1
00:00:04,850 --> 00:00:11,250
So again protocol at Layer 4 is TTP which Layer 7 protocol is used.

2
00:00:11,390 --> 00:00:16,100
Notice destination port is 80 80 is HDP.

3
00:00:17,220 --> 00:00:29,150
Notice we've got what's called a destination port we could search in Google for port numbers and let's

4
00:00:29,150 --> 00:00:38,800
go to the eye on a Web site which is the Internet Assigned Numbers Authority and if we search for 80

5
00:00:39,100 --> 00:00:45,440
in that list you can see that HP port 80 is world wide web.

6
00:00:45,490 --> 00:00:48,810
A GDP.

7
00:00:48,870 --> 00:00:56,400
Now some protocols such as DNS or domain name server or domain name system as it's sometimes called

8
00:00:57,120 --> 00:01:04,350
uses both DCP and UDP HDP generally uses TTP because we want reliability.

9
00:01:04,350 --> 00:01:14,160
So again Layer 3 protocol is IP version 4 Layer 4 protocol is TTP we are indicating the application

10
00:01:14,490 --> 00:01:19,110
that we want to send the data to by the port number.

11
00:01:19,110 --> 00:01:24,930
Think of it as follows The server is running multiple services and I want you to see these services

12
00:01:24,930 --> 00:01:27,510
and look at the protocols going to the services.

13
00:01:27,510 --> 00:01:31,080
So under services we've got an HP server.

14
00:01:31,200 --> 00:01:33,330
We've also got a TFT P server.

15
00:01:33,450 --> 00:01:38,850
We've got an FTB server and email server and various other servers.

16
00:01:39,270 --> 00:01:40,940
Where should the data go.

17
00:01:40,950 --> 00:01:43,260
It needs to go to the right application.

18
00:01:43,350 --> 00:01:49,930
You're not going to open up a MP 3 music file in a word processor.

19
00:01:50,010 --> 00:01:51,000
It's not going to work.

20
00:01:51,000 --> 00:01:59,730
Word opens word processing files an application such as a music application gets used to open music

21
00:01:59,730 --> 00:02:00,560
files.

22
00:02:00,660 --> 00:02:05,760
So you need the right application or right service to work with the right data.

23
00:02:05,820 --> 00:02:14,070
So again you use a port number to send the ATP traffic to the HP server you use a port number like 53

24
00:02:14,070 --> 00:02:16,290
to send traffic to a DNS server.

25
00:02:16,380 --> 00:02:25,430
You use Port 21 to send it to FCP server or service sixty nine to a TFT IP service.

26
00:02:25,560 --> 00:02:31,380
You have one physical server running different processes or different applications and you want to send

27
00:02:31,380 --> 00:02:36,420
the data to the correct service or correct server application.

28
00:02:36,480 --> 00:02:40,130
Those applications listen on a specific port number.

29
00:02:40,140 --> 00:02:48,750
So the HDP server listens and port 80 the NDP server will listen on Port 21 TFT people listen on Port

30
00:02:48,750 --> 00:02:50,440
69.

31
00:02:50,510 --> 00:02:58,130
So this is indicating to the server that this data needs to go to the application listening on port

32
00:02:58,130 --> 00:03:01,650
80 and you can see the HBP request.

33
00:03:01,910 --> 00:03:11,030
So packet gets sent to the server the server because it's listening on that port will receive the data

34
00:03:11,270 --> 00:03:13,740
and send it to the relevant application.

35
00:03:13,790 --> 00:03:19,360
What you'll also notice here is the source port is 1025.

36
00:03:19,430 --> 00:03:21,790
So let's talk about port numbers and a bit more detail.

37
00:03:21,800 --> 00:03:29,840
A server service will listen on what's called a well known port number but when you initiate a session

38
00:03:29,840 --> 00:03:38,090
to a well-known port number such as 80 you will use what's called a femoral or random port number.

39
00:03:38,240 --> 00:03:47,460
Now going back to the Iona we told that service names are assigned on a first come first serve basis

40
00:03:47,520 --> 00:03:54,060
as documented in this or if sea service names and port numbers are used to distinguish between services

41
00:03:54,060 --> 00:03:59,420
that run over transport protocols such as TCB UDP and others.

42
00:03:59,490 --> 00:04:00,980
This is the important part.

43
00:04:00,990 --> 00:04:11,640
These port numbers in the range 0 to 1023 are signed as system port numbers so 80 is in that range.

44
00:04:11,640 --> 00:04:16,940
We have what's called a user port numbers in this range and then we have what are called dynamic or

45
00:04:16,950 --> 00:04:21,060
private port numbers also called ephemeral port numbers.

46
00:04:21,060 --> 00:04:23,400
Again people use different terms.

47
00:04:23,400 --> 00:04:24,280
Is it a router.

48
00:04:24,330 --> 00:04:25,560
Is it a router.

49
00:04:25,560 --> 00:04:27,830
Is it a highway or a motorway.

50
00:04:27,870 --> 00:04:29,200
Is it a sneaker.

51
00:04:29,220 --> 00:04:31,290
Is it a trainer or in South Africa.

52
00:04:31,290 --> 00:04:34,980
Is it a tacky tacky as a word that comes from Afrikaans.

53
00:04:35,160 --> 00:04:37,800
But we use that as the English word in South Africa.

54
00:04:37,800 --> 00:04:39,630
So is it a tacky.

55
00:04:39,630 --> 00:04:41,550
Is it a trainer.

56
00:04:41,580 --> 00:04:42,880
Like in the UK.

57
00:04:42,970 --> 00:04:45,500
Was it a sneaker in the USA.

58
00:04:45,540 --> 00:04:51,990
Different terms used by different people but dynamic or random port numbers or private port numbers

59
00:04:52,230 --> 00:04:56,460
or ephemeral port numbers are dynamically or randomly used.

60
00:04:56,460 --> 00:05:04,920
Now you'll notice packet traces actually using a port number in this range 1025 is the source port number

61
00:05:06,000 --> 00:05:12,200
things change over time if I do a search in Google for a femoral port numbers

62
00:05:15,060 --> 00:05:16,590
on Wikipedia.

63
00:05:16,860 --> 00:05:24,030
You can read more detail about how the eye honor recommends those port numbers for dynamic or private

64
00:05:24,030 --> 00:05:24,740
ports.

65
00:05:24,870 --> 00:05:32,380
But many Linux kernels use this range BSD used this range.

66
00:05:32,460 --> 00:05:36,810
Windows XP used this range by default.

67
00:05:36,810 --> 00:05:41,120
So 1025 not 1024 Vista.

68
00:05:41,160 --> 00:05:43,150
Windows 7 2008.

69
00:05:43,170 --> 00:05:51,330
You use the AI on a range Windows 2003 used this range basically different operating systems used different

70
00:05:51,390 --> 00:05:58,950
ranges and then we told all versions of Windows since Windows 2000 to allow you to specify a custom

71
00:05:58,950 --> 00:06:05,370
range in that range 1025 to sixty five thousand five hundred and thirty five.

72
00:06:05,400 --> 00:06:11,220
You can also see that Windows allows you to customize this so you can specify a custom range.

73
00:06:11,220 --> 00:06:17,220
The moral of the story is servers and for the CCMA you need to worry about some of the well-known port

74
00:06:17,220 --> 00:06:25,150
numbers 80 HDP 21 f DP 69 TFT P and there's a few others.

75
00:06:25,270 --> 00:06:26,440
23 is telnet.

76
00:06:26,440 --> 00:06:28,510
22 is SS H.

77
00:06:28,590 --> 00:06:38,320
No the well-known protocols HDP s as an example is 443 you'll get to know the protocols as you work

78
00:06:38,440 --> 00:06:39,390
with networks.

79
00:06:39,490 --> 00:06:44,650
But for the exam study the well-known port numbers and well-known protocols.

80
00:06:44,710 --> 00:06:50,990
So here we can see the pieces using this source port number going to the server.

81
00:06:51,010 --> 00:06:56,980
However what you'll notice and let's show that in the PD you is that the port numbers get swapped round

82
00:06:57,700 --> 00:07:00,070
when the server replies.

83
00:07:00,220 --> 00:07:01,670
So this is the inbound PD.

84
00:07:01,690 --> 00:07:05,950
This is the PD you from the P.C. to the server.

85
00:07:05,950 --> 00:07:12,420
Source mac addresses the P.C. source IP addresses the P.C. source port number is 1025.

86
00:07:12,790 --> 00:07:18,730
But for the reply that gets reversed round source MAC address is the server.

87
00:07:18,730 --> 00:07:25,810
Destination is the P.C. source IP addresses the server destination is the P.C. source port number is

88
00:07:25,890 --> 00:07:26,450
80.

89
00:07:26,470 --> 00:07:29,150
Destination Port number is 1025.

90
00:07:29,470 --> 00:07:35,200
So basically for our communication MAC addresses get swapped round IP addresses get swapped round and

91
00:07:35,200 --> 00:07:36,780
port numbers get swapped round.

92
00:07:36,790 --> 00:07:43,300
So if you talk from your P.C. to my server and port 80 I'll reply from port 80 to the port number that

93
00:07:43,300 --> 00:07:44,800
you've chosen.

94
00:07:44,800 --> 00:07:50,230
The reason why the PRC will choose dynamic port numbers is if you open up two sessions to my server

95
00:07:50,500 --> 00:07:56,510
your first session may use port number 1025 and your second session may use port number one thousand

96
00:07:56,510 --> 00:07:57,470
twenty six.

97
00:07:57,490 --> 00:08:01,830
They should be randomize but often they're not and that's why hackers can often guess what port number

98
00:08:01,830 --> 00:08:06,000
is going to be used next by application but there you go.

99
00:08:06,030 --> 00:08:13,540
That's an example of layer to layer 3 layer for and layer 7.

100
00:08:13,620 --> 00:08:21,570
If we look in the OSA model here they don't show Layer 7 as the protocol here but that's actually the

101
00:08:21,570 --> 00:08:25,900
protocol used in the TPP IP protocol stack.

102
00:08:26,190 --> 00:08:31,050
Again TTP IP model originally 4 layers we now have 5 layers.

103
00:08:31,140 --> 00:08:35,730
So we group layer 5 6 and 7 together as the application.

104
00:08:35,730 --> 00:08:41,270
But we talk about Layer 7 because of the history with the OSA model.

105
00:08:41,340 --> 00:08:43,820
Okay so that was quite detailed.

106
00:08:43,830 --> 00:08:49,230
I'm hoping that helps you understand a bit about port numbers protocol numbers Ethernet types and so

107
00:08:49,230 --> 00:08:49,880
forth.

108
00:08:50,040 --> 00:08:52,500
In the next video I'm going to show you another protocol.

109
00:08:52,710 --> 00:08:59,910
Let's use email and let's say FCP spend some time however going through this yourself having a look

110
00:08:59,910 --> 00:09:01,020
at the different protocols.