在任意端口上运行的应用程序如何从 Internet 获取数据包？

Question

while I was studying Internet Protocols, a question just occurred to me. Typically, we could assign any ports that are not for typical usage (eg 80 for HTTP, 443 for HTTPS) to our applications. For example, when I use Node.js Express to build a simple server, I could assign port 5000 to this process like below.

const express = require('express')
const app = express()
const port = 5000

// some code to configure server

app.listen(port, () => {
  console.log(`Server is now running on port ${port}`)
})

My Node.js application will listen to port 5000. If my ip is for example 10.10.10.10 , then my application will get a request if anyone hits 10.10.10.10:5000 . However, if that's a HTTP/HTTPS request, shouldn't the packets come from port 80 / 443? Can someone tell me why it's not the case or why application listening to different ports can receive packets if they indeed come from 80 / 443.

Thank you.

Answer 1

When a packet leaves your computer it went through all the layers of the OSI model. It contains basically six specific information.

The destination and source IP address (the IP address of the server and your IP address respectively), the destination and source port (the port it is destined to at the server and the port it uses on your machine) and the destination and source MAC address (the MAC address of the machine it is destined to (locally) and the MAC address of your computer).

In a simple configuration (the computer behind a router), when you send this packet, it will be rerouted to the router using it's MAC address. The OS keeps a routing table which has the info on what to do with what IP address. Whether it is "On-Link" or if it needs to send the packet to a default gateway. You can print the routing table of your computer by typing route print in Windows CMD. If you are joining an outside server then the packet will be sent to the default gateway. It may need to do an ARP request in order to get the MAC address of the default gateway (or not depending on your computer's ARP table at that moment). You can see the ARP table by typing arp -a on Windows (in CMD).

Once the packet reaches the router, the router strips off the source IP (your internal network IP) and replaces it with the IP of it's external interface (your public IP). It does the link between those two addresses using the NAT table:

It also strips off the internal port and replaces it with a random available port (to the right). It means that 2 different machines accessing the same website can share the same local port. The destination port stays the same.

In the end if you receive a request from outside your router. Your router doesn't have a NAT table entry for that packet because it wasn't initiated by you. You'll need to use port forwarding to tell your router to forward incoming packets (destined to a certain port) to a certain internal IP.

Some routers (like mine) don't support specifying an external port AND an internal port. So both of these are the same (you cannot specify a different external vs internal port so you can't forward external 80 to internal 5000). In your case, you would need to specify an external port of 80/443 and an internal port of 5000 destined to 10.10.10.10 for your configuration to work. Otherwise, it should not work.