Home > Sample chapters

CompTIA A+ Rapid Review: Networking

Objective 2.4: Explain common TCP and UDP ports, protocols, and their purpose

TCP and UDP are core protocols within the TCP/IP suite of protocols. They both use well-known port numbers to identify the type of traffic being sent to destination computers. Firewalls use these port numbers to allow or block traffic. Other protocols work within the TCP/IP suite for other purposes, and this objective expects you to know the primary purpose of some of these protocols. Also, you should know the primary differences between TCP and UDP.

Exam need to know...

  • Ports

    For example: What ports are used for traffic in web browsers?

  • Protocols

    For example: What is the difference between DHCP and DNS? What is SSH and SFTP?

  • TCP vs. UDP

    For example: Which protocol (TCP or UDP) provides the best reliability?

Ports

TCP/IP packets include source IP addresses and ports, and destination IP addresses and ports. The IP address is used to get traffic from the source computer to the destination computer. When the packet reaches the destination, the destination computer uses the port to identify what to do with the traffic.

This is similar to how regular mail uses an address to get mail to a home. After it arrives, someone sorts the mail and determines who gets it. If it’s addressed to you, you open and handle it. In this context, the mailing address is similar to the IP address, and the person the mail is addressed to is similar to the port.

For example, Hypertext Transfer Protocol (HTTP) uses port 80. When you use a web browser to browse the Internet, your computer sends a request to the web server using its IP address and a destination port of 80. When the web server receives it, it sees port 80 and sends the request to the service handling web requests.

If your web browser had a secure connection, it would use Hypertext Transfer Protocol Secure (HTTPS) and port 443. Instead of using a destination port 80, it uses a destination port of 443. Again, when the web server receives it, it recognizes port 443 and forwards the request to the web server.

True or false? Port 25 should be opened on a firewall to send email.

Answer: True. Port 25 is used by Simple Mail Transfer Protocol (SMTP) to send email.

Incoming email uses either port 110 with Post Office Protocol version 3 (POP3) or port 143 with Internet Message Access Protocol (IMAP).

True or false? Port 53 should be opened if a user wants to control a computer remotely with RDP.

Answer: False. Port 53 is used for DNS name resolution requests. Port 3389 should be opened when using the Remote Desktop Protocol (RDP).

Protocols

Protocols provide the rules for transmitting traffic over a network. Most protocols are formally defined in Request For Comments (RFC) documents. For example, RFC 2131 defines how DHCP works, including the contents of packets sent back and forth between DHCP servers and DHCP clients.

True or false? SFTP is used to transfer large files in an encrypted format.

Answer: True. File Transfer Protocol (FTP) is used to transfer large files over a network, and Secure File Transfer Protocol (SFTP) uses Secure Shell (SSH) to encrypt the files.

You should know the primary purpose of the following protocols mentioned in this objective:

  • DHCP. Assigns an IP address and other TCP/IP configuration to clients.

  • DNS. Used to resolve user-friendly names of network resources (also called hosts or host names) to their IP addresses.

  • Lightweight Directory Access Protocol (LDAP). Used to interact with services such as Active Directory Domain Services in Microsoft domains.

  • Simple Network Management Protocol (SNMP). Used to communicate with and manage network devices such as switches and routers.

  • Server Message Block (SMB). Used to transfer files over a network in a Microsoft network.

  • SSH. Used to encrypt some types of traffic such as SFTP.

  • SFTP. Used to transfer large files securely.

TCP vs. UDP

Most IP traffic transmitted over an Ethernet network uses either Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). The characteristic differences determine which is the most suited for specific traffic, so you need to know the basic differences between them for the A+ exam.

True or false? TCP is known as a connectionless protocol, and UDP is known as a connection-oriented protocol.

Answer: False. The definitions are reversed. TCP is known as a connection-oriented protocol, and UDP is known as a connectionless protocol.

“Connection” in this context refers to how the protocols communicate. TCP exchanges three packets between two systems before sending data. These packets verify that the computers are able to connect. In contrast, UDP packets are just sent without checking to see whether the other system is operational.

Table 2-1 lists some of the common differences between TCP and UDP. TCP uses a three-way handshake to create a connection, but UDP does not. TCP provides guaranteed delivery by verifying that packets were received with receipt acknowledgements and resending them if necessary. In contrast, UDP makes a best effort to deliver the data but doesn’t verify that it has been received. If a UDP packet isn’t received, it’s lost.

Table 2-1. TCP vs. UDP

TCP

UDP

Connection-oriented (uses three-way handshake before sending)

Connectionless (no handshake)

Guaranteed delivery

Best effort delivery

Receipt acknowledgements

No acknowledgments

You can think of TCP like a connection made with a phone call between two people. Imagine Bob wants to tell Susan that she was just announced as a winner of $1,000 on a local radio station but that she has to call in within ten minutes. The three-way handshake starts like this:

  1. Bob calls Susan.

  2. Susan answers the phone with “Hello.”

  3. Bob replies with “Hi, this is Bob” and then gives her the message.

If Susan doesn’t hear or understand the message, she can ask Bob to repeat it. When the call is over, Bob knows that Susan did get the message.

UDP is similar to sending a text message. Bob might send messages to Susan all the time, so he could send a text message about Susan winning the prize and the need to call immediately. It will probably work, but any number of things might go wrong. There might be a problem with settings on Bob’s system, Susan’s system, or the network sending the traffic.

If the message is important and timely, the phone is the best option. If the message isn’t important, a text message could be used.

Similarly, when you need guaranteed delivery of data over a network, TCP is used. If it’s acceptable for some packets to be lost (such as when streaming audio or video), UDP is a good choice.

Can you answer these questions?

You can find the answers to these questions at the end of this chapter.

  1. What ports are used for email traffic?

  2. What protocol is encrypted with SSH and is used to transfer large encrypted files?

  3. When comparing TCP and UDP, which protocol provides guaranteed delivery of traffic?