Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:02,035 --> 00:00:04,904 If you need to move a box from one place to the other. 2 00:00:04,904 --> 00:00:07,874 A common way to accomplish that is to get a moving truck. 3 00:00:07,874 --> 00:00:09,809 We can put boxes in the moving truck. 4 00:00:09,809 --> 00:00:13,313 Move that box to another location and unload the moving truck. 5 00:00:13,613 --> 00:00:18,251 In the case of networking, the road that we are driving on is the network. 6 00:00:18,385 --> 00:00:23,123 So if you've got a wireless network, a DSL network, a cable modem network, 7 00:00:23,123 --> 00:00:26,259 or you have an Ethernet switch, that is the road that we're using 8 00:00:26,292 --> 00:00:30,063 to transport this particular package in this metaphor, 9 00:00:30,063 --> 00:00:34,734 the truck itself is what we will consider Internet Protocol or IP. 10 00:00:34,968 --> 00:00:38,705 We've designed all of these networks so that this type of truck can move. 11 00:00:38,705 --> 00:00:41,708 Most efficiently between one point and another. 12 00:00:41,841 --> 00:00:45,879 In each moving truck is a box, and inside of that box is your data. 13 00:00:46,112 --> 00:00:49,382 The moving truck has no idea what's inside of that box. 14 00:00:49,382 --> 00:00:51,684 All it knows is that it has one job, 15 00:00:51,684 --> 00:00:54,821 which is to put the box in the back of the truck, transport 16 00:00:54,821 --> 00:00:58,458 it across the network, and unload that box on the other side. 17 00:00:58,992 --> 00:01:01,561 If you were to open up the box, there would be a certain type 18 00:01:01,561 --> 00:01:03,830 of information inside. It may be specific 19 00:01:03,830 --> 00:01:07,400 to a certain application or particular function on your network. 20 00:01:07,667 --> 00:01:08,435 You can think of the 21 00:01:08,435 --> 00:01:12,172 information in this box as belonging to a particular room in your house. 22 00:01:12,372 --> 00:01:15,241 So when the box is delivered, that box needs to be moved 23 00:01:15,241 --> 00:01:18,211 to the bathroom, the kitchen, or the living room. 24 00:01:18,411 --> 00:01:22,615 It's this encapsulation process that allows us to move all kinds of data 25 00:01:22,615 --> 00:01:23,716 across the network. 26 00:01:23,716 --> 00:01:27,053 So we would have application data we would put inside of a box. 27 00:01:27,187 --> 00:01:29,389 We would place that box inside of a truck. 28 00:01:29,389 --> 00:01:31,357 That truck would then move across the network. 29 00:01:31,357 --> 00:01:33,993 And on the other side we remove the box from the truck. 30 00:01:33,993 --> 00:01:36,996 We open up the box and we take out the application data. 31 00:01:38,131 --> 00:01:38,832 If you were to look 32 00:01:38,832 --> 00:01:41,901 at this visually, this is the way that our networks operate. 33 00:01:41,901 --> 00:01:45,271 On one side may be your device, a workstation, a client, 34 00:01:45,271 --> 00:01:48,608 a laptop computer, and on the other side is a server. 35 00:01:48,608 --> 00:01:50,944 This could be a web server or a mail server, 36 00:01:50,944 --> 00:01:53,947 or any other type of server that you'd be connecting to. 37 00:01:54,114 --> 00:01:55,381 This client is going to send 38 00:01:55,381 --> 00:01:59,552 information to this server, and if this is across an Ethernet network, 39 00:01:59,719 --> 00:02:02,655 then everything inside of that Ethernet packet is what we call 40 00:02:02,655 --> 00:02:04,124 our Ethernet payload. 41 00:02:04,124 --> 00:02:08,261 In Ethernet, we also have a header at the beginning of this particular frame 42 00:02:08,394 --> 00:02:11,397 and an Ethernet trailer that's at the end of the frame. 43 00:02:11,598 --> 00:02:13,967 This Ethernet payload could have anything inside of it, 44 00:02:13,967 --> 00:02:17,437 but as you're probably aware, the most popular protocol we use on 45 00:02:17,437 --> 00:02:20,440 our networks is the Internet Protocol or IP. 46 00:02:20,707 --> 00:02:23,610 So our Ethernet payload will have an IP header. 47 00:02:23,610 --> 00:02:27,680 And then there will be an IP payload within that particular part of the frame. 48 00:02:28,047 --> 00:02:31,251 Obviously the IP payload has information inside of it. 49 00:02:31,351 --> 00:02:35,889 This could be TCP data with a TCP header and a TCP payload. 50 00:02:36,122 --> 00:02:37,724 And as you probably can expect, 51 00:02:37,724 --> 00:02:41,761 that TCP payload can be separated out into different types of data. 52 00:02:41,995 --> 00:02:46,799 So for this entire Ethernet frame inside we have IP inside of IP. 53 00:02:46,833 --> 00:02:51,037 We have TCP and inside of TCP we have Http data. 54 00:02:52,105 --> 00:02:54,374 Let's drill down into this IP 55 00:02:54,374 --> 00:02:58,278 packet at the TCP protocol and the UDP protocol 56 00:02:58,478 --> 00:03:02,048 TCP and UDP are transported inside of that IP packet. 57 00:03:02,081 --> 00:03:06,352 We commonly say that they are encapsulated within IP, and they are 58 00:03:06,352 --> 00:03:10,523 two very common ways to move data from one part of the network to the other. 59 00:03:10,723 --> 00:03:15,862 You may be using TCP for some applications and UDP for other applications. 60 00:03:16,129 --> 00:03:19,199 You might also hear someone refer to TCP or UDP 61 00:03:19,199 --> 00:03:22,268 as operating at the transport layer of the OSI model. 62 00:03:22,502 --> 00:03:25,705 Sometimes we refer to this as ozone layer four. 63 00:03:25,972 --> 00:03:29,275 You may think that IP is all you would need to be able to move data 64 00:03:29,275 --> 00:03:33,012 from one part of the network to the other, and in many ways you would be correct. 65 00:03:33,213 --> 00:03:37,951 But TCP and UDP add additional capabilities that IP can't provide. 66 00:03:38,151 --> 00:03:42,155 For example, these provide multiplexing so that you can have many different 67 00:03:42,155 --> 00:03:47,160 applications on your system communicating to a separate server all simultaneously. 68 00:03:47,327 --> 00:03:50,763 So your workstation is sending a lot of information for a lot of 69 00:03:50,763 --> 00:03:53,800 different applications to the server, and the server is able 70 00:03:53,800 --> 00:03:57,637 to determine what applications are in use through the use of this multiplexing. 71 00:03:58,605 --> 00:03:59,172 Let's really 72 00:03:59,172 --> 00:04:02,775 break down the difference between TCP and UDP. 73 00:04:02,942 --> 00:04:06,079 TCP stands for the Transmission Control Protocol. 74 00:04:06,246 --> 00:04:09,582 We often refer to this as a connection oriented protocol. 75 00:04:09,782 --> 00:04:13,653 That's because there is a formal process to set up the flow from one device 76 00:04:13,653 --> 00:04:16,823 to the other, and a formal process to tear down that flow. 77 00:04:16,856 --> 00:04:18,758 When the conversation is over. 78 00:04:18,758 --> 00:04:22,262 We sometimes refer to TCP as reliable delivery. 79 00:04:22,395 --> 00:04:25,999 This doesn't mean that TCP somehow works better or faster 80 00:04:25,999 --> 00:04:28,034 than other protocols on the network. 81 00:04:28,034 --> 00:04:33,072 It means the TCP has a built in system to ensure that data that has been sent 82 00:04:33,273 --> 00:04:36,542 has been verified as being received on the other side. 83 00:04:37,010 --> 00:04:40,179 This allows us with a number of different features behind the scenes, 84 00:04:40,380 --> 00:04:44,817 and one of the most important is that TCP can reorder messages 85 00:04:44,817 --> 00:04:49,055 that may have been received out of order, which sometimes can happen on networks 86 00:04:49,055 --> 00:04:51,658 that have multiple links to a single location, 87 00:04:51,658 --> 00:04:54,661 and TCP can manage a retransmission process 88 00:04:54,661 --> 00:04:58,097 so that if any data is not received by the destination, 89 00:04:58,097 --> 00:05:01,000 that information can be sent from the source. 90 00:05:01,000 --> 00:05:04,704 TCP also has a flow control mechanism so that if a device feels 91 00:05:04,704 --> 00:05:06,939 that it's receiving information too quickly, 92 00:05:06,939 --> 00:05:09,475 it can tell the other side to slow down the process 93 00:05:09,475 --> 00:05:12,512 so that information can be received at a more reasonable rate. 94 00:05:13,846 --> 00:05:16,582 UDP is the User Datagram Protocol. 95 00:05:16,582 --> 00:05:22,388 With TCP we had a connection oriented flow, but UDP is a connection less flow. 96 00:05:22,522 --> 00:05:25,525 There's no formal process to set up a traffic flow, 97 00:05:25,558 --> 00:05:28,561 and there's no formal process to tear that down at the end. 98 00:05:28,594 --> 00:05:31,831 UDP simply sends data from one place to the other, and 99 00:05:31,831 --> 00:05:35,968 it's a very simple transaction to be able to send information across the network 100 00:05:36,336 --> 00:05:40,406 because there's no acknowledgment being sent by the destination device. 101 00:05:40,540 --> 00:05:43,309 We refer to UDP as unreliable. 102 00:05:43,309 --> 00:05:46,779 Again, this doesn't mean that UDP does not work as well as 103 00:05:46,779 --> 00:05:48,481 any other protocol on the network. 104 00:05:48,481 --> 00:05:52,385 It only means that we have no receipt or any knowledge that the information 105 00:05:52,385 --> 00:05:56,289 that we've sent was really received by the device on the other side. 106 00:05:56,789 --> 00:06:01,260 With TCP, we had a way to regulate the flow of communication across the network. 107 00:06:01,394 --> 00:06:05,531 But because this is a single conversation between one device and another, 108 00:06:05,631 --> 00:06:09,268 there's no flow control on UDP and no way to determine 109 00:06:09,268 --> 00:06:12,638 whether a device should slow down or send information faster. 110 00:06:13,806 --> 00:06:14,607 If you compare these 111 00:06:14,607 --> 00:06:18,378 two protocols, it does sound like UDP is not as functional 112 00:06:18,378 --> 00:06:22,515 and therefore may not be the best choice for sending information over our network. 113 00:06:22,782 --> 00:06:26,119 But in reality, UDP plays a very important role 114 00:06:26,119 --> 00:06:29,622 in being able to send information very quickly over the network. 115 00:06:29,856 --> 00:06:33,126 UDP is most associated with real time communication 116 00:06:33,393 --> 00:06:37,096 communication where you can't stop retransmit information 117 00:06:37,096 --> 00:06:38,898 and then catch up with yourself. 118 00:06:38,898 --> 00:06:42,902 If you're on a phone call, there's no way to rewind the conversation 119 00:06:42,902 --> 00:06:46,472 and send a packet that may have been missed a second or two ago. 120 00:06:46,672 --> 00:06:48,941 With UDP, we simply send the data. 121 00:06:48,941 --> 00:06:51,811 If it makes it to the other side than we were successful. 122 00:06:51,811 --> 00:06:53,980 If the information was dropped along the way, 123 00:06:53,980 --> 00:06:56,115 we simply keep the conversation going. 124 00:06:57,116 --> 00:07:00,153 An example of protocols that use this connection. 125 00:07:00,153 --> 00:07:04,424 This form of communication is Dhcp, which is the Dynamic 126 00:07:04,424 --> 00:07:06,259 Host Configuration Protocol. 127 00:07:06,259 --> 00:07:07,193 This is the protocol 128 00:07:07,193 --> 00:07:10,863 that we use to automatically assigned IP addresses to our devices. 129 00:07:11,130 --> 00:07:15,835 And another protocol that uses UDP is Tftp or the trivial file 130 00:07:15,835 --> 00:07:20,173 transfer Protocol, which uses UDP as its transport mechanism. 131 00:07:20,573 --> 00:07:23,176 Since both of these protocols are using UDP, 132 00:07:23,176 --> 00:07:27,280 information is simply sent across the network with no type of acknowledgment 133 00:07:27,280 --> 00:07:29,949 that the data was received on the other side. 134 00:07:29,949 --> 00:07:33,152 It's up to the application, therefore, to keep track 135 00:07:33,152 --> 00:07:36,856 of who has received information and who has not received information. 136 00:07:37,023 --> 00:07:40,393 So in the example we gave before, Dhcp is responsible 137 00:07:40,393 --> 00:07:43,896 for making sure that information may have been received by the other side. 138 00:07:44,063 --> 00:07:47,900 So if it sends information and doesn't receive a response, 139 00:07:48,100 --> 00:07:52,605 Dhcp is responsible for rescinding that data over the network. 140 00:07:52,772 --> 00:07:53,673 With TCP, 141 00:07:53,673 --> 00:07:57,510 we receive an acknowledgment for any packets that are sent over the network. 142 00:07:57,777 --> 00:07:59,912 An example of protocols that take advantage 143 00:07:59,912 --> 00:08:03,616 of this return receipt functionality is Https. 144 00:08:03,649 --> 00:08:05,451 That's the Hypertext Transfer Protocol. 145 00:08:05,451 --> 00:08:09,055 Secure, commonly used to send information in our web browsers 146 00:08:09,288 --> 00:08:14,160 and protocols like Secure Shell or SSH, which provide us with an encrypted form 147 00:08:14,160 --> 00:08:17,163 of terminal communication between our systems. 148 00:08:17,230 --> 00:08:20,967 If our Https data between a web server and a client 149 00:08:20,967 --> 00:08:24,370 somehow loses a packet between point A and point 150 00:08:24,370 --> 00:08:27,840 B, TCP will recognize that that packet was missing. 151 00:08:27,940 --> 00:08:31,744 It will ask to retransmit that information and the retransmitted data 152 00:08:31,744 --> 00:08:33,412 is sent over the network. 153 00:08:33,412 --> 00:08:37,283 All of this happens automatically with TCP and Https. 154 00:08:37,283 --> 00:08:41,554 And SSH don't have to worry about managing the process of getting data 155 00:08:41,554 --> 00:08:42,955 from one side to the other. 156 00:08:44,223 --> 00:08:45,091 So far in our 157 00:08:45,091 --> 00:08:48,961 moving truck metaphor, we know that we have our IP delivery truck. 158 00:08:49,195 --> 00:08:52,431 This truck is moving information from one physical address 159 00:08:52,431 --> 00:08:55,434 in the world of networking, this is one IP address 160 00:08:55,468 --> 00:08:58,471 and it's delivering it to another IP address. 161 00:08:58,471 --> 00:09:02,708 Just as every house that's on your block has a unique mailing address. 162 00:09:02,942 --> 00:09:07,246 Every computer that's inside your network has a unique IP address. 163 00:09:07,713 --> 00:09:11,417 At this point, our moving truck IP has taken information 164 00:09:11,417 --> 00:09:15,354 from one IP address and moved it to another IP address. 165 00:09:15,521 --> 00:09:19,325 Once that box is received at the destination IP address, 166 00:09:19,592 --> 00:09:22,695 there is more information that needs to be examined on the label 167 00:09:22,695 --> 00:09:25,898 to determine where that box is to go inside of the house. 168 00:09:26,132 --> 00:09:28,801 Inside of your house, for example, you have many different rooms. 169 00:09:28,801 --> 00:09:31,971 There's a bathroom, a kitchen, a living room, and a bedroom. 170 00:09:32,071 --> 00:09:33,472 And when this box is delivered, 171 00:09:33,472 --> 00:09:37,143 we have to determine what room is going to receive that box. 172 00:09:37,343 --> 00:09:41,514 In the case of TCP and UDP, there's an additional piece 173 00:09:41,514 --> 00:09:44,850 of information that's added to all of those conversations. 174 00:09:45,084 --> 00:09:48,087 And that piece of information is a port number. 175 00:09:48,154 --> 00:09:53,059 That port number determines what room in the house is going to receive this data. 176 00:09:53,225 --> 00:09:55,528 Or in the case of an actual server, 177 00:09:55,528 --> 00:09:59,131 what application on the server is going to receive this data? 178 00:09:59,398 --> 00:10:01,467 The port numbers written on the outside of the box. 179 00:10:01,467 --> 00:10:04,804 So when the boxes received at the front door, we can look at the box 180 00:10:04,804 --> 00:10:07,840 and see, oh, that box needs to go to the bedroom. 181 00:10:08,074 --> 00:10:09,475 In the case of port numbers, 182 00:10:09,475 --> 00:10:13,512 each room has a number, and we know that the bedroom is port 80. 183 00:10:13,546 --> 00:10:16,916 We have a living room, a port for 43, our bathroom is port 184 00:10:16,916 --> 00:10:19,919 25 and the kitchen will be port 123. 185 00:10:20,052 --> 00:10:23,389 When we receive the box at the front door, we look at the port number. 186 00:10:23,389 --> 00:10:25,825 It says port 80, so we can move this box 187 00:10:25,825 --> 00:10:28,828 inside of the house and deliver it into the bedroom. 188 00:10:29,261 --> 00:10:32,098 In the case of our server, we have four different services 189 00:10:32,098 --> 00:10:34,100 running on the same IP address. 190 00:10:34,100 --> 00:10:37,570 We have a web server sending unencrypted data on port 80. 191 00:10:37,670 --> 00:10:41,440 We have a web server sending encrypted data on port 443. 192 00:10:41,607 --> 00:10:47,313 We've got a mail server on port 25 and a time server on port 123. 193 00:10:47,580 --> 00:10:51,717 When this packet is received by our IP address at the front door, 194 00:10:51,817 --> 00:10:53,252 we examine the port number. 195 00:10:53,252 --> 00:10:57,390 And if the port number says this is for the service running at port 443, 196 00:10:57,590 --> 00:11:00,459 that packet is delivered into that service. 197 00:11:00,459 --> 00:11:02,461 That's running on that device. 198 00:11:02,461 --> 00:11:06,232 This is where the multiplexing feature comes from that I mentioned earlier. 199 00:11:06,332 --> 00:11:10,202 This front door is going to be receiving a lot of boxes destined for this 200 00:11:10,202 --> 00:11:11,237 IP address. 201 00:11:11,237 --> 00:11:14,240 And the port number allows us to know exactly what 202 00:11:14,240 --> 00:11:17,576 service running on this device will be receiving that data. 203 00:11:18,944 --> 00:11:20,413 So to complete this traffic flow 204 00:11:20,413 --> 00:11:23,416 between these two devices, we need some information. 205 00:11:23,449 --> 00:11:26,585 The first would be the server's IP address a protocol 206 00:11:26,585 --> 00:11:29,588 that would be in use, such as TCP or UDP. 207 00:11:29,622 --> 00:11:30,823 And for that protocol 208 00:11:30,823 --> 00:11:33,959 what server application port number should be assigned for that? 209 00:11:34,260 --> 00:11:36,662 In the example we had before, we had the house 210 00:11:36,662 --> 00:11:40,066 that had four different ports running inside of that house for port 211 00:11:40,066 --> 00:11:44,136 80, port for 43, port 25, and port 123. 212 00:11:44,136 --> 00:11:47,106 Those are all associated with this server IP address. 213 00:11:47,106 --> 00:11:50,109 The protocol and the application port numbers. 214 00:11:50,276 --> 00:11:53,979 The client communicating with that server also has an IP address. 215 00:11:53,979 --> 00:11:56,982 It's communicating using TCP or UDP. 216 00:11:57,049 --> 00:12:00,419 And there are port numbers that it is using to send that data 217 00:12:00,553 --> 00:12:05,091 so that when a response is received, we know exactly what that response 218 00:12:05,091 --> 00:12:06,659 is associated with. 219 00:12:06,659 --> 00:12:09,962 It's important on our server that the port numbers we're communicating 220 00:12:09,962 --> 00:12:11,497 with are well known. 221 00:12:11,497 --> 00:12:15,301 For example, if the browser on a client wants to communicate with a web server, 222 00:12:15,334 --> 00:12:21,140 we know that that web server commonly uses TCP port 80 and TCP port 443. 223 00:12:21,407 --> 00:12:25,211 Every web server we communicate with will use those same port numbers, 224 00:12:25,211 --> 00:12:29,582 so that we know exactly where that service is located on that IP address. 225 00:12:29,882 --> 00:12:31,350 Because these port numbers 226 00:12:31,350 --> 00:12:35,321 are usually permanent, we refer to them as non ephemeral ports. 227 00:12:35,321 --> 00:12:38,924 This means they are non temporary port numbers that tend to be 228 00:12:38,924 --> 00:12:41,927 the same every time we access that device. 229 00:12:41,994 --> 00:12:45,498 Port number 80 is commonly associated with Http port 230 00:12:45,498 --> 00:12:49,301 number 443 is commonly associated with Https. 231 00:12:49,401 --> 00:12:51,203 And if you go to any web server, 232 00:12:51,203 --> 00:12:54,206 that's usually the port numbers that will be in use. 233 00:12:54,206 --> 00:12:55,808 If you were to look at those port numbers, 234 00:12:55,808 --> 00:12:59,044 they're commonly between port zero and port 1023. 235 00:12:59,278 --> 00:13:03,616 But these port numbers can really be anything as long as they're port numbers 236 00:13:03,616 --> 00:13:07,419 that are commonly known and well known across multiple devices. 237 00:13:07,787 --> 00:13:10,790 When you're communicating to the server, you need a port number 238 00:13:10,790 --> 00:13:14,927 on your device that you can associate with this particular traffic flow. 239 00:13:15,361 --> 00:13:17,830 These are usually temporary port numbers. 240 00:13:17,830 --> 00:13:21,600 And once that traffic flow is over, will no longer use that port number. 241 00:13:21,801 --> 00:13:26,672 We refer to these as ephemeral ports or temporary port numbers, and commonly 242 00:13:26,672 --> 00:13:29,809 an operating system will assign a port number between 243 00:13:29,809 --> 00:13:32,845 1024 and 65,535. 244 00:13:33,045 --> 00:13:34,680 But this is often configured 245 00:13:34,680 --> 00:13:38,417 in the operating system itself, and it's assigned in real time. 246 00:13:38,417 --> 00:13:41,420 As you're using these applications. 247 00:13:41,487 --> 00:13:46,492 If you were to look at a protocol decode of these conversations, both TCP and UDP 248 00:13:46,625 --> 00:13:52,198 can therefore use any port number between 0 and 65,535. 249 00:13:52,464 --> 00:13:53,165 As we mentioned, 250 00:13:53,165 --> 00:13:58,103 most services are going to use non ephemeral or non temporary port numbers. 251 00:13:58,237 --> 00:13:59,972 But that's not always the case. 252 00:13:59,972 --> 00:14:03,742 There are some applications that use dynamic port numbers 253 00:14:03,742 --> 00:14:06,745 that can change dramatically from one device to the other. 254 00:14:06,812 --> 00:14:10,950 Just keep in mind that this is simply a number associated with that service. 255 00:14:11,116 --> 00:14:13,552 And if we know that, then we're able to communicate 256 00:14:13,552 --> 00:14:16,622 with that service and have a conversation to send data. 257 00:14:17,323 --> 00:14:20,259 You might also think that you could change the port number 258 00:14:20,259 --> 00:14:23,262 on the server to something that is not well known, 259 00:14:23,262 --> 00:14:26,799 and that would be more secure because it might hide the application 260 00:14:26,799 --> 00:14:29,802 or keep other people from accessing that application. 261 00:14:29,935 --> 00:14:33,072 But port numbers are not designed to be a security mechanism. 262 00:14:33,239 --> 00:14:34,406 They're simply designed 263 00:14:34,406 --> 00:14:38,043 to allow you to access those services on that particular device. 264 00:14:38,277 --> 00:14:42,982 It's relatively easy to use a port scanner to find all of the open ports 265 00:14:42,982 --> 00:14:46,352 on a particular server, and then begin to do more research 266 00:14:46,352 --> 00:14:49,922 to determine what service is really running on that port. 267 00:14:50,356 --> 00:14:52,925 This means when you access all of the different sites 268 00:14:52,925 --> 00:14:56,161 that you visit on the internet, that all of those sites are going to be 269 00:14:56,161 --> 00:14:59,431 using the same port numbers, which are well known. 270 00:14:59,665 --> 00:15:02,534 This allows you to simply type in the name of the website, 271 00:15:02,534 --> 00:15:06,372 and you're immediately connected to that site and able to transfer data. 272 00:15:06,772 --> 00:15:10,509 If all of those different websites used completely different port numbers, 273 00:15:10,509 --> 00:15:14,280 we would have to have another mechanism in place to somehow determine 274 00:15:14,446 --> 00:15:18,617 what the appropriate port number might be for that individual site. 275 00:15:18,884 --> 00:15:23,355 You can see why having well known port numbers makes the process so much simpler. 276 00:15:23,689 --> 00:15:29,395 Although these port numbers can range between port zero and port 65,535, 277 00:15:29,628 --> 00:15:34,500 TCP has its own set of port numbers that are different than UDP port numbers. 278 00:15:34,733 --> 00:15:37,937 This means that there could be a service running on TCP port 80, 279 00:15:38,137 --> 00:15:42,141 but a completely different service running on UDP port 80. 280 00:15:42,574 --> 00:15:45,878 As you can imagine, having one service running on TCP port 80 281 00:15:45,878 --> 00:15:50,282 and another service running on UDP port 80 could be a bit confusing, 282 00:15:50,316 --> 00:15:53,519 which is why we don't tend to do that in normal operation. 283 00:15:54,353 --> 00:15:57,356 So let's take a scenario from the picture we looked at earlier. 284 00:15:57,356 --> 00:15:59,024 We have a client on the left side. 285 00:15:59,024 --> 00:16:01,694 Its IP address is ten .0.0.1. 286 00:16:01,694 --> 00:16:04,630 It is communicating to a server on the other side. 287 00:16:04,630 --> 00:16:07,633 Its IP address is ten .0.0.2. 288 00:16:07,866 --> 00:16:11,971 And you can see there is web server traffic communicating over TCP port 80 289 00:16:11,971 --> 00:16:13,038 to this server. 290 00:16:13,038 --> 00:16:14,740 The server is also a voice over IP 291 00:16:14,740 --> 00:16:18,577 server using traffic communicating over UDP port 5004. 292 00:16:18,811 --> 00:16:24,650 The server is also an email server communicating over TCP port 143. 293 00:16:24,883 --> 00:16:27,786 We want to send information from this client to the server. 294 00:16:27,786 --> 00:16:33,025 We'll send web server traffic with Http data inside of it will send VoIP traffic. 295 00:16:33,058 --> 00:16:36,428 There's the VoIP data inside of that packet, and email 296 00:16:36,428 --> 00:16:39,431 traffic with email data inside of the packet. 297 00:16:39,631 --> 00:16:42,434 If we were to look at this a little bit closer, 298 00:16:42,434 --> 00:16:46,972 we would see the comparison of port numbers on both sides of the conversation. 299 00:16:47,239 --> 00:16:49,775 So we have these two devices the client the server. 300 00:16:49,775 --> 00:16:53,112 And you can see the source IP address of ten .0.0.1. 301 00:16:53,112 --> 00:16:54,079 That's our client. 302 00:16:54,079 --> 00:16:58,183 And the destination IP address of ten .0.0.2 which is our server. 303 00:16:58,417 --> 00:17:02,888 When the client wants to send data to the server it's the Http data. 304 00:17:02,888 --> 00:17:04,957 So we know we're going to be sending data 305 00:17:04,957 --> 00:17:08,961 to a destination port, a port 80 for our web traffic. 306 00:17:08,961 --> 00:17:11,296 We know that that's going to use TCP data. 307 00:17:11,296 --> 00:17:14,400 And we know the well known port for web traffic for this 308 00:17:14,400 --> 00:17:17,436 server is TCP destination port 80. 309 00:17:17,703 --> 00:17:20,806 But we need some port number to send this information from. 310 00:17:20,873 --> 00:17:23,642 So this client will pick a random port number. 311 00:17:23,642 --> 00:17:27,813 And in this example this client pick the random port number up 3000. 312 00:17:28,013 --> 00:17:30,482 So the TCP source port is 3000. 313 00:17:30,482 --> 00:17:34,319 Heading to a TCP destination port which is a well known port, 314 00:17:34,319 --> 00:17:38,624 a port 80 on the server to be able to send the Http data. 315 00:17:39,124 --> 00:17:40,092 At the same time, 316 00:17:40,092 --> 00:17:43,429 this client wants to communicate to the server using voice over IP. 317 00:17:43,562 --> 00:17:45,964 Our source of destination IP is the same. 318 00:17:45,964 --> 00:17:49,802 You can see that UDP is being used in this scenario because we are using 319 00:17:49,802 --> 00:17:52,771 VoIP traffic and VoIP traffic uses UDP. 320 00:17:52,971 --> 00:17:56,942 The destination port is 5004, which is the well-known port number 321 00:17:56,942 --> 00:17:59,945 for this VoIP server, and we picked a random port number 322 00:17:59,945 --> 00:18:04,083 to send this traffic over UDP using port 7100. 323 00:18:04,383 --> 00:18:06,885 The same thing applies for the third conversation 324 00:18:06,885 --> 00:18:08,554 that's occurring simultaneously, 325 00:18:08,554 --> 00:18:12,124 where the source and destination IP address in this example are identical. 326 00:18:12,324 --> 00:18:15,794 The destination port number is TCP port 143. 327 00:18:15,794 --> 00:18:19,598 Because this is email traffic, and this client picked a random source 328 00:18:19,598 --> 00:18:24,470 port of TCP port 40 407 to send this email data. 329 00:18:24,803 --> 00:18:25,370 You can see that 330 00:18:25,370 --> 00:18:28,740 we're sending a lot of information simultaneously across the network. 331 00:18:28,907 --> 00:18:33,112 But because we're using IP addresses and port numbers, the server knows exactly 332 00:18:33,112 --> 00:18:34,413 where this traffic goes. 333 00:18:34,413 --> 00:18:37,082 Once it's received by this destination device. 31481