What Port Should I Use? - Networking

This is a discussion on What Port Should I Use? - Networking ; IANA divides port numbers into three groups, well known, registered and dynamic/private. According to IANA, my server should not use any of the registered ports. But if I use of of the dynamic/private ports don't I run the risk of ...

+ Reply to Thread
Results 1 to 18 of 18

Thread: What Port Should I Use?

  1. What Port Should I Use?

    IANA divides port numbers into three groups, well known, registered and
    dynamic/private.

    According to IANA, my server should not use any of the registered ports.
    But if I use of of the dynamic/private ports don't I run the risk of the
    port already having been assigned to some socket? Many of the
    ports in the registered range are not assigned. Would one of them be a
    better choice?

    Dan

  2. Re: What Port Should I Use?

    On Feb 12, 9:30 pm, Dan N wrote:

    > IANA divides port numbers into three groups, well known, registered and
    > dynamic/private.


    > According to IANA, my server should not use any of the registered ports.
    > But if I use of of the dynamic/private ports don't I run the risk of the
    > port already having been assigned to some socket? Many of the
    > ports in the registered range are not assigned. Would one of them be a
    > better choice?


    It all depends what you're doing. You haven't given us any clues.

    DS

  3. Re: What Port Should I Use?

    On Wed, 13 Feb 2008 05:06:21 -0800, David Schwartz wrote:

    > It all depends what you're doing. You haven't given us any clues.


    Yes I have, I'm running a server, something that I need to assign a port to.

    Dan

  4. Re: What Port Should I Use?

    On Feb 13, 5:22 pm, Dan N wrote:
    > On Wed, 13 Feb 2008 05:06:21 -0800, David Schwartz wrote:
    > > It all depends what you're doing. You haven't given us any clues.

    >
    > Yes I have, I'm running a server, something that I need to assign a port to.
    >
    > Dan



    What type of server, what port(s) are you thinking of?


  5. Re: What Port Should I Use?

    On 02/14/2008 05:52 AM, Dan N wrote:
    > On Wed, 13 Feb 2008 05:06:21 -0800, David Schwartz wrote:
    >
    >> It all depends what you're doing. You haven't given us any clues.

    >
    > Yes I have, I'm running a server, something that I need to assign a port to.


    BTW, is it possible you elaborate a bit more what's that something and,
    or server is supposed to do.

    --
    Dr Balwinder S "bsd" Dheeman Registered Linux User: #229709
    Anu'z Linux@HOME (Unix Shoppe) Machines: #168573, 170593, 259192
    Chandigarh, UT, 160062, India Gentoo, Fedora, Debian/FreeBSD/XP
    Home: http://cto.homelinux.net/~bsd/ Visit: http://counter.li.org/

  6. Re: What Port Should I Use?

    Dan N wrote:
    > On Wed, 13 Feb 2008 05:06:21 -0800, David Schwartz wrote:
    >
    >> It all depends what you're doing. You haven't given us any clues.

    >
    > Yes I have, I'm running a server, something that I need to assign a port to.
    >
    > Dan


    Pick something not already in use.

    See
    /etc/services
    and
    http://www.iana.org/assignments/port-numbers

  7. Re: What Port Should I Use?

    On Feb 13, 4:22 pm, Dan N wrote:
    > On Wed, 13 Feb 2008 05:06:21 -0800, David Schwartz wrote:
    > > It all depends what you're doing. You haven't given us any clues.

    >
    > Yes I have, I'm running a server, something that I need to assign a port to.
    >
    > Dan


    That's still no information at all. What kind of server? Are you going
    to be in charge of all the servers running it or will it be
    distributed? What is the target user who would be installing and
    managing the server? Does it use an existing protocol or a new one?

    DS

  8. Re: What Port Should I Use?

    David Schwartz wrote:
    > On Feb 13, 4:22 pm, Dan N wrote:
    >> On Wed, 13 Feb 2008 05:06:21 -0800, David Schwartz wrote:
    >>> It all depends what you're doing. You haven't given us any clues.

    >> Yes I have, I'm running a server, something that I need to assign a port to.
    >>
    >> Dan


    something between 1-65535 should do.

  9. Re: What Port Should I Use?

    On Thu, 14 Feb 2008 13:27:16 -0800, David Schwartz wrote:

    > That's still no information at all. What kind of server?


    It's serving widgets. Widgets servers have no IANA assigned port.

    > Are you going
    > to be in charge of all the servers running it or will it be
    > distributed?


    It will not be used enough to warrant registering a port with IANA.

    > What is the target user who would be installing and
    > managing the server?


    Because it is serving widgets and there is no port assigned for widgets, it
    will not be using well know ports. So it will not require root privilege
    to run.

    > Does it use an existing protocol or a new one?

    If it used an existing protocol the obvious choice would be to use the
    port already assigned to that protocol.

    So back to my original question:
    if I use one of the dynamic/private ports don't I run the risk of the
    port already having been assigned to some socket? Many of the
    ports in the registered range are not assigned. Would one of them be a
    better choice?

    Dan

  10. Re: What Port Should I Use?

    On 13 Feb 2008, in the Usenet newsgroup comp.os.linux.networking, in article
    <47b2807f$0$20227$5a62ac22@per-qv1-newsreader-01.iinet.net.au>, Dan N wrote:

    >IANA divides port numbers into three groups, well known, registered and
    >dynamic/private.
    >
    >According to IANA, my server should not use any of the registered ports.


    You can use any port you wish to. You need only live with the consequences.
    The purpose of port registration is to allow others to have some clue where
    to connect to your server to find what-ever service you may want to be
    providing. Do you want to run it on 25/tcp or 2048/tcp - go for it, but
    expect that clients are going to need to know where you've hidden it, and
    what sort of protocol (not just network, like TCP or UDP or what-ever, but
    the application level protocol - what words are in those packets, in what
    order, and so on).

    http://www.iana.org/assignments/port-numbers says that ports 0-1023 are
    well known ports, providing services on most systems. I mention using
    port 25 above, which is the well-known port for SMTP (mail transfer). In
    the event that your system was going to send mail to another, your system
    would look for a mail server on port 25 on that other server, because that
    is what the protocol expects. If you wanted to run a mail server on port
    27, you could do so, and not one of the Internet Police Force would come
    to your house and beat you to a pulp for trying. By the same token, don't
    expect to many other systems in the world to know you're on a non-standard
    port. Can you say "compatibility"?

    >But if I use of of the dynamic/private ports don't I run the risk of the
    >port already having been assigned to some socket?


    That's a problem for you when you are configuring the server. Start by
    running the command 'netstat -anptu' and see what ports are in use now.
    You may not want to try to use those, because any process trying to use
    a port that is being used elsewhere will get an error message saying
    that the port is in use, and suggesting you go elsewhere.

    >Many of the ports in the registered range are not assigned.


    Registered Ports are in the range 1024-49151, and please tell me if that
    has stopped eleventy-zillion viruses from using those ports. Or have
    you looked somewhere else and found that The Cult Of The Dead Cow has
    managed to register port 31337 for the family of Back Oriface worms?

    >Would one of them be a better choice?


    Try it and see what happens. The worst thing you might run into is your
    ISP or an upstream is tossing any packets to/from that port into the bit
    bucket because it looks like yet another windoze virus, or they could
    increase what they charge you because of your attempted mis-use of their
    bandwidth..

    Old guy

  11. Re: What Port Should I Use?

    On Feb 14, 6:05 pm, Dan N wrote:

    > if I use one of the dynamic/private ports don't I run the risk of the
    > port already having been assigned to some socket?


    You do no matter what. Why is it a big deal of the port is already
    assigned? Nothing prevents an administrator with that issue from
    running the server on another port.

    > Many of the
    > ports in the registered range are not assigned. Would one of them be a
    > better choice?


    It's hard to say because you are being strangely vague about what
    you're doing.

    DS

  12. Re: What Port Should I Use?

    On Fri, 15 Feb 2008 02:05:40 +0000, Dan N wrote:

    > On Thu, 14 Feb 2008 13:27:16 -0800, David Schwartz wrote:
    >
    >> That's still no information at all. What kind of server?

    >
    > It's serving widgets. Widgets servers have no IANA assigned port.
    >
    >> Are you going
    >> to be in charge of all the servers running it or will it be
    >> distributed?

    >
    > It will not be used enough to warrant registering a port with IANA.
    >
    >> What is the target user who would be installing and managing the
    >> server?

    >
    > Because it is serving widgets and there is no port assigned for widgets,
    > it will not be using well know ports. So it will not require root
    > privilege to run.
    >
    >> Does it use an existing protocol or a new one?

    > If it used an existing protocol the obvious choice would be to use the
    > port already assigned to that protocol.
    >
    > So back to my original question:
    > if I use one of the dynamic/private ports don't I run the risk of the
    > port already having been assigned to some socket? Many of the ports in
    > the registered range are not assigned. Would one of them be a better
    > choice?


    Ummm... You control the server, no?

    So just pick one that's not being used.

    If you need to know which ones are being used, netstat is a good
    beginning.


  13. Re: What Port Should I Use?

    On Thu, 14 Feb 2008 21:30:23 -0600, Moe Trin wrote:

    > You can use any port you wish to. You need only live with the
    > consequences.


    That's really the crux of the matter, isn't it.

    If I start up my server using a port in the dynamic/private range then I
    run the risk that the port is already in use by some client on the same
    host. When the client started, the tcp stack would have dynamically
    assigned it a port and that just might be the one that I want my server to
    listen on. So this doesn't seem like a good option. This leaves me with
    ports in the well known or registered ranges.

    But if I want to adhere to standards what port do I use? IANA says that
    the well known and registered ports shouldn't be used without
    registration. And my server is using a proprietary protocol that I
    really don't have any need to register.

    The only choice I seem to have is to not adhere to standards. The
    conclusion I've come to is to use a port somewhere in the registered
    range.

    Thanks

    Dan

  14. Re: What Port Should I Use?

    Dan N wrote:
    > On Thu, 14 Feb 2008 21:30:23 -0600, Moe Trin wrote:
    >
    >> You can use any port you wish to. You need only live with the
    >> consequences.

    >
    > That's really the crux of the matter, isn't it.
    >
    > If I start up my server using a port in the dynamic/private range then I
    > run the risk that the port is already in use by some client on the same
    > host. When the client started, the tcp stack would have dynamically
    > assigned it a port and that just might be the one that I want my server to
    > listen on. So this doesn't seem like a good option.


    Yet it is common practice. Cases in point; JBoss - the default
    distribution uses a bunch of ports at the start of the dynamic range -
    another is apache which is commonly configured to run on port 8080
    instead of port 80.
    But as these are servers they are usually started when the host starts
    so they will be first to lay claim to these port numbers.

    > This leaves me with
    > ports in the well known or registered ranges.


    You could use a port under 1024, as long as it is free - as in not to be
    used by any other service you might need to start on the host.

    > But if I want to adhere to standards what port do I use? IANA says that
    > the well known and registered ports shouldn't be used without
    > registration. And my server is using a proprietary protocol that I
    > really don't have any need to register.


    As was pointed out; you do not need to.
    "The purpose of port registration is to allow others to have some clue where
    to connect to your server to find what-ever service you may want to be
    providing."

    > The only choice I seem to have is to not adhere to standards. The
    > conclusion I've come to is to use a port somewhere in the registered
    > range.


    Maybe you should start smaller.
    Run up apache. See that you can connect on port 80.
    Reconfigure apache to listen on port 8080
    reload apache (or stop and start).
    See that you can connect on port 8080.

    Decide if it is 'bad' that apache is now listening on port 8080.

  15. Re: What Port Should I Use?

    In article , joe@nospam.duh
    (Joe Beanfish) writes:

    > Dan N wrote:
    >
    >> On Wed, 13 Feb 2008 05:06:21 -0800, David Schwartz wrote:
    >>
    >>> It all depends what you're doing. You haven't given us any clues.

    >>
    >> Yes I have, I'm running a server, something that I need to assign
    >> a port to.

    >
    > Pick something not already in use.


    And make it configurable, so if it turns out someone else is using
    the port, you can try another one.

    --
    /~\ cgibbs@kltpzyxm.invalid (Charlie Gibbs)
    \ / I'm really at ac.dekanfrus if you read it the right way.
    X Top-posted messages will probably be ignored. See RFC1855.
    / \ HTML will DEFINITELY be ignored. Join the ASCII ribbon campaign!


  16. Re: What Port Should I Use?

    Charlie Gibbs wrote:
    > In article , joe@nospam.duh
    > (Joe Beanfish) writes:
    >
    >
    >>Dan N wrote:
    >>
    >>
    >>>On Wed, 13 Feb 2008 05:06:21 -0800, David Schwartz wrote:
    >>>
    >>>
    >>>>It all depends what you're doing. You haven't given us any clues.
    >>>
    >>>Yes I have, I'm running a server, something that I need to assign
    >>>a port to.

    >>
    >>Pick something not already in use.

    >
    >
    > And make it configurable, so if it turns out someone else is using
    > the port, you can try another one.



    The port number is important only in the host acting as
    the server, the host being connected to. The client will
    usually use an ephemeral port, a port assigned by the
    operating system when the connection is built up.

    Please note that the port numbers are per-host: A server
    can use port 12345 to a totally different use than another
    server for the same port. This means that for his own host,
    the OP can use the port nubers at will. Of course, it is
    not a good idea to use a reserved port (1 - 1023) to a
    different use than in the 'Reserved Numbers' RFC.

    Also, the TCP and UDP ports are distinct entities, but to
    avoid confusion, it is a common practice to use same numbers
    for a service, if it uses both TCP and UDP. An example is
    the DNS with port 53.

    --

    Tauno Voipio
    tauno voipio (at) iki fi

  17. Re: What Port Should I Use?

    On 15 Feb 2008, in the Usenet newsgroup comp.os.linux.networking, in article
    <47b52835$0$20181$5a62ac22@per-qv1-newsreader-01.iinet.net.au>, Dan N wrote:

    >Moe Trin wrote:


    >> You can use any port you wish to. You need only live with the
    >> consequences.

    >
    >That's really the crux of the matter, isn't it.


    Yup. RFCs are interesting standards. They detail an expectation of how
    things are to work. You are absolutely allowed to do anything YOU want to
    do, but if you expect to work with others, then here are some good ideas
    you should follow.

    >If I start up my server using a port in the dynamic/private range then I
    >run the risk that the port is already in use by some client on the same
    >host.


    [compton ~]$ /bin/netstat -antu | grep -c tcp
    2
    [compton ~]$

    So there are 2 ports in use out of 65000 - I'd say that's pretty good odds,
    wouldn't you? Sure, a lot depends on what you are doing with your system
    and I can't answer to that. As a general statement, systems meant to be
    offering network services are not meant to be ALSO be being used by J.
    Random Luser as his workstation. Looking at the servers on my home LAN,
    the file servers have about 60 ports in use. The print server has two. The
    gateway box has three.

    >When the client started, the tcp stack would have dynamically assigned it
    >a port and that just might be the one that I want my server to listen on.


    Many people tend to start running servers before any client crap is
    started. Depending on your kernel, you may discover that ephemeral ports
    used client-side TEND to run over the range of perhaps 1025-32760 or so.

    >So this doesn't seem like a good option. This leaves me with ports in
    >the well known or registered ranges.


    Have you looked at what is running on your server? Are there really that
    many ephemeral ports in use? If so, then yes you may want to consider
    using something in the well known range - because the original extra
    feature about those ports was that a server listening on those ports was
    not likely to be a user-land process except in really strange (individual)
    situations.

    >But if I want to adhere to standards what port do I use? IANA says that
    >the well known and registered ports shouldn't be used without
    >registration. And my server is using a proprietary protocol that I
    >really don't have any need to register.


    You would want to choose a port based on inter-operability. Do you expect
    your service will be accessed by strangers from outside? If no, then you
    can do exactly what you want to do. Your LAN, your rules. Are you
    concerned that a packet escaping from your LAN may cause the Internet
    Gods to cloud up and rain on you? That's a perimeter firewall issue, but
    probably not a major concern. If your server is using a proprietary
    protocol, it just means that outsiders will have to come to you to get
    the details. Again, probably not a big factor.

    >The only choice I seem to have is to not adhere to standards. The
    >conclusion I've come to is to use a port somewhere in the registered
    >range.


    Grab a copy of RFC0793 from your favorite website:

    0793 Transmission Control Protocol. J. Postel. September 1981.
    (Format: TXT=172710 bytes) (Updated by RFC3168) (Also STD0007)
    (Status: STANDARD)

    and look at the top of page 5, in the section "Multiplexing:". Here is
    the second paragraph in that section:

    The binding of ports to processes is handled independently by each
    Host. However, it proves useful to attach frequently used processes
    (e.g., a "logger" or timesharing service) to fixed sockets which are
    made known to the public. These services can then be accessed
    through the known addresses. Establishing and learning the port
    addresses of other processes may involve more dynamic mechanisms.

    [compton ~]$ zcat rfcs/rfc-index.* | sed 's/^$/\%/' | tr -d '\n' | tr '%'
    '\n' | grep '^[0-9]' | tr -s ' ' | grep -v 'Not Issued' | sed 's/.*Status:
    //' | tr -d '\)' | sort | uniq -c | column
    145 BEST CURRENT PRACTICE 1564 INFORMATIONAL
    135 DRAFT STANDARD 1667 PROPOSED STANDARD
    288 EXPERIMENTAL 88 STANDARD
    210 HISTORIC 909 UNKNOWN
    [compton ~]$ zcat rfcs/rfc-index.* | sed 's/^$/\%/' | tr -d '\n' | tr '%'
    '\n' | grep '^[0-9]' | tr -s ' ' | grep -c 'Not Issued'
    80
    [compton ~]$

    As of 2 February 2008, there were just over 5000 RFCs available, but not
    one of them REQUIRES that a service listening on port $FOO must be $BAR
    and $BAR must be available on port $FOO if it is running. There is
    nothing in those documents that requires anything except for inter-
    operability. If you aren't concerned that an outsider may not know how
    to connect to your server, I don't think to many other people will care
    either. If you expect to have others connect, then you may want to be
    following some of the standards (did you notice that there are just 88
    RFCs identified as "STANDARD" - a lot of drafts and proposals, but not
    that many) - like maybe RFC0894 (Ethernet), RFC0791 (IP), RFC0793 (TCP)
    so that your packets can pass over the wire but following the Ethernet
    standard[s] doesn't imply that you must ALSO follow IPv4 (never mind
    IPv6, Novell IPX, Banyan VINES, Appletalk, or any of the 65000 possible
    protocols including the 184 ethertypes identified by
    http://www.iana.org/assignments/ethernet-numbers.

    If you've been looking at your firewall logs, you may have discovered
    that every zombie on every broadband network in the world is trying to
    connect to your 22/tcp and 25/tcp - because that's where the SSH and
    MTA servers should be listening IF THEY EXIST. Must they be on those
    ports only? Not really. My SSH access to my LAN uses a port quite
    different from 22/tcp - and the poor zombies can't connect to it. Isn't
    that simply terrible? I'm breaking the Internet rules - I'm gonna go to
    jail! Am I able to connect to my systems from outside? Yes. Do you
    think that I care that unauthorized hosts can't seem to do so? ;-)

    Old guy

  18. Re: What Port Should I Use?

    On Fri, 15 Feb 2008 20:24:21 -0600, Moe Trin wrote:

    > As of 2 February 2008, there were just over 5000 RFCs available, but not
    > one of them REQUIRES that a service listening on port $FOO must be $BAR
    > and $BAR must be available on port $FOO if it is running. There is
    > nothing in those documents that requires anything except for inter-
    > operability.


    Thanks for that, some interesting and useful comments.

    Dan

+ Reply to Thread