I know that when I request example.com my browser actually deafults to example.com:80 . However my ISP block the 80 port from listening so HOW do I receive the responses from my requests if the port 80 is blocked? It should not work, isnt?
Asked
Active
Viewed 3.2k times
3 Answers
10
When you make an HTTP request (in fact, any TCP request), there are two ports involved. There is port 80 on the destination (in your case, "example.com"), and there is a port on your computer; this port is called the "source port" since your computer is the source of the request.
Typically, your computer will pick a random port number over 1,000 (for example, 3,135 or 45,978), since low-numbered ports are easily remembered (and blocked) and are typically used for hosting services (such as a web site on port 80). Because the source port is created by your computer for the purpose of talking to example.com on port 80, it won't be open very long (just long enough to do its job). These are sometimes called "ephemeral ports"; see http://en.wikipedia.org/wiki/Ephemeral_port
Douglas Manley
- 1,093
- 13
- 18
-
Thank you so much! Now it makes a lot more sense! However in the TCP protocol in Wiki there is no fragment indicating in the first request (SYN) which port the webserver must send the ACK. So how does the webserver knows the random port it must connect to send the ACK? – Samul Nov 28 '13 at 00:56
-
The originating port and destination port are all in the [TCP packet header](http://en.wikipedia.org/wiki/Transmission_Control_Protocol#TCP_segment_structure). – Amadan Nov 28 '13 at 00:59
-
In the TCP header, the first 16 bits are the source port and the second 16 bits are the destination port. That information is present in all TCP packets. See: http://en.wikipedia.org/wiki/Transmission_Control_Protocol – Douglas Manley Nov 28 '13 at 01:00
2
However my ISP block the 80 port from listening
As a point of terminology, you can't block a port from listening; what I think you mean is your ISP is rejecting incoming connections on port 80 (i.e. from world to your computer). However, outgoing connections (from your computer to the world) are separate from incoming, and that is what you are using when you use your browser.
It is usually okay to just say "ISP blocks my port 80", but it is important to understand here what specifically is going on.
Amadan
- 191,408
- 23
- 240
- 301
-
But when the TCP protocol starts there is the handshake. I first start the connection with the SYN on port 80. After that the server send like a ping (ACK) to the IP:80 of my internet connection. If my ISP blocks the port 80 how does this request (PING) can reach my browser back? – Samul Nov 28 '13 at 00:48
-
No, when you create an outgoing connection, you connect a random local port (say, 20385) with the remote port 80. Thus, the incoming packets get through since they are targetting 20385, not 80. – Amadan Nov 28 '13 at 00:50
-
I am sorry but you are wrong. I could spoof my IP in the SYN so the server has to make sure I am the owner of the IP. SO THE webserver will start a new connection to the IP that requested the initial connection using the port 80. I have no idea how this request made by the webserver is reaching my browser since if I try to open MY_IP:80 nothing opens (of course, the port 80 is blocked). – Samul Nov 28 '13 at 00:52
-
Again, no. The TCP connection only ever involves two ports: the remote port you're connecting to and the random local port. You might be thinking of [Ident protocol](http://en.wikipedia.org/wiki/Ident_protocol), which may or may not be initiated by the remote server, has nothing to do with port 80 (it happens on 113), and is not a part of TCP protocol. – Amadan Nov 28 '13 at 00:56
0
So typically for you to be able to do this you would need a proxy pass reverse proxy server. Been shopping around to try to find a free one and came across proxypassed.com, I contacted their help email and they claim to do exactly what you are trying to achieve worth giving them a shot when they launch might solve your problem.
