socket programming - why web server still using listen port 80 to communicate with client even after they accepted the connection?

Question

Usually a web server is listening to any incoming connection through port 80. So, my question is that shouldn't it be that in general concept of socket programming is that port 80 is for listen for incoming connection. But then after the server accepted the connection, it will use another port e.g port 12345 to communicate with the client. But, when I look into the wireshark, the server is always using port 80 during the communication. I am confused here.

So what if https://www.facebook.com:443, it has hundreds of thousands of connection to the it at a second. Is it possible for a single port to handle such a large amount of traffic?

score 8 · Accepted Answer · answered Nov 16 '14 at 06:55

A particular socket is uniquely identified by a 5-tuple (i.e. a list of 5 particular properties.) Those properties are:

Source IP Address
Destination IP Address
Source Port Number
Destination Port Number
Transport Protocol (usually TCP or UDP)

These parameters must be unique for sockets that are open at the same time. Where you're probably getting confused here is what happens on the client side vs. what happens on the server side in TCP. Regardless of the application protocol in question (HTTP, FTP, SMTP, whatever,) TCP behaves the same way.

When you open a socket on the client side, it will select a random high-number port for the new outgoing connection. This is required, otherwise you would be unable to open two separate sockets on the same computer to the same server. Since it's entirely reasonable to want to do that (and it's very common in the case of web servers, such as having stackoverflow.com open in two separate tabs) and the 5-tuple for each socket must be unique, a random high-number port is used as the source port. However, each of those sockets will connect to port 80 at stackoverflow.com's webserver.

On the server side of things, stackoverflow.com can already distinguish between those two different sockets from your client, again, because they already have different client-side port numbers. When it sees an incoming request packet from your browser, it knows which of the sockets it has open with you to respond to because of the different source port number. Similarly, when it wants to send a response packet to you, it can send it to the correct endpoint on your side by setting the destination port number to the client-side port number it got the request from.

The bottom line is that it's unnecessary for each client connection to have a separate port number on the server's side because the server can already uniquely identify each client connection by its client IP address and client-side port number. This is the way TCP (and UDP) sockets work regardless of application-layer protocol.

user207421 · Answer 2 · 2014-11-16T07:08:22.417

shouldn't it be that in general concept of socket programming is that port 80 is for listen for incoming connection. But then after the server accepted the connection, it will use another port e.g port 12345 to communicate with the client.

No.

But, when I look into the wireshark, the server is always using port 80 during the communication.

Yes.

I am confused here.

Only because your 'general concept' isn't correct. An accepted socket uses the same local port as the listening socket.

So what if https://www.facebook.com:443, it has hundreds of thousands of connection to the it at a second. Is it possible for a single port to handle such a large amount of traffic?

A port is only a number. It isn't a physical thing. It isn't handling anything. TCP is identifying connections based on the tuple {source IP, source port, target IP, target port}. There's no problem as long as the entire tuple is unique.

score 0 · Answer 3 · answered Nov 16 '14 at 06:06

0

Ports are a virtual concept, not a hardware ressource, it's no harder to handle 10 000 connection on 1 port than 1 connection each on 10 000 port (it's probably much faster even)

answered Nov 16 '14 at 06:06

Ronan Thibaudau

3,413
3
29
78

score -1 · Answer 4 · edited May 23 '17 at 11:52

-1

Not all servers are web servers listening on port 80, nor do all servers maintain lasting connections. Web servers in particular are stateless.

Your suggestion to open a new port for further communication is exactly what happens when using the FTP protocol, but as you have seen this is not necessary.

Ports are not a physical concept, they exist in a standardised form to allow multiple servers to be reachable on the same host without specialised multiplexing software. Such software does still exist, but for entirely different reasons (see: sshttp). What you see as a response from the server on port 80, the server sees as a reply to you on a not-so-random port the OS assigned your connection.

edited May 23 '17 at 11:52

Community

1
1

answered Nov 16 '14 at 06:22

TimePath

54
1
4

1

Actually, in the case of FTP, it doesn't open a random high-number port on the server side. The use of the data side-channel on FTP is an entirely different concept (and it's largely in disuse even for FTP servers because it doesn't play nice with NATs.) Also, whether the server is stateful or keeps the connection open is kind of irrelevant to this question. – reirab Nov 16 '14 at 06:59
@TimePath FTP uses port 21 for all command communication with the client. It uses another entire connection with its own port as a data channel. – user207421 Nov 16 '14 at 07:04
@reirab In the case of FTP, I was addressing OP's statement: "But then after the server accepted the connection, it will use another port", demonstrating that some servers do at the application level and others don't. – TimePath Nov 16 '14 at 07:11
1

@TimePath *All* do. FTP uses port 21 for commands. It *also* uses another port, via another `listen()` and another `accept()`, for data. It's not an example of 'some dont'. – user207421 Nov 16 '14 at 07:15
2

That's actually an entirely new socket, though, and it still leaves the original one open. It's also not until you start sending data that it opens the other socket. Commands stay on the original port. I think OP was confused about what happens when you call accept() on TCP connections in general. FTP's behavior is a weird outlier and even it doesn't usually use that behavior anymore because it has problems traversing NATs and firewalls and also is problematic if a particular client wants to open 2 connections to the same FTP server at the same time. – reirab Nov 16 '14 at 07:15
@TimePath The rest of your answer is frankly waffle. Web servers being stateless is irrelevant. TCP *is* 'specialized multiplexing software'. Ports 'exist in a standardized form' is meaningless, as is your final sentence. 'Not-so-random'? – user207421 Nov 16 '14 at 07:23
@EJP You might have missed my earlier 'at the application level' amendment. `accept()` returns a socket created at a lower level, `listen()` requires you to inform the client from the original connection, hence at the applicaiton level. 'not-so-random': random within a defined range. No need to be harsh here. – TimePath Nov 16 '14 at 07:27
The sentence about 'not-so-random' is still nonsense. The accepted socket uses the same local socket as the listening socket. There is no 'not-so-random' or 'defined range' about it. Period. – user207421 Mar 17 '16 at 18:17

yichudu · Answer 5 · 2016-12-06T09:25:12.537

-1

When a server listening socket accepts a TCP request in the first time ,the function such as Socket java.net.ServerSocket.accept() will return a new communication socket whoes port number is the same as the port from java.net.ServerSocket.ServerSocket(int port). Here are the screen shots.

edited Dec 06 '16 at 09:25

answered Dec 06 '16 at 09:02

yichudu

165
2
12

socket programming - why web server still using listen port 80 to communicate with client even after they accepted the connection?

5 Answers5

Linked

Related