CompTIA A+ Core Certification: A Simple Guide To Networking 1 - TCP and UDP Ports, Protocols, and Their Purposes

Comptia A+ Core Networking Topics:

Objective 2.1: Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes.
Objective 2.2: Compare and contrast common networking hardware.
Objective 2.3: Compare and contrast protocols for wireless networking.
Objective 2.4: Summarize services provided by networked hosts.
Objective 2.5: Given a scenario, install and configure basic wired/wireless small office/home office (SOHO) networks.
Objective 2.6: Compare and contrast common network configuration concepts.
Objective 2.7: Compare and contrast Internet connection types, network types, and their features.
Objective 2.8: Given a scenario, use networking tools.
 

220-1101: Objective 2.1: Compare and contrast TCP and UDP ports, protocols, and their purposes.

Key Topics To Know:
TCP and UDP Ports, Protocols, and Their Purposes
FTP
SSH
Telnet
SMTP
DNS
DHCP
HTTP/HTTPS
POP3
NetBIOS/NetBT
IMAP
SNMP
LDAP
SMB/CIFS
RDP
TCP vs. UDP
Networking Hardware
Router
Switch
Wireless Access Point
Patch Panel
Firewall
Power over Ethernet
Hub
Modems: Cable and DSL
Optical Network Terminal (ONT)
Network Interface Card
Software-Defined Networking
Compare and Contrast Wireless Networking Protocols
Frequencies
MIMO
Channels
Bluetooth
Wi-Fi Standards
Long-Range Fixed Wireless
NFC
RFID
Services Provided by Networked Hosts
DNS Server
DHCP Server
File Server
Print Server
Mail Server
Syslog Server
Web Server
Authentication, Authorization, and Accounting (AAA) Server
Internet Appliances
Spam Gateways
UTM
IDS
IPS
Load Balancers
Proxy Server
Legacy and Embedded Systems
Internet of Things (IoT) Devices
Install and Configure a Basic Wired/Wireless SOHO Network
IP Addressing
IPv4
Public and Private IP Addresses
IPv6
Viewing IP Address Information
APIPA IP Addresses/Link Local Addresses
Dynamic vs. Static IP Addresses
DHCP
IP Addressing
NIC Configuration
NIC Configuration Steps
End-User Device Configuration
Cable/DSL Modem
Network Configuration Concepts
DNS
DHCP
VLAN
VPN
Internet Connection Types, Network Types, and Their Features
Internet Connection Types
Cable
DSL
Fiber
Satellite
Cellular
Wireless Internet Service Provider
Network Types
LAN
WAN
PAN
MAN
SAN
WLAN
Using Networking Tools
Cutting Tool
Cable Stripper
Crimper
Punchdown Tool
Multimeter
Toner Probe
Cable Tester
Loopback Plug
Wi-Fi Analyzer
Network Tap
TCP and UDP Ports, Protocols, and Their Purposes

When humans want to share ideas with each other, they agree to use common communication protocols, or rules, to make sure they are understood. Protocols help us know when to speak, when to listen, and how to start and finish conversations. We constantly use protocols but rarely think about them. When people have a communication failure, a protocol failure is likely involved.
 

Protocols serve the same purpose in computer network communication. Because the processes involved in computer communication can be complex, ways of using protocols and ports have been developed to keep the processes of communication sorted out and flowing smoothly. This section describes some of the protocols and ports that are typically used in networks.
 

When an application needs to send or receive data, it must use a particular protocol designed for that application and open a port on the network adapter to make a connection to another computer. Computers use port numbers to identify protocols and keep the different processes sorted out. For example, if you want to visit www.google.com, you open a browser and type https://www.google.com. The protocol being used is HTTPS (short for Hypertext Transfer Protocol Secure), and it makes the connection to the web server: google.com. HTTPS selects an unused port on your computer (known as an outbound port) to send and receive data to and from google.com. On the other end, Google’s web server has a specific port open at all times, ready to accept sessions. In most cases, the web server’s port is 443, which corresponds to HTTPS. This is known as an inbound port.
 

Both TCP and UDP utilize ports to make connections. Remember that the inbound ports are of concern on a server. For example, an FTP server that stores files for customers must have inbound port 21 open by default because that is the common port for FTP. Table below displays some common protocols and their default corresponding inbound ports. Most common protocols use the same TCP and UDP port numbers.

Table: Common Protocols and Their Ports

Know these protocols and their corresponding port numbers for the 220-1101 exam. The sections that follow provide more details about these protocols.

FTP
File Transfer Protocol (FTP) is a protocol that both web browsers and specialized FTP programs use to access dedicated file transfer servers for file downloads and uploads. When accessing an FTP site, the site uses the prefix ftp://.

Windows and Linux contain a command-line FTP program; type ftp, press Enter, and then type help at the FTP prompt to see the available commands. See https://linux.about.com/od/commands/l/blcmdl1_ftp.htm.

For macOS, see https://osxdaily.com/2011/02/07/ftp-from-mac/ or type ftp from the command line.

FTP sites with downloads available to any user support anonymous FTP. If any credentials are required for FTP, they are typically the username anonymous and the user’s email address as a password. Some FTP sites require the user to log in with a specified username and password. FTP is not considered secure because FTP users can authenticate in clear-text sign-ins. For greater security, use FTP secured with SSL/TLS (FTPS) or Secure File Transfer Protocol (SFTP). FTP uses ports 20 and 21. Port 21 is used to establish a connection and port 20 is used for data transfer.

It is possible to use an operating system’s built-in FTP client for file uploads and downloads with both secured and unsecured FTP sites, but consider using third-party FTP products such as FileZilla (https://filezilla-project.org). Such programs enable the creation of a customized setup for each FTP site you visit and store passwords, server types, and other necessary information. They also enable faster downloads than typical web browsers running in ftp:// mode.

SSH
Secure Shell (SSH) enables computers to exchange data on a secured channel. This protocol is more secure than FTP and Telnet. The Secure Shell server housing the data you want to access will have port 22 open. (SSH uses port 22.) Several other protocols use SSH to make secure connections. One of these is Secure FTP (SFTP), as previously mentioned. Regular FTP can be nonsecure. SFTP combats this by providing file access over a reliable data stream, generated and protected by SSH.

Telnet
Telnet enables users to make a text-based connection to a remote computer or networking device and then use that device as if they were sitting in front of it instead of merely downloading pages and files as with an http:// or ftp:// connection.
Windows and Linux contain a command-line Telnet program. To open a connection to a remote computer, open a command prompt (Windows) or

Terminal session (Linux), type telnet, and press the Enterhelp and press the Enter key.
macOS includes a menu-driven Telnet program available from Terminal. Because of the standard practice of using SSH, Telnet has been removed from later versions of macOS. However, if Telnet is still needed, it can be installed. See https://osxdaily.com/2018/07/18/get-telnet-macos/.

A remote computer must be configured to accept a Telnet login. Typically, TCP port 23 on the remote computer must be open before a login can take place.

SMTP
Simple Mail Transfer Protocol (SMTP) is used to send email from a client system to an email server, which also uses SMTP to relay the message to the receiving email server. SMTP uses port 25.

When configuring email settings on a client, check with the ISP or organization that provides Internet access for the correct settings. You need to know the server type(s) used (SMTP, POP3, or IMAP), the ports used (some ISPs change the default values), the username and password for the email service, and the security settings (for example, whether SSH is used).

DNS
Domain Name System (DNS) is the name for the network of servers on the Internet that translate domain names, such as www.informit.com or www.comptia.org, and individual host names into their corresponding IP addresses. When manually configuring an IP address, you typically provide the IP address of a DNS server (or the IP addresses of multiple DNS servers) as part of the configuration process. DNS uses port 53. Some technicians refer to DNS as the Domain Name Service; this might not be technically correct, but it is understandably a common translation of DNS.

DHCP
Dynamic Host Configuration Protocol (DHCP) is used to automatically assign IP addresses to hosts. These hosts can be computers, printers, servers, routers, and so on. In most SOHO networks, a router uses DHCP to assign IP addresses to the client computers. In addition, your ISP uses DHCP to assign an IP address to you, and usually your router gets this address. The DHCP service makes life easier for a network administrator by automatically assigning IP addresses, subnet masks, gateway addresses, DNS servers, and so on. If you get your address from a DHCP server, you are getting your address assigned dynamically, so it might change periodically. However, some computers and printers require a static address—that is, an address that the network administrator assigns manually. In many situations, servers and printers are better served using static addresses that DHCP doesn’t change. This way, access to printers and servers is more reliable over time. DHCP uses ports 67 and 68, where UDP port number 67 is the destination port of a server and UDP port number 68 is used by the client.

HTTP/HTTPS
Hypertext Transfer Protocol (HTTP) is the protocol that web browsers, such as Internet Explorer, Microsoft Edge, Firefox, and Chrome, use to access websites and content. Normal (unsecured) sites use the prefix http:// when accessed in a web browser. Sites that are secured with various encryption schemes such as HTTP Secure or HTTP over TLS (HTTPS) are identified with the prefix https://. HTTP uses port 80 and HTTPS uses port 443.
Most browsers connecting with a secured site also display a closed padlock symbol onscreen.

POP3
Post Office Protocol version 3 (POP3) is one of two leading protocols used for receiving email; IMAP is the other one. In an email system based on POP3, email is downloaded from the mail server to folders on a local system. POP3 is not a suitable email protocol for users who frequently switch between computers and mobile devices because email might be spread over multiple computers. POP3 is the current standard. Users who utilize POP3 servers to retrieve email typically use SMTP to send messages. POP3 uses port 110.

For users who must use POP3-based email and who use multiple computers, a remote access solution—for example, Windows Remote Desktop Connection or a service such as GoToMyPC—is recommended. A remote access solution enables users to remotely access the system that connects to the POP3 mail server so that they can download and read email messages no matter where they are working.

NetBIOS/NetBT
NetBIOS, also known as NetBT (RFC 1001), is a protocol that allows some legacy applications that were developed in the 1980s (before the TCP/IP environment became the standard) to work on larger networks and the Internet. Many of those early applications could not scale to the TCP environment, so the NetBIOS/NetBT protocol was designed in 1987 to provide the needed compatibility. NetBIOS/NetBT uses ports 137–139.

IMAP
Internet Message Access Protocol (IMAP) is an email protocol that enables messages to remain on the email server so they can be retrieved from any location. (Recall that POP3, the other leading protocol for receiving email, downloads messages to the mail client.) IMAP also supports folders so that users can organize their messages as desired. IMAP4 is the current version of IMAP.

To configure an IMAP-based email account, you must select IMAP as the email server type and specify the name of the server, your username and password, and whether the server uses SSL/TLS. IMAP uses port 143. IMAP over SSL/TLS uses port 993.

SNMP
Simple Network Management Protocol (SNMP) is the standard for managing and monitoring devices on a network. SNMP manages routers, switches, and computers and is often incorporated into software known as a network management system (NMS). The NMS is the main software that controls everything SNMP based; it is installed on a computer known as a manager. The devices to be monitored are known as managed devices. The NMS installs a small piece of software known as an agent that allows it to monitor those managed devices. SNMP uses ports 161 and 162.

LDAP
Lightweight Directory Access Protocol (LDAP) is used to access and maintain distributed directories of information such as the kind involved with Microsoft domains. Microsoft refers to this as directory services. By default, LDAP traffic is unsecured. LDAP over SSL (LDAPS) secures LDAP by enabling communications over SSL/TLS. LDAP uses port 389 and LDAPS uses port 636.

SMB/CIFS
Server Message Block (SMB) provides access to shared items such as files and printers. SMB uses packets that authenticate remote computers through interprocess communication mechanisms. SMB uses ports 137–139 for SMB traffic using NetBIOS over TCP (NetBT) and 445 for SMB hosted on TCP.
 

Port 445 is also used by the Common Internet File System (CIFS). CIFS was widely used after its introduction as a standard method for sharing files across corporate intranets and the Internet. CIFS is an enhanced version of Microsoft SMB, which is an open, cross-platform protocol. CIFS has now largely been replaced by updated versions of SMB. The current version is SMB 3.1.1.
If traffic on ports 137–139 is blocked, you must use the device’s IP address to access shared files or printers. When these ports are open, you can use the name of the device to access its shared files or printers.

RDP
The Remote Desktop Protocol (RDP) port 3389 is used by Remote Desktop Services (RDS), which is the Windows Server–based companion of Remote Desktop Connection. 

TCP vs. UDP
 

User Datagram Protocol (UDP) sessions are known as connectionless sessions. This means that the messages are sent without an expectation of communication from the receiver. UDP does its best to send a message, but it does not account for errors. For example, a new device that is looking for an IP address generates DHCP messages as advertisements to all devices on the network. If all the devices that heard the message responded, network traffic would be unnecessarily busy and the network would be less efficient. Similarly, Trivial File Transfer Protocol (TFTP) is a protocol that is used to transport file packets that do not need a response.
 

UDP is used in streaming media sessions, such as Voice over IP (VoIP) and gaming, and for protocols that use a simple query and response, such as DNS. If you have ever been streaming some music and heard a break in the song or a blip of some kind, that likely indicated some missing packets. TCP tries to replace the missing packets, but you do not really want them back: By the time they might arrive, you would be listening to a totally different part of the music stream and the updated information would be out of place.
 

Transmission Control Protocol (TCP) sessions are known as connection-oriented sessions. This means that every packet that is sent is checked for delivery. If the receiving computer doesn’t receive a packet, it cannot assemble the message and must ask the sending computer to transmit the missing packet again. No packet is left behind. For example, if a computer sends a picture of a cat but the packets containing part of the picture (say, the nose) don’t arrive, TCP allows the receiving computer to tell the sending computer that some expected packets went missing and to send them again. This way, the user application at the receiving end gets the entire picture, not some strange picture of a cat without a nose.
 

Other examples of protocols that use TCP are HTTPS and SSH. Because they are secure protocols, it is important to verify that the communication has been completed successfully and that any missing packets are re-sent.

The two examples above of the cat picture and the music stream demonstrate that different situations call for different protocols. UDP is the better choice for time-sensitive information, even though it is less reliable than TCP. In other situations, where reliability is important, TCP is beneficial.