490
◾
Linux with Operating System Concepts
12.2.3 Ports
The
port
is a 16-bit number that denotes a mapping of a message (or packet) to its protocol.
The protocol in turn tells the computer how to interpret the message. In 16 bits, you can
store a number between 0 and 65,535; thus, port numbers range between 0 and 65,535.
Most network applications have a port number designated to it although most of the
65,536 port numbers are not reserved. Table 12.2 provides a listing of some of the most
common ports and their uses. These are known as
registered ports
. Notice in some cases,
a protocol is mapped to more than one port (e.g., FTP, HTTP). Also
listed in this table is
whether the port can handle TCP packets, UDP packets, or both. The first 1024 port num-
bers are often referred to as the well-known ports. There are many registered ports with
numbers of 1024 or higher but not all of these ports are currently in use as they have been
reserved for future use or are not officially reserved. Port numbers that are not reserved
allow future applications to eventually claim them.
TABLE 12.2
Registered Ports
Port
Packet Type (TCP, UDP)
Usage
20
Both
FTP data
21
TCP
FTP control
22
Both
ssh (also SCP, SFTP)
23
Both
Telnet
25
TCP
SMTP
43
TCP
WHOIS
53
Both
DNS
57
TCP
Mail
transfer protocol
67
UDP
Bootstrap Protocol (used by DHCP)
68
UDP
Bootstrap Protocol (used by DHCP)
70
TCP
Gopher
80
TCP
HTTP
109, 110
TCP
POP2, POP3
118
Both
SQL
123
UDP
Network time protocol
161
UDP
SNMP
194
Both
IRC (Internet relay chat)
443
TCP
HTTPS
514
UDP
Syslog (Linux system logging)
530
Both
RPC
636
Both
LDAP
989
Both
FTPS data (FTP over TLS/SSL)
990
Both
FTPS control (FTP over TLS/SSL)
992
Both
Telnet over TLS/SSL
2049
Both
NFS
3128
TCP
Squid proxy
6660–6669
TCP
IRC
6888–6900
Both
BitTorrent
8008, 8080, and 8090
TCP
Alternate for HTTP
Network Configuration
◾
491
There are also many unofficially reserved ports, primarily used by specific software. For
instance, 531 is unofficially reserved for the AOL (America Online) Instant Messenger and
843 is for Adobe Flash software communication. Other unofficially reserved ports exist
for VMware, Oracle, Cisco, Novell, Symantec,
multiplayer computer games, and so forth.
While the port itself is not an address, it is used with an IP address to form a more
specific destination. Together, these two pieces of information can be used by a firewall to
safeguard a computer from messages that should be discarded rather than processed. We
explore the Linux firewall in Section 12.6.
12.2.4 IPv6
As described earlier and in Table 12.1, IPv4 addressing only affords about 4 billion unique
addresses. With the great success of mobile devices, the number of unique IP addresses
needed at any time now exceeds 4 billion. In fact, IPv4 addresses
to be awarded by the
Internet-Assigned Numbers Authority (IANA) to the Asia-Pacific Network Information
Center (APNIC) were exhausted by 2011 and other areas of the world have similarly run out of
allocatable IP addresses. Thus, we need to shift to a different form of addressing that provides
a greater number of unique addresses. This is the primary motivation for the creation of IPv6.
The main distinction between IPv4 and IPv6 is the size of the address. Rather than a
32-bit number, the IPv6 address is 128 bits. It is also expressed in hexadecimal notation
rather than decimal, as a sequence of eight groups of four hexadecimal digits. Each group
is separated by a colon (:).
For
shorthand, leading 0s of a group can be omitted. For example, an IPv6 address
might be 1234:5678:90ab:cdef:0012:0034:0000:5678 that could also be expressed as
1234:5678:90ab:cdef:12:34::5678. The notation :: between the last two groups in the short-
hand version denotes a group that is entirely composed of zeroes.
If multiple groups contain zeroes, we replace all of them with a single :: nota-
tion. For instance, 1234:5678:9a00:0000:0000:0000:00bc:def0 could appear as
1234:5678:9a00::bc:def0. Counting from the left, we find three groups followed by :: fol-
lowed by two groups.
We are missing three groups, which appear after the third group.
As we need to replace IPv4 with IPv6, we need to modify how the Internet works. This
requires modifying both operating systems in their implementation of TCP/IP and hard-
ware such as routers. The first part of this replacement process has been completed in that
nearly all modern operating systems are capable of handling IPv6. But there are still gaps.
Not all networks have been modified (e.g., software running on routers, physical devices)
to handle IPv6.
Until all aspects of the Internet are capable, we have a mixed set of requirements. And
because of additions made in the IPv6 protocol (such as a different header), the two pro-
tocols are not interoperable meaning that we need two distinct mechanisms available to
handle the two protocols. Some of the current approaches include
a dual-stack implemen-
tation of TCP/IP where there are two pathways that a message can take through the TCP/
IP protocol depending on whether the particular packet in question uses IPv4 or IPv6, and
tunneling where the IPv6 mechanisms are hidden from the network through the tunnel.
Thus, it falls on the devices that create the tunnel to understand how to handle IPv6.
492
◾
Linux with Operating System Concepts
IPv6 is significant for more reasons than just (greatly) enlarging the address space. One
area that IPv6 tackles is of security implemented within the network itself. TCP/IP with IPv4
lacks any built-in network-based security. Therefore, any use of encryption in our commu-
nication must be handled through additional protocols (see Chapter 5 for details on encryp-
tion). IPv6 implements the Internet protocol security (IPsec). Interestingly, the demand for
such security was so great that it has been implemented into many IPv4 networks.
Another feature of IPv6 is the ability for a host to automatically
configure itself with
respect to addressing and locating its router/gateway. Also, IPv6 headers can have optional
components. The required portion is simplified over the IPv4 header by discarding seldom
used parts and requiring a fairly minimal-sized description of the packet. However, the
optional portion, or extension, can be used to specify information on security or other
options such as size. The size of packets was also altered for IPv6. In IPv4, packets are
limited to 64 K octets. With IPv6, a packet can be expanded to include what is known as a
Do'stlaringiz bilan baham: 
