and this number need not be included with the URL (although it can be).

In IP networking, port numbers can theoretically range from 0 to 65535. Most popular network applications, though, use port numbers at the low end of the range (such as 80 for HTTP). The port number is included as a field within the header of each IP packet.

Note: The term port also refers to several other aspects of network technology. A port can refer to a physical connection point for peripheral devices such as serial, parallel, and USB ports. The term port also refers to certain Ethernet connection points, such as those on a hub, switch, or router.

ref http://compnetworking.about.com/od/basicnetworkingconcepts/l/bldef_port.htm

ref http://compnetworking.about.com/od/itinformationtechnology/l/bldef_socket.htm

Answer 3

Socket is the most common abstraction to connect one IP address/port to another IP address/port pair.

Ports are the TCP/IP protocol way to allow one IP address to be able to establish more than one connection.

Answer 4

They are terms from two different domains: 'port' is a concept from TCP/IP networking, 'socket' is an API (programming) thing. A 'socket' is made (in code) by taking a port and a hostname or network adapter and combining them into a data structure that you can use to send or receive data.

Answer 5

A socket is basically an endpoint for network communication, consisting of at least an IP-address and a port. In Java/C# a socket is a higher level implementation of one side of a two-way connection.

Also, a definition in the Java documentation.

Answer 6

A socket is a data I/O mechanism. A port is a contractual concept of a communication protocol. A socket can exist without a port. A port can exist witout a specific socket (e.g. if several sockets are active on the same port, which may be allowed for some protocols).

A port is used to determine which socket the receiver should route the packet to, with many protocols, but it is not always required and the receiving socket selection can be done by other means - a port is entirely a tool used by the protocol handler in the network subsystem. e.g. if a protocol does not use a port, packets can go to all listening sockets or any socket.

Answer 7

A socket is a structure in your software. It's more-or-less a file; it has operations like read and write. It isn't a physical thing; it's a way for your software to refer to physical things.

A port is a device-like thing. Each host has one or more networks (those are physical); a host has an address on each network. Each address can have thousands of ports.

One socket only may be using a port at an address. The socket allocates the port approximately like allocating a device for file system I/O. Once the port is allocated, no other socket can connect to that port. The port will be freed when the socket is closed.

Take a look at TCP/IP Terminology.

Answer 8

Just to reiterate, sockets are not limited to network IO. They're available in all sorts of situations for streaming data between various applications.

Answer 9

Port:

A port can refer to a physical connection point for peripheral devices such as serial, parallel, and USB ports. The term port also refers to certain Ethernet connection points, s uch as those on a hub, switch, or router.

Socket:

A socket represents a single connection between two network applications. These two applications nominally run on different computers, but sockets can also be used for interprocess communication on a single computer. Applications can create multiple sockets for communicating with each other. Sockets are bidirectional, meaning that either side of the connection is capable of both sending and receiving data.

Answer 10

A socket is a communication endpoint. A socket is not bound to TCP/IP, it can be any protocol. You create a socket by either defining a local address (in case of TCP/IP an address is an IP address and usually, in case it's a TCP or UDP socket, a port number, both can be ANY) and then binding the socket to it and just use it a server socket, or you can create a socket by defining a remote address and then connecting the socket to it (additionally you can bind it to a local address in advance, if you want to keep control of the local address and port as well) and use it as a client socket. Once you have a socket, consider it a communication pipe. You send data to it and the other side (to that you connected or that connected to you) receives the data you send there. Both ends of a socket can be on the same host or million of miles away. Once a socket is fully connected, you don't need to care anymore what kind of socket that is. If it is a TCP/IP socket, whether it is IPv4 or IPv6 or any other protocol, you just send traffic through the socket and everything else is handled by the system for you.

This has all nothing to do with ports. A port is a concept used by the TCP/IP protocol family to distinguish multiple communication tunnels between hosts on the Internet. E.g. if there were no ports, I could connect to server1.example.net to fetch a webpage or I could connect there to fetch mail, but never both at the same time. If I do both at the same time and server1.example.net sends me some data, how can I know if this data belongs to the webpage I just requested or is part of the fetch new mail request? I can't use IP addresses for that, in either case the packet would have the same source and dest address. However ports allow it to further distinguish communication pipes between two Internet hosts. That way I know that traffic for my webpage will come from port 80 and arrive here at port 4130 and traffic from my fetch mail call will come from port 143 and arrive locally 5322. If you program with sockets, the only time you ever get in contact with ports is when you bind or connect the socket, once it is bound and/or connected, you don't care for ports at all anymore.

Answer 11

A port denotes a communication endpoint in the TCP and UDP transports for the IP network protocol. A socket is a software abstraction for a communication endpoint commonly used in implementations of these protocols (socket API). An alternative implementation is the XTI/TLI API.

See also:

Stevens, W. R. 1998, UNIX Network Programming: Networking APIs: Sockets and XTI; Volume 1, Prentice Hall.
Stevens, W. R., 1994, TCP/IP Illustrated, Volume 1: The Protocols, Addison-Wesley.

Answer 12

Relative TCP/IP terminology which is what I assume is implied by the question. In layman's terms:

A PORT is like the telephone number of a particular house in a particular zip code. The ZIP code of the town could be thought of as the IP address of the town and all the houses in that town.

A SOCKET on the other hand is more like an established phone call between telephones of a pair of houses talking to each other. Those calls can be established between houses in the same town or two houses in different towns. It's that temporary established pathway between the pair of phones talking to each other that is the SOCKET.

Answer 13

Bad analogy:

A port is your mail box, a socket is your correspondence with a pen pall.

Good description using above bad analogy: When you wish to read this page you need to find the address, the address includes a port number. When multiple people are reading this site they all use the same port number (80). The full address of this site is 67.199.15.132:80 ipaddress + port number. As port 80 is the default port for http this does not need to be specified.

Once you connect to this site you get a socket, only one person is using that socket (you). All the other users have there own socket.

One address, multiple conversations. Port is part of the address, Socket is the conversation.

Answer 14

This was an interesting question that forced me to re-examine a number of things I thought I knew inside out.

In the broadest possible sense, a port is a point of ingress or egress. The French word porte literally means door. Ports, then, are transportation endpoints whether you ship data or big steel containers.

For the purpose of this discussion I will limit consideration to the context of TCP-IP networks. The OSI model is all very well but has never been completely implemented, much less widely deployed in high-traffic high-stress conditions.

The combination of an IP address and a port is strictly known as an endpoint and is sometimes called a socket. This usage originates with RFC793, the original TCP specification.

A TCP connection is defined by two endpoints aka sockets.

An endpoint (socket) is defined by the combination of a network address and a port identifier.

The purpose of ports is to differentiate multiple endpoints on a given network address. You could say that a port is a virtualised endpoint. This virtualisation makes possible multiple concurrent connections on a single network interface.

It is the socket pair (the 4-tuple consisting of the client IP address, client port number, server IP address, and server port number) that specifies the two endpoints that uniquely identifies each TCP connection in an internet. (TCP-IP Illustrated Volume 1, W. Richard Stevens)

In most C-derived lanaguages, TCP connections are established and manipulated using methods on an instance of a Socket class. Although it is common to operate on a higher level of abstraction, typically an instance of a NetworkStream class, this generally exposes a reference to a socket object. To the coder this socket object appears to represent the connection because the connection is created and manipulated using methods of the socket object.

In C#, to establish a TCP connection (to an existing listener) first you create a TcpClient. If you don't specify an endpoint to the TcpClient constructor it uses defaults - one way or another the local endpoint is defined. Then you invoke the Connect method on the instance you've created. This method requires a parameter describing the other endpoint.

All this is a bit confusing and leads you to believe that a socket is a connection, which is bollocks. I was labouring under this misapprehension until Richard Dorman asked the question.

Having done a lot of reading and thinking, I'm now convinced that it would make a lot more sense to have a class TcpConnection with a constructor that takes two arguments, LocalEndpoint and RemoteEndpoint. You could probably support a single argument RemoteEndpoint when defaults are acceptable for the local endpoint.

Answer 15

There seems to be a lot of answers equating socket with the connection between 2 PC's..which I think is absolutely incorrect. A socket has always been the endpoint on 1 PC, that may or may not be connected - surely we've all used listener or UDP sockets* at some point. The important part is that it's addressable and active. Sending a message to 1.1.1.1:1234 is not likely to work, as there is no socket defined for that endpoint.

Sockets are protocol specific - so the implementation of uniqueness that both TCP/IP and UDP/IP uses* (ipaddress:port), is different than eg., IPX (Network, Node, and...ahem, socket - but a different socket than is meant by the general "socket" term. IPX socket numbers are equivalent to IP ports). But, they all offer a unique addressable endpoint.

Since IP has become the dominant protocol, a port (in networking terms) has become synonomous with either a UDP or TCP port number - which is a portion of the socket address.

• UDP is connection-less - meaning no virtual circuit between the 2 endpoints is ever created. However, we still refer to UDP sockets as the endpoint. The API functions make it clear that both are just different type of sockets - SOCK_DGRAM is UDP (just sending a message) and SOCK_STREAM is TCP (creating a virtual circuit).

• Technically, the IP header holds the IP Address, and the protocol on top of IP (UDP or TCP) holds the port number. This makes it possible to have other protocols (eg. ICMP that have no port numbers, but do have IP addressing information).

Answer 16

In a broad sense, Socket - is just that, a socket, just like your electrical, cable or telephone socket. A point where "requisite stuff" (power, signal, information) can go out and come in from. It hides a lot of detailed stuff, which is not required for the use of the "requisite stuff". In software parlance, it provides a generic way of defining a mechanism of communication between two entities (those entities could be anything - two applications, two physically separate devices, User & Kernel space within an OS, etc)

A Port is an endpoint discriminator. It differentiates one endpoint from another. At networking level, it differentiates one application from another, so that the networking stack can pass on information to the appropriate application.

Answer 17

A connection socket(fd) is presented for local addr + local port + peer addr + peer port. Process recv/send data via socket abstract. A listening socket(fd) is presented for local addr + local listening port. Process can accept new connection via socket.

Answer 18

Port: Street Address

Socket: House