Network socket

This articleneeds additional citations forverification.Please helpimprove this articlebyadding citations to reliable sources.Unsourced material may be challenged and removed. Find sources:"Network socket"–news·newspapers·books·scholar·JSTOR(November 2017)(Learn how and when to remove this message)

Anetwork socketis a software structure within anetwork nodeof acomputer networkthat serves as an endpoint for sending and receiving data across the network. The structure and properties of a socket are defined by anapplication programming interface(API) for the networking architecture. Sockets are created only during the lifetime of aprocessof an application running in the node.

Because of thestandardizationof theTCP/IPprotocols in the development of theInternet,the termnetwork socketis most commonly used in the context of the Internet protocol suite, and is therefore often also referred to asInternet socket.In this context, a socket is externally identified to other hosts by itssocket address,which is the triad oftransport protocol,IP address,andport number.

The termsocketis also used for the software endpoint of node-internalinter-process communication(IPC), which often uses the same API as a network socket.

The use of the termsocketin software is analogous to the function of an electricalfemale connector,a device in hardware for communication between nodes interconnected with anelectrical cable.Similarly, the termportis used for external physical endpoints at a node or device.

The application programming interface (API) for the network protocol stack creates ahandlefor each socket created by an application, commonly referred to as asocket descriptor.InUnix-like operating systems,this descriptor is a type offile descriptor.It is stored by the application process for use with every read and write operation on the communication channel.

At the time of creation with the API, a network socket is bound to the combination of a type of network protocol to be used for transmissions, a network address of the host, and aport number.Ports are numbered resources that represent another type of software structure of the node. They are used as service types, and, once created by a process, serve as an externally (from the network) addressable location component, so that other hosts may establish connections.

Network sockets may be dedicated for persistent connections for communication between two nodes, or they may participate inconnectionlessandmulticastcommunications.

In practice, due to the proliferation of the TCP/IP protocols in use on the Internet, the termnetwork socketusually refers to use with theInternet Protocol(IP). It is therefore often also calledInternet socket.

An application can communicate with a remote process by exchanging data with TCP/IP by knowing the combination of protocol type, IP address, and port number. This combination is often known as asocket address.It is the network-facing access handle to the network socket. The remote process establishes a network socket in its own instance of the protocol stack and uses the networking API to connect to the application, presenting its own socket address for use by the application.

Aprotocol stack,usually provided by theoperating system(rather than as a separate library, for instance), is a set of services that allows processes to communicate over a network using the protocols that the stack implements. The operating system forwards the payload of incoming IP packets to the corresponding application by extracting the socket address information from the IP and transport protocol headers and stripping the headers from the application data.

The application programming interface (API) that programs use to communicate with the protocol stack, using network sockets, is called asocket API.Development of application programs that utilize this API is calledsocket programmingornetwork programming.Internet socket APIs are usually based on theBerkeley socketsstandard. In the Berkeley sockets standard, sockets are a form offile descriptor,due to theUnix philosophythat "everything is a file", and the analogies between sockets and files. Both have functions to read, write, open, and close. In practice, the differences strain the analogy, and different interfaces (send and receive) are used on a socket. Ininter-process communication,each end generally has its own socket.

In the standard Internet protocols TCP and UDP, a socket address is the combination of anIP addressand aport number,much like one end of a telephone connection is the combination of aphone numberand a particularextension.Sockets need not have a source address, for example, for only sending data, but if a programbindsa socket to a source address, the socket can be used to receive data sent to that address. Based on this address, Internet sockets deliver incomingdata packetsto the appropriate applicationprocess.

Socketoften refers specifically to an internet socket or TCP socket. An internet socket is minimally characterized by the following:

• local socket address, consisting of the local IP address and (for TCP and UDP, but not IP) a port number
• protocol: A transport protocol, e.g., TCP, UDP, raw IP. This means that (local or remote) endpoints with TCP port 53 and UDP port 53 are distinct sockets, while IP does not have ports.
• A socket that has been connected to another socket, e.g., during the establishment of a TCP connection, also has a remote socket address.

The distinctions between a socket (internal representation), socket descriptor (abstract identifier), and socket address (public address) are subtle, and these are not always distinguished in everyday usage. Further, specific definitions of asocketdiffer between authors. InIETFRequest for Comments,Internet Standards,in many textbooks, as well as in this article, the termsocketrefers to an entity that is uniquely identified by the socket number. In other textbooks,^[1]the termsocketrefers to a local socket address, i.e. a "combination of an IP address and a port number". In the original definition ofsocketgiven in RFC 147,^[2]as it was related to theARPA networkin 1971,"the socket is specified as a 32-bit number with even sockets identifying receiving sockets and odd sockets identifying sending sockets."Today, however, socket communications are bidirectional.

Within the operating system and the application that created a socket, a socket is referred to by a unique integer value called asocket descriptor.

On Unix-like operating systems andMicrosoft Windows,the command-line toolsnetstatorss^[3]are used to list established sockets and related information.

This example, modeled according to the Berkeley socket interface, sends the string "Hello, world!" viaTCPto port 80 of the host with address 203.0.113.0. It illustrates the creation of a socket (getSocket), connecting it to the remote host, sending the string, and finally closing the socket:

Socket mysocket = getSocket(type = "TCP" )
connect(mysocket, address = "203.0.113.0", port = "80" )
send(mysocket, "Hello, world!" )
close(mysocket)

Several types of Internet socket are available:

Datagram sockets

Connectionlesssockets, which useUser Datagram Protocol(UDP).^[4]Each packet sent or received on a datagram socket is individually addressed and routed. Order and reliability are not guaranteed with datagram sockets, so multiple packets sent from one machine or process to another may arrive in any order or might not arrive at all. Special configuration may be required to sendbroadcastson a datagram socket.^[5]In order to receive broadcast packets, a datagram socket should not be bound to a specific address, though in some implementations, broadcast packets may also be received when a datagram socket is bound to a specific address.^[6]

Stream sockets

Connection-orientedsockets, which useTransmission Control Protocol(TCP),Stream Control Transmission Protocol(SCTP) orDatagram Congestion Control Protocol(DCCP). A stream socket provides asequencedand unique flow of error-free data without record boundaries, with well-defined mechanisms for creating and destroying connections and reporting errors. A stream socket transmits datareliably,in order, and without-of-bandcapabilities. On the Internet, stream sockets are typically implemented using TCP so that applications can run across any networks using TCP/IP protocol.

Raw sockets

Allow direct sending and receiving of IP packets without any protocol-specific transport layer formatting. With other types of sockets, thepayloadis automaticallyencapsulatedaccording to the chosen transport layer protocol (e.g. TCP, UDP), and the socket user is unaware of the existence of protocolheadersthat are broadcast with the payload. When reading from a raw socket, the headers are usually included. When transmitting packets from a raw socket, the automatic addition of a header is optional.

Most socketapplication programming interfaces(APIs), for example, those based on Berkeley sockets, support raw sockets.Windows XPwas released in 2001 with raw socket support implemented in theWinsockinterface, but three years later, Microsoft limited Winsock's raw socket support because of security concerns.^[7]

Raw sockets are used in security-related applications likeNmap.One use case for raw sockets is the implementation of new transport-layer protocols inuser space.^[8]Raw sockets are typically available in network equipment, and used forrouting protocolssuch as theInternet Group Management Protocol(IGMP) andOpen Shortest Path First(OSPF), and in theInternet Control Message Protocol(ICMP) used, among other things, by theping utility.^[9]

Other socket types are implemented over other transport protocols, such asSystems Network Architecture^[10]andUnix domain socketsfor internal inter-process communication.

Computer processes that provide application services are referred to asservers,and create sockets on startup that are in thelistening state.These sockets are waiting for initiatives fromclientprograms.

A TCP server may serve several clients concurrently by creating a unique dedicated socket for each client connection in a new child process or processing thread for each client. These are in theestablished statewhen a socket-to-socketvirtual connectionor virtual circuit (VC), also known as a TCPsession,is established with the remote socket, providing a duplexbyte stream.

A server may create several concurrently established TCP sockets with the same local port number and local IP address, each mapped to its own server-child process, serving its own client process. They are treated as different sockets by the operating system since the remote socket address (the client IP address or port number) is different; i.e. since they have differentsocket pairtuples.

UDP sockets do not have anestablished state,because the protocol isconnectionless.A UDP server process handles incoming datagrams from all remote clients sequentially through the same socket. UDP sockets are not identified by the remote address, but only by the local address, although each message has an associated remote address that can be retrieved from each datagram with the networking application programming interface (API).

Communicating local and remote sockets are calledsocket pairs.Each socket pair is described by a unique4-tupleconsisting of source and destination IP addresses and port numbers, i.e. of local and remote socket addresses.^[11][12]As discussed above, in the TCP case, a socket pair is associated on each end of the connection with a unique 4-tuple.

The termsocketdates to the publication of RFC 147 in 1971, when it was used in the ARPANET. Most modern implementations of sockets are based onBerkeley sockets(1983), and other stacks such asWinsock(1991). The Berkeley sockets API in theBerkeley Software Distribution(BSD), originated with the 4.2BSDUnix operating systemas an API. Only in 1989, however, couldUC Berkeleyrelease versions of its operating system and networking library free from the licensing constraints ofAT&T's copyright-protectedUnix.

In c. 1987, AT&T introduced theSTREAMS-basedTransport Layer Interface(TLI) inUNIX System VRelease 3 (SVR3).^[13]and continued into Release 4 (SVR4).^[14]

Other early implementations were written forTOPS-20,^[15]MVS,^[15]VM,^[15]IBM-DOS(PCIP).^[15][16]

The socket is primarily a concept used in thetransport layerof theInternet protocol suiteorsession layerof theOSI model.Networking equipment such asrouters,which operate at theinternet layer,andswitches,which operate at thelink layer,do not require implementations of the transport layer. However, statefulnetwork firewalls,network address translators,and proxy servers keep track of active socket pairs. Inmultilayer switchesandquality of service(QoS) support in routers,packet flowsmay be identified by extracting information about the socket pairs.

Raw socketsare typically available in network equipment and are used forrouting protocolssuch asIGRPandOSPF,and forInternet Control Message Protocol(ICMP).

• List of TCP and UDP port numbers
• Promiscuous traffic
• WebSocket

• Jones, Anthony; Ohlund, Jim (2002).Network Programming for Microsoft Windows.Microsoft Press.ISBN0-7356-1579-9.

• How sockets work- IBM documentation
• Server Programming with TCP/IP Sockets^{[dead link]}
• Beej's Guide to Network Programming
• Java Tutorials: Networking basics
• Net::RawIP; module for Perl applications.Created bySergey Kolychev.
• SOCK_RAW Demystified: article describing inner workings of Raw Sockets
• C language examples of Linux raw sockets for IPv4 and IPv6- David Buchan's C language examples of IPv4 and IPv6 raw sockets for Linux.