In IPv4 the protocol number is a numeric identification of an upper layer protocol that the IP packet is sent to.

Some of those protocol numbers are UDP, TCP, and ICMP within IPv4.

Within UDP and TCP you will get your port numbers and the combination of a source port number and a destination port number will constitute a socket connection where traffic will flow. Basically HTTP, FTP, SMTP etc. are port numbers that are a subset of the protocol TCP which are part of IPv4.

Hope this helps.


carl_townshend Thu, 12/20/2007 - 07:14
User Badges:

can anyone please explein on this a little further ? i gather the protocols are just numbers ? what layer of the osi model do they site at generally ?

Danilo Dy Thu, 12/20/2007 - 07:34
User Badges:
  • Blue, 1500 points or more


TCP and UDP are transport protocols use for communication between systems - they operates from OSI L4 (Transport) to L7 (Application). Here is the link to TCP and UDP ports

IP is network protocol - it operates at OSI L3 (Network). Here is the link to IP Protocol



carl_townshend Fri, 12/21/2007 - 06:47
User Badges:

can anyone tell me why we use protocol numbers on firewalls then, like protocol GRE 47 etc? how come in some instances we permit a protocol number rather than a tcp/udp port ?

rajatsetia Fri, 12/21/2007 - 08:44
User Badges:
  • Bronze, 100 points or more


hmmm lets see it this way -

OSI Model - 7 Layers

IP is network layer protocol along with many others like ARP or MPLS

now in IP header contains a field which let you know about next encapsulated protocol i.e. GRE, UDP or TCP (Layer 4)

then at transport layer protocols like TCP or UDP have port number field in their header to idetify the application layer protocols (HTTP, NTP etc)

so when you decide to permit GRE through firewall then GRE is at same layer as TCP/UDP i.e. transport layer and transport layer protocols are identified with IP protocol number i.e. 47 for GRE.

port number identify the application layer protcols and are part of transport layer protocol's header like HTTP is identified by TCP port 80 ..




Danilo Dy Mon, 12/24/2007 - 08:01
User Badges:
  • Blue, 1500 points or more

Hi Carl,

TCP and UDP port is in the header of a data packet. They are used to map data to a particular process running on a system. Their payload is actually data

Protocol like GRE, does not carry data. Their payload is management of network layer. All routing procotols are part of OSI Network Layer (L3).

We permit protocol 47 (GRE) in a firewal simply because GRE does not have an upper level protocol. The most common protocol that we permit in the firewall and we have not noticed that its neither TCP or UDP is ICMP.




This Discussion