2

When a server want to create a socket, it will use a combination of its IP address and some well-known port, let us say 80. So, when a packet arrived, both the server IP and port 80 will be used to decide whether the packet goes to that socket or not.

The question is why do we need to check the IP address of the server, since the packet (aka datagram) passed the network layer check and was certainly destined for this server. In other words, the network layer will not pass the packet to transport layer if the destination IP is not the server IP, so why do we use the IP address in the socket?

And if a host (a client or a server) created multiple sockets (network processes) using both its IP and some port numbers, is there any case where the IP could be different in these sockets?

Thanks in advance!

James Risner
  • 5,451
  • 11
  • 25
  • 47
Ibrahim Alnefisi
  • 41
  • 4
  • 2
    If your server has multiple network interfaces, it will have multiple IP addresses. Even with IPv4, you may have more than one IP address on an interface, and with IPv6, you will certainly almost always have multiple IP addresses per interface. Also, TCP and UDP use both the network and transport addresses. For example, see [RFC 793](https://tools.ietf.org/html/rfc793). – Ron Maupin Jun 07 '20 at 19:26
  • So it is a multiple IP addresses problem? What about the client socket on normal PCs, which I think they use only one IP address at a time. Why they still need to put their local IP addresses when they identifying sockets that initiate the connection? @RonMaupin – Ibrahim Alnefisi Jun 07 '20 at 21:21
  • 1
    Read the TCP RFC. TCP has no idea how many addresses a host has (with IPv6 there will be multiple addresses), and it uses the network address in its CRC calculations, and to multiplex it uses a pair of sockets so it has both the source and destination addresses of both the network and transport protocols to identify the connection. This is fully explained in the RFC I linked in my first comment. – Ron Maupin Jun 07 '20 at 21:26
  • Thanks for your answer! @Ron Maupin – Ibrahim Alnefisi Jun 07 '20 at 21:37

1 Answers1

0

Why do we need to check the IP address of the server, since the packet (aka datagram) passed the network layer?

The Data Link Layer uses Media Access Control (MAC) addresses to direct packets. When a packet arrives at your computer operating system (OS), it arrived either because the MAC address matched the hardware address or it was a broadcast (ff:ff:ff:ff:ff:ff).

Once the packet is received, your OS determines if it is destined for an IP address assigned to the computer. At this point, the OS has several options:

  • If the IP address matches an assigned IP, deliver to any waiting applications or reject the packet and handle any needed Internet Control Message Protocol (ICMP) required.
  • Should the IP not match an assigned, your OS checks if IP routing is enabled. Then either rejects the packet issuing any required reply or forwards the packet to the destination IP in the routing table by creating a new packet targeting the MAC address of the destination router.

If a host (a client or a server) created multiple sockets (network processes) using both its IP and some port numbers, is there any case where the IP could be different in these sockets?

If your OS assigns more than one IP address to an interface, all of those IP addresses would be available to be used. You can open sockets using any available IP (usually INADDR_ANY or similar). In a listening context, your port will be available to every IP address assigned. In a transmitting context, your IP will be set depending on the outbound interface.

James Risner
  • 5,451
  • 11
  • 25
  • 47