TCP socket is a fundamental concept in the operation of TCP/IP application world. We will deep dive into the details of how the TCP socket works.
Table of Contents
For example, if we have a website running on IP address 100.1.1.1, the socket corresponding to the HTTP server for that site would be 100.1.1.1:80.
Sockets are classified into stream sockets, socket.SOCK_STREAM, or datagram sockets, socket.SOCK_DGRAM, depending on the underlying protocol we use.
TCP socket is a connection-oriented socket that uses the Transmission Control Protocol (TCP). It requires three packets to set up a connection: the SYN packet, the SYN-ACK packet, and the ACK packet. TCP socket is defined by the IP address of the machine and the port it uses. The TCP socket guarantees that all data is received and acknowledged.
For example, we are sending an HTTP request from our client at 120.1.1.1 to the website at 189.1.1.1. The server for that website will use well-known port number 80, so its socket is 189.1.1.1:80, as we saw before. we have been ephemeral port number 3022 for the web browser, so the client socket is 120.1.1.1:3022. The overall connection between these devices can be described using this socket pair: (189.1.1.1:80, 120.1.1.1:3022).
With this Python example, we can better understand how TCP socket works. Let’s create a TCP client socket. This is to connect to the remote port 80 on google.com.
# python -c ‘import socket;client_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM);client_socket.connect((“google.com”, 80))’
Then we can use netstat command to check the connection in Linux. All the data will be transferred over this connection. So this TCP socket pair is (10.254.222.37:58596, 172.217.161.78:80)
# netstat -anpl|grep :80
tcp 0 0 10.254.222.37:58596 172.217.161.78:80 TIME_WAIT –
For TCP socket, we must create a connection first before sending data to the other side. The following Python command can be used to demonstrate this. It will connect to port 22 on remote host 10.254.222.37 and send some data over this connection and print out the data we receive.
# python -c “import socket ; s = socket.socket(socket.AF_INET, socket.SOCK_STREAM); s.connect((‘10.254.222.37′, 22)); s.sendall(b’Hello, world’);data = s.recv(1024);print data”
SSH-2.0-OpenSSH_7.4
If we try to send data to port 23 on the same host, we get some failure messages because the connection is refused.
# python -c “import socket ; s = socket.socket(socket.AF_INET, socket.SOCK_STREAM); s.connect((‘10.254.222.37′, 23)); s.sendall(b’Hello, world’);data = s.recv(1024);print data”
Traceback (most recent call last):
File “”, line 1, in
File “/usr/lib64/python2.7/socket.py”, line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 111] Connection refused
Unlike TCP, UDP is a connectionless protocol, so it obviously doesn’t use connections. The pair of sockets on the sending and receiving devices can still be used to identify the two processes that are exchanging data, but because there are no connections, the socket pair doesn’t have the significance that it does in TCP.
With the following example, we can send some data to remote port 23 with UDP protocol.
We can see that the packet is sent out successfully. UDP doesn’t care if the packet is received by the other endpoint or not.
# python -c “import socket ; s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM); s.sendto(‘hello I am client’,(‘10.254.222.37’, 23)); ”