TCP Sockets and Netstat

Unanswered Question
May 23rd, 2008
User Badges:

Hi there,


Got this scenario regarding connectivity and its case of... is it network or application related? Here is the scenario...


We have an application which connects to some services over the public internet. The application does require specific security certificates to run successfully.


The application uses TCP as the transport method and only works on port 15000.


The machine this application runs on has internet access and can browse freely, no firewalls are on the route to reach outside of the campus.


When the application is started I can see from netstat a socket is being established successfully on TCP with a random none reserved port, a source ip, destination ip and destination port 15000.


Would it be safe to say when the socket has been established the fault may lie above lay 4 (not 4) of the OSI model. In other words security certificates, application configuration etc, because, for the socket to be established, a packet has left the machine, routed through port 15000, hit the services (the destination), the TCP/IP software on the services have reversed the source and destination IP and port to get back to the source machine to establish the connection (socket)?


Internet is good on HTTP using TCP as the transport method, the application is using similar methods to transfer data.


I bet there's much more that would need investigation but I think my question is related to - when a TCP sockets has been established what does this tell you?


Thanks for reading,


Garry


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ralphcarter Fri, 05/23/2008 - 12:29
User Badges:

Ok so, Application server listens on port 15000 for this service.


Clients connect to the machine on port 15000.


Clients PC picks a high port and creates a tcp session with this server.


Example:


Client IP 1.1.1.1 Source Port 22222

Client Destination IP 2.2.2.2 Port 15000


Application receives this request and processes it. It responds to the Client via the Port the client originally initiated.


Example Response:


App Server IP 2.2.2.2 Source Port 15000

App Server Destination IP 1.1.1.1 Port 22222



You can verify this in netstat.

Actions

This Discussion