Browse
 
Tools
Rss Categories

Network Ports and Ranges

Reference Number: AA-01912 Views: 4439 0 Rating/ Voters

Network Ports

Any application or service that communicates over a network uses some sort of "port" object as a reference to a specific network connection endpoint.  Typically this involves a network port on the client and another on the server that the client is communicating with.   There are a finite number of ports that can be assigned on a single machine.

Certain port numbers have special meaning, such as the HTTP port number 80, which is used when you browse to a website.  There are many other "well known" ports used for a variety of purposes from FTP to network management, timekeeping and other purposes.  Generally, these long established and "well known" ports are in the numeric range between 1 and 1024.   This is often referred to as the Reserved Port Range, since the use of any port in this range is typically reserved for some predefined purpose, and should not typically be used for a general purpose application to avoid conflicts.

Think of a port number as a telephone number, and a computer/server as a telephone exchange.  When you open your browser and go to www.lumenvox.com, you are actually opening a connection to port 80 (the phone number) within the LumenVox web server (the exchange).

Generally for every connection into and out of a server, a network port is needed.  This is either a specifically assigned numeric value, or a value that is assigned dynamically by the operating system, as an ephemeral port, described below. 

An odd complication exists where network connection types can be either TCP or UDP. For the most part, these are both independent and do not interfere with each other, so it is possible for a UDP connection and a TCP connection from two different applications to share the same numeric port number without interference, although we encourage readers to avoid complicating their configurations wherever possible.  This article is not designed to be an exhaustive description of network programming, but an overview of why network port numbers need some consideration.


Ephemeral Ports - What are they?

Ephemeral ports are managed internally by the operating system, whether that be Linux, Windows or any other operating system that is capable of network communication.

These ports are used when an application wants to make a network connection, but doesn't need to assign that connection to a specific port number.  It's basically like asking the Operating System to choose a number it wishes to use, and removes the burden of tracking which ones are being used away from the application.  This means that when using ephemeral ports, the numeric port number assigned by the operating system is decided dynamically at the time of the request.  When an application is finished using an ephemeral port, it is returned to the operating system's pool of available ports, and is available for reuse by the same application later, or another application.

Again, because the operating system is managing this pool of ephemeral ports, applications don't need to worry about this allocation and deallocation process, they simply get one when needed.


When are they used?

For example, if you open your browser application and connect to www.lumenvox.com, the browser will connect to the IP address associated with www.lumenvox.com on port 80 (the HTTP protocol port).  This will be the port number used at the SERVER end of the connection, but what should the port number be on your computer (the client) when making this connection?  

The answer is that you probably don't care.  This is where you would ask the Operating System for one of its ephemeral ports, which it will select from the pool of numbers that it manages, selecting an appropriate unused port for you to use.


This typically all happens behind the scenes, so you don't need to worry about it.

It's also important to note that the port number on the client and the server ends of connections are rarely the same.


Why should I care?

I can see your eyebrow twitching - you're thinking if you don't need to worry about it, then why mention it?  

Good question - the answer becomes evident when you consider which ports an application needs or wants to use explicitly.  A web server, for example, generally needs to  use port 80 as mentioned above, allowing browsers to connect, since this is a "well known" port number.   If port 80 happened to be in the middle of the Server's ephemeral port range, there is no guarantee that the port would be available whenever the web service starts up.  This would be bad.

Typically, measures are taken to avoid any conflict between ranges of port numbers that applications use for their own purposes, and the Operating System's ephemeral port range (that those same applications may also use).

If there are several applications on a server, and they all need a number of bound ports that they can use, you need to be careful to make sure there are never any overlaps in these ranges, otherwise two applications may try to use the same port, and only one of them will be able to (depending on whichever gets to it first).


Default ephemeral port ranges

The default port ranges used by the Operating System for ephemeral ports is somewhat confusing, because this has changed over time, and there was little consistency across systems.


As you can see from this diagram, many operating systems have selected different default ranges over time, and it is also worth bearing in mind that many of these default settings can be configured differently on an individual system for a variety of reasons.


What is my ephemeral port range?

Depending on your operating system, you should be able to determine the current ephemeral (or dynamic) port range that has been assigned.

Linux

In Linux, you should run the following from a terminal:

cat /proc/sys/net/ipv4/ip_local_port_range
32768   61000

As you can see from the output on the second line, this machine has an ephemeral port range of 32768 to 61000, which is typical for modern Linux Operating Systems.

Windows

In Windows, you should run the following from a command prompt:

> netsh int ipv4 show dynamicport tcp

Protocol tcp Dynamic Port Range
---------------------------------
Start Port      : 49152
Number of Ports : 16384

This reports the ephemeral port range for TCP ports as being in the range 49152 to 65535, which is typical for modern Windows Operating Systems.

To view the range for UDP ports, a similar command can be used from the prompt, as shown here using the udp parameter:

> netsh int ipv4 show dynamicport udp

Protocol udp Dynamic Port Range
---------------------------------
Start Port      : 49152
Number of Ports : 16384

Again the same range is reported for UDP, which is typical.

There are a number of ways to modify these settings on each of the operating systems if needed, however such changes are beyond the scope of this article. Please refer to some of the links at the bottom of the article for more information about this.


LumenVox Media Server Port Ranges

The LumenVox Media Server uses several ports when clients connect using MRCP and RTP via either SIP or RTSP control protocols, so there are two sets of configurable port ranges associated with these MRCP and RTP connections.  

As mentioned above, it is important to ensure that these ranges do not conflict with the ephemeral port ranges for the machine. 

Consider the following diagram, which indicates the LumenVox Media Server port ranges for MRCP (in green) and RTP (in orange) alongside the ephemeral port ranges for the above mentioned operating systems:


As you can see, in earlier versions of the Media Server product, there were overlaps of both MRCP and also RTP port ranges, but in version 10.1, these port ranges were changed to be more compliance with the IANA recommendations, however there may still be conflict with Linux operating systems due to the RTP port range (35000 - 37000) that is within the Linux ephemeral port range (32768 - 61000).  We therefore recommend that both Linux and Windows users check their server ephemeral port ranges and change the Media Server settings to avoid this type of overlap, adjusting the mrcp_server_port_base and rtp_server_port_base settings as needed.

Ideally, when changes were made to these ranges in version 10.1, both MRCP and RTP ranges should have been moved so that they did not overlap Linux, Windows and IANA default ranges. Clearly this is something that will be addressed at some point, however users cannot be certain that their servers are using the default settings either, so it is always worth checking on your particular systems.

Version 12.1 Changes

To bring these ports into line with all supported operating systems in a way that does not conflict with default ephemeral port ranges, LumenVox version 12.1 introduced changes to the default port ranges used by the Media Server. 


In addition, during startup, the Media Server will check the current default ephemeral port ranges and report any conflict or overlapping with Media Server port ranges.  This will be reported to the log files, and the application will attempt to continue.

Port Ranges of Other Applications

Clearly it is not simply LumenVox applications that are affected by this overlapping problem, but any application that used network ports on a machine. Therefore, if you are running any other applications on your server, you should check to see which port ranges they use too, and try to avoid conflict by adjusting settings where appropriate.

Note that this overlapping problem is not isolated to ephemeral ports, but any port numbers that may be used by applications. For example if two different applications on the same server were configured to use the same (non-ephemeral) port number 1234, again only one of them would succeed, or depending on the situation, an application may send unexpected data to another which was not expecting it, much like dialing the wrong telephone number, this would be confusing at best, and potentially quite problematic, and difficult to diagnose.


Firewalls

Another reason you should be aware of the ports and port ranges used by machines is so that your IT managers can configure their firewalls accordingly, or perhaps recommend which ranges of ports to use, based on datacenter policy, or some other network topology reasoning.

For port numbers that are used to connect to machines outside of the current server, it is important to know what each of these connections is doing, and anticipate which connections/ports should be allowed in and out of the server. 

We designed the LumenVox Media Server to be flexible enough to allow ports and port ranges to be adjusted and configured as desired.  These are mainly configured in the media_server.conf settings file, but other LumenVox services also use various network settings as described in their individual configuration files.



Additional References: