Transport layer protocols identify higher-layer traffic with 16-bit fields called port numbers. A connection between two devices uses a source and a destination port, both contained within the protocol data unit. The User Datagram Protocol (UDP) header format is shown in Figure B-4 with the source and destination port fields shaded. The UDP checksum is optional for IPv4. Figure B-5 shows Transmission Control Protocol (TCP) header format with the source and destination port fields shaded.
Usually, a port assignment uses a common port number for both UDP and TCP. A connection from a client to a server uses the well-known port on the server as a service contact port, whereas the client is free to dynamically assign its own port number. For TCP, the connection is identified by the source and destination IP addresses, as well as the source and destination TCP port numbers.
Well-known or assigned IP protocols are registered with the IANA. The information presented here is reproduced with permission from the IANA. For the most current IP protocol number assignment information, refer to www.iana.org/numbers.htm under the "Port Numbers" link.
Table B-3 shows some commonly used protocols, their port numbers, and a brief description. The IANA has recorded around 3350 unique port numbers. Because of space limitations, only a small subset of these port numbers are presented here.
Table B-3. Commonly Used Protocols and Associated Port Numbers
Keyword | Description | UDP/TCP Port |
|---|
echo | Echo | 7 |
discard | Discard | 9 |
systat | Active Users | 11 |
daytime | Daytime (RFC 867) | 13 |
qotd | Quote of the Day | 17 |
chargen | Character Generator | 19 |
ftp-data | File Transfer [Default Data] | 20 |
ftp | File Transfer [Control] | 21 |
ssh | SSH Remote Login Protocol | 22 |
telnet | Telnet | 23 |
Any private mail system | Any private mail system | 24 |
smtp | Simple Mail Transfer | 25 |
msg-icp | MSG ICP | 29 |
msg-auth | MSG Authentication | 31 |
Any private printer server | Any private printer server | 35 |
time | Time | 37 |
name | Host Name Server | 42 |
nameserver | Host Name Server | 42 |
nicname | Who Is | 43 |
tacacs | Login Host Protocol (TACACS) | 49 |
re-mail-ck | Remote Mail Checking Protocol | 50 |
domain | Domain Name Server | 53 |
Any private terminal address | Any private terminal address | 57 |
Any private file service | Any private file service | 59 |
whois++ | whois++ | 63 |
tacacs-ds | TACACS-Database Service | 65 |
sql*net | Oracle SQL*NET | 66 |
bootps | Bootstrap Protocol Server | 67 |
bootpc | Bootstrap Protocol Client | 68 |
tftp | Trivial File Transfer | 69 |
gopher | Gopher | 70 |
Any private dial out service | Any private dial out service | 75 |
Any private RJE service | Any private RJE service | 77 |
finger | Finger | 79 |
http | World Wide Web HTTP | 80 |
www | World Wide Web HTTP | 80 |
www-http | World Wide Web HTTP | 80 |
hosts2-ns | HOSTS2 Name Server | 81 |
xfer | XFER Utility | 82 |
Any private terminal link | Any private terminal link | 87 |
kerberos | Kerberos | 88 |
dnsix | DNSIX Securit Attribute Token Map | 90 |
npp | Network Printing Protocol | 92 |
dcp | Device Control Protocol | 93 |
objcall | Tivoli Object Dispatcher | 94 |
acr-nema | ACR-NEMA Digital Imag. & Comm. 300 | 104 |
rtelnet | Remote Telnet Service | 107 |
snagas | SNA Gateway Access Server | 108 |
pop2 | Post Office Protocol (version 2) | 109 |
pop3 | Post Office Protocol (version 3) | 110 |
sunrpc | SUN Remote Procedure Call | 111 |
Mcidas | McIDAS Data Transmission Protocol | 112 |
ident/auth | Authentication Service | 113 |
audionews | Audio News Multicast | 114 |
sftp | Simple File Transfer Protocol | 115 |
uucp-path | UUCP Path Service | 117 |
sqlserv | SQL Services | 118 |
nntp | Network News Transfer Protocol | 119 |
ntp | Network Time Protocol | 123 |
pwdgen | Password Generator Protocol | 129 |
cisco-fna | Cisco FNATIVE | 130 |
cisco-tna | Cisco TNATIVE | 131 |
cisco-sys | Cisco SYSMAINT | 132 |
ingres-net | INGRES-NET Service | 134 |
profile | PROFILE Naming System | 136 |
netbios-ns | NetBIOS Name Service | 137 |
netbios-dgm | NetBIOS Datagram Service | 138 |
netbios-ssn | NetBIOS Session Service | 139 |
imap | Internet Message Access Protocol | 143 |
sql-net | SQL-NET | 150 |
sgmp | SGMP | 153 |
sqlsrv | SQL Service | 156 |
pcmail-srv | PCMail Server | 158 |
sgmp-traps | SGMP-TRAPS | 160 |
snmp | SNMP | 161 |
snmptrap | SNMPTRAP | 162 |
cmip-man | CMIP/TCP Manager | 163 |
send | SEND | 169 |
print-srv | Network PostScript | 170 |
xyplex-mux | Xyplex | 173 |
mailq | MAILQ | 174 |
vmnet | VMNET | 175 |
xdmcp | X Display Manager Control Protocol | 177 |
bgp | Border Gateway Protocol | 179 |
mumps | Plus Five's MUMPS | 188 |
irc | Internet Relay Chat Protocol | 194 |
dn6-nlm-aud | DNSIX Network Level Module Audit | 195 |
dn6-smm-red | DNSIX Session Managementt Module Audit Redirect | 196 |
dls | Directory Location Service | 197 |
dls-mon | Directory Location Service Monitor | 198 |
src | IBM System Resource Controller | 200 |
at-rtmp | AppleTalk Routing Maintenance | 201 |
at-nbp | AppleTalk Name Binding | 202 |
at-3 | AppleTalk Unused | 203 |
at-echo | AppleTalk Echo | 204 |
at-5 | AppleTalk Unused | 205 |
at-zis | AppleTalk Zone Information | 206 |
at-7 | AppleTalk Unused | 207 |
at-8 | AppleTalk Unused | 208 |
qmtp | The Quick Mail Transfer Protocol | 209 |
ipx | IPX | 213 |
vmpwscs | VM PWSCS | 214 |
softpc | Insignia Solutions | 215 |
dbase | dBASE UNIX | 217 |
imap3 | Interactive Mail Access Protocol (version 3) | 220 |
http-mgmt | http-mgmt | 280 |
asip-webadmin | AppleShare IP WebAdmin | 311 |
ptp-event | PTP Event | 319 |
ptp-general | PTP General | 320 |
pdap | Prospero Data Access Protocol | 344 |
rsvp_tunnel | RSVP Tunnel | 363 |
rpc2portmap | rpc2portmap | 369 |
aurp | AppleTalk Update-Based Routing Protocol | 387 |
ldap | Lightweight Directory Access Protocol | 389 |
netcp | NETscout Control Protocol | 395 |
netware-ip | Novell NetWare over IP | 396 |
ups | Uninterruptible power supply | 401 |
smsp | Storage Management Services Protocol | 413 |
mobileip-agent | MobileIP-Agent | 434 |
mobilip-mn | MobilIP-MN | 435 |
https | HTTP protocol over TLS/SSL | 443 |
snpp | Simple Network Paging Protocol | 444 |
microsoft-ds | Microsoft-DS | 445 |
appleqtc | Apple QuickTime | 458 |
ss7ns | ss7ns | 477 |
ph | Ph service | 481 |
isakmp | isakmp | 500 |
exec | Remote process execution | 512 |
login | remote login by Telnet | 513 |
shell | cmd | 514 |
printer | spooler | 515 |
ntalk | ntalk | 518 |
utime | unixtime | 519 |
ncp | NCP | 524 |
timed | timedserver | 525 |
irc-serv | IRC-SERV | 529 |
courier | rpc | 530 |
conference | chat | 531 |
netnews | readnews | 532 |
netwall | For emergency broadcasts | 533 |
iiop | iiop | 535 |
nmsp | Networked Media Streaming Protocol | 537 |
uucp | uucpd | 540 |
uucp-rlogin | uucp-rlogin | 541 |
klogin | klogin | 543 |
kshell | krcmd | 544 |
appleqtcsrvr | appleqtcsrvr | 545 |
dhcpv6-client | DHCPv6 Client | 546 |
dhcpv6-server | DHCPv6 Server | 547 |
afpovertcp | AFC over TCP | 548 |
rtsp | Real Time Stream Control Protocol | 554 |
remotefs | rfs server | 556 |
rmonitor | rmonitord | 560 |
monitor | monitor | 561 |
nntps | nntp protocol over TLS/SSL (was snntp) | 563 |
whoami | whoami | 565 |
sntp-heartbeat | SNTP HEARTBEAT | 580 |
imap4-ssl | IMAP4 + SSl (use 993 instead) | 585 |
password-chg | Password Change | 586 |
eudora-set | Eudora Set | 592 |
http-rpc-epmap | HTTP RPC Ep Map | 593 |
sco-websrvrmg3 | SCO Web Server Manager 3 | 598 |
ipcserver | SUN IPC server | 600 |
sshell | SSLshell | 614 |
sco-inetmgr | Internet Configuration Manager | 615 |
sco-sysmgr | SCO System Administration Server | 616 |
sco-dtmgr | SCO Desktop Administration Server | 617 |
sco-websrvmgr | SCO WebServer Manager | 620 |
ldaps | LDAP protocol over TLS/SSL (was sldap) | 636 |
dhcp-failover | DHCP Failover | 647 |
mac-srvr-admin | MacOS Server Admin | 660 |
doom | doom Id Software | 666 |
corba-iiop | CORBA IIOP | 683 |
corba-iiop-ssl | CORBA IIOP SSL | 684 |
nmap | NMAP | 689 |
msexch-routing | MS Exchange Routing | 691 |
ieee-mms-ssl | IEEE-MMS-SSL | 695 |
cisco-tdp | Cisco TDP | 711 |
flexlm | Flexible License Manager | 744 |
kerberos-adm | Kerberos administration | 749 |
phonebook | Phone | 767 |
dhcp-failover2 | dhcp-failover2 | 847 |
ftps-data | FTP protocol, data, over TLS/SSL | 989 |
ftps | FTP protocol, control, over TLS/SSL | 990 |
nas | Netnews Administration System | 991 |
telnets | Telnet protocol over TLS/SSL | 992 |
imaps | imap4 protocol over TLS/SSL | 993 |
ircs | irc protocol over TLS/SSL | 994 |
pop3s | POP3 protocol over TLS/SSL (was spop3) | 995 |
sunclustermgr | SUN Cluster Manager | 1097 |
tripwire | TRIPWIRE | 1169 |
shockwave2 | Shockwave 2 | 1257 |
h323hostcallsc | H323 Host Call Secure | 1300 |
lotusnote | Lotus Notes | 1352 |
novell-lu6.2 | Novell LU6.2 | 1416 |
ms-sql-s | Microsoft SQL Server | 1433 |
ms-sql-m | Microsoft SQL Monitor | 1434 |
ibm-cics | IBM CICS | 1435 |
sybase-sqlany | Sybase SQL Any | 1498 |
shivadiscovery | Shiva | 1502 |
wins | Microsoft Windows Internet Name Service | 1512 |
ingreslock | ingres | 1524 |
orasrv | Oracle | 1525 |
tlisrv | Oracle | 1527 |
coauthor | Oracle | 1529 |
rdb-dbs-disp | Oracle Remote Data Base | 1571 |
oraclenames | oraclenames | 1575 |
ontime | ontime | 1622 |
shockwave | Shockwave | 1626 |
oraclenet8cman | Oracle Net8 Cman | 1630 |
cert-initiator | cert-initiator | 1639 |
cert-responder | cert-responder | 1640 |
kermit | kermit | 1649 |
groupwise | groupwise | 1677 |
rsvp-encap-1 | RSVP-ENCAPSULATION-1 | 1698 |
rsvp-encap-2 | RSVP-ENCAPSULATION-2 | 1699 |
h323gatedisc | h323gatedisc | 1718 |
h323gatestat | h323gatestat | 1719 |
h323hostcall | h323hostcall | 1720 |
cisco-net-mgmt | cisco-net-mgmt | 1741 |
oracle-em1 | oracle-em1 | 1748 |
oracle-em2 | oracle-em2 | 1754 |
tftp-mcast | tftp-mcast | 1758 |
www-ldap-gw | www-ldap-gw | 1760 |
bmc-net-admin | bmc-net-admin | 1769 |
bmc-net-svc | bmc-net-svc | 1770 |
oracle-vp2 | Oracle-VP2 | 1808 |
oracle-vp1 | Oracle-VP1 | 1809 |
radius | RADIUS | 1812 |
radius-acct | RADIUS Accounting | 1813 |
hsrp | Hot Standby Router Protocol | 1985 |
licensedaemon | Cisco license management | 1986 |
tr-rsrb-p1 | Cisco RSRP Priority 1 port | 1987 |
tr-rsrb-p2 | Cisco RSRP Priority 2 port | 1988 |
tr-rsrb-p3 | Cisco RSRP Priority 3 port | 1989 |
stun-p1 | Cisco STUN Priority 1 port | 1990 |
stun-p2 | Cisco STUN Priority 2 port | 1991 |
stun-p3 | Cisco STUN Priority 3 port | 1992 |
snmp-tcp-port | Cisco SNMP TCP port | 1993 |
stun-port | Cisco serial tunnel port | 1994 |
perf-port | Cisco perf port | 1995 |
tr-rsrb-port | Cisco Remote SRB port | 1996 |
gdp-port | Cicso Gateway Discovery Protocol | 1997 |
x25-svc-port | Cisco X.25 service (XOT) | 1998 |
tcp-id-port | Cisco identification port | 1999 |
dlsrpn | Data Link Switch Read Port Number | 2065 |
dlswpn | Data Link Switch Write Port Number | 2067 |
ah-esp-encap | AH and ESP Encapsulated in UDP packet | 2070 |
h2250-annex-g | H.225.0 Annex G | 2099 |
ms-olap3 | Microsoft OLAP | 2382 |
ovsessionmgr | OpenView Session Manager | 2389 |
ms-olap1 | MS OLAP 1 | 2393 |
ms-olap2 | MS OLAP 2 | 2394 |
mgcp-gateway | Media Gateway Control Protocol Gateway | 2427 |
ovwdb | OpenView NNM daemon | 2447 |
giop | Oracle GIOP | 2481 |
giop-ssl | Oracle GIOP SSL | 2482 |
ttc | Oracle TTC | 2483 |
ttc-ssl | Oracle TTC SSL | 2484 |
citrixima | Citrix IMA | 2512 |
citrixadmin | Citrix ADMIN | 2513 |
call-sig-trans | H.323 Annex E call signaling transport | 2517 |
windb | WinDb | 2522 |
novell-zen | Novell ZEN | 2544 |
clp | Cisco Line Protocol | 2567 |
hl7 | HL7 | 2575 |
citrixmaclient | Citrix MA Client | 2598 |
sybaseanywhere | Sybase Anywhere | 2638 |
novell-ipx-cmd | Novell IPX CMD | 2645 |
sms-rcinfo | SMS RCINFO | 2701 |
sms-xfer | SMS XFER | 2702 |
sms-chat | SMS CHAT | 2703 |
sms-remctrl | SMS REMCTRL | 2704 |
mgcp-callagent | Media Gateway Control Protocol Call Agent | 2727 |
dicom-iscl | DICOM ISCL | 2761 |
dicom-tls | DICOM TLS | 2762 |
citrix-rtmp | Citrix RTMP | 2897 |
wap-push | WAP Push | 2948 |
wap-pushsecure | WAP Push Secure | 2949 |
h263-video | H.263 Video Streaming | 2979 |
lotusmtap | Lotus Mail Tracking Agent Protocol | 3007 |
njfss | NetWare sync services | 3092 |
bmcpatrolagent | BMC Patrol Agent | 3181 |
bmcpatrolrnvu | BMC Patrol Rendezvous | 3182 |
ccmail | cc:mail/lotus | 3264 |
msft-gc | Microsoft Global Catalog | 3268 |
msft-gc-ssl | Microsoft Global Catalog with LDAP/SSL | 3269 |
Unauthorized Use by SAP R/3 | Unauthorized Use by SAP R/3 | 3300 to 3301 |
mysql | MySQL | 3306 |
ms-cluster-net | MS Cluster Net | 3343 |
ssql | SSQL | 3352 |
ms-wbt-server | MS WBT Server | 3389 |
mira | Apple Remote Access Protocol | 3454 |
prsvp | RSVP Port | 3455 |
patrolview | Patrol View | 4097 |
vrml-multi-use | VRML Multiuser Systems | 4200 to 4299 |
rwhois | Remote Who Is | 4321 |
bmc-reporting | BMC Reporting | 4568 |
sip | SIP | 5060 |
sip-tls | SIP-TLS | 5061 |
pcanywheredata | PcANYWHEREdata | 5631 |
pcaywherestat | pcANYWHEREstat | 5632 |
x11 | X Window System | 6000 to 6063 |
bmc-grx | BMC GRX | 6300 |
bmc-perf-agent | BMC PERFORM AGENT | 6767 |
bmc-perf-mgrd | BMC PERFORM MGRD | 6768 |
sun-lm | SUN License Manager | 7588 |
http-alt | HTTP Alternate (see port 80) | 8080 |
cp-cluster | Check Point Clustering | 8116 |
patrol | Patrol | 8160 |
patrol-snmp | Patrol SNMP | 8161 |
wap-wsp | WAP connectionless session service | 9200 |
wap-wsp-wtp | WAP session service | 9201 |
wap-wsp-s | WAP secure connectionless session service | 9202 |
wap-wsp-wtp-s | WAP secure session service | 9203 |
wap-vcard | WAP vCard | 9204 |
wap-vcal | WAP vCal | 9205 |
wap-vcard-s | WAP vCard Secure | 9206 |
wap-vcal-s | WAP vCal Secure | 9207 |
bmc-perf-sd | BMC-PERFORM-SERVICE DAEMON | 10128 |
h323callsigalt | h323 Call Signal Alternate | 11720 |
vofr-gateway | VoFR Gateway | 21590 |
quake | quake | 26000 |
flex-lm | FLEX LM (110) | 27000 to 27009 |
traceroute | traceroute use | 33434 |
reachout | REACHOUT | 43188 |
