Frequently Asked Question

What is a port and what does it have to do with a socket?

A port is a 16-bit number (0–65535) that lets a single machine run many network programs at once without their traffic getting mixed up. The receiving kernel uses the port number in each incoming packet to decide which process to deliver it to. Conventionally port 22 is SSH, 80 is HTTP, 443 is HTTPS, 53 is DNS, 25 is SMTP; ports below 1024 are privileged and need root to bind to. The full registry of well-known ports lives at IANA and is mirrored locally in /etc/services.

A socket is the kernel-level endpoint of a network connection: the pairing of an IP address and a port. A TCP connection is uniquely identified by the four-tuple of local address, local port, remote address, and remote port, which is why a single web server on port 443 can serve thousands of clients at once, each on the same local port. In Linux, sockets are just file descriptors created with the socket() syscall.