Imagine there is a big wall of “pigeon holes” between your computer and the internet. Each pigeon hole is numbered and each hole has specific purpose. For example, we only accept new SMTP mail in pigeon hole number 25. We only accept WWW requests in pigeon hole number 80. We call these pigeon holes, “ports”.
When we send messages across a network, we do so in special intra-office envelopes called TCP/IP Packets. Written on the envelopes are the Source and Destination addresses and also a Source and a Destination “port”.
So let’s say I want to load up the google web page.
- I write my request on a piece of paper and slip it into a Packet.
- I then take it to the mail room.
- The mail room temporarily assign a pigeon hole number in a special section of the wall of pigeon holes, way up high.
- When the packet-pigeon gets to its destination, it lands in the nominated Destination port
- The mail room handles the request and gives the reply to my pigeon.
- My pigeon then leaves and returns to the special high-numbered port that it originally came from.
- Because the mail room made a note of who temporarily owns that high-up port, it know who to send the reply to!
So a normal exchange between your computer and a web server looks something like this:
Packet 1: My computer requests a web page
Source Address: 184.108.40.206 (my computer)
Source Port: 33421 (a random number)
Destination Address: 220.127.116.11 (the google web server)
Destination Port: 80 (the standard port for HTTP requests)
Packet 2: The reply from the www.google.com web server
Source Address: 18.104.22.168 (the google web server)
Source Port: 80 (because it’s serving HTTP taffic to me)
Destination Address: 22.214.171.124 (my computer)
Destination Port: 33421 (so my computer knows who owns the reply)
Obviously this is a very simplified analogy of how it works. Understanding the ports / pigeon hole analogy is fundamental to understanding how TCP/IP traffic flows. Understanding that flow is fundamental to being able to configure a firewall. If you’d like to know more, place a few port 80 requests with google!