Wide Area NetworkingThis newsletter is sponsored by Raritan Computer, Inc. Data Center Build outs Simplified Network World's Wide Area Networking Newsletter, 09/06/07Ignore the port 80 black hole at your perilBy Steve Taylor and Jim MetzlerEven though Steve was trained as a physicist, we usually spend more time in this newsletter discussing topics such as application delivery than we do talking about physics. In this newsletter we get to discuss both. Let’s start with application delivery. As previous newsletters have pointed out, managing application performance in general, and identifying the applications that are running on a network in particular, are both very complex tasks. There are, however, some factors that we have not previously discussed that make these tasks even more difficult. One of those is the volume of traffic that runs undetected over port 80. This is sometimes referred to as the port 80 blind spot. Now let’s switch (briefly) to physics. According to Wikipedia, a black hole is a region of space whose gravitational field is so powerful that nothing can escape it once it has fallen past a certain point. Given the growing volume of traffic that typically transits port 80 combined with the risk associated with not being able to manage that traffic we feel justified in calling this phenomena the port 80 black hole.
As a point of reference, in TCP/IP and UDP networks a port is an endpoint to a logical connection and is numbered from 0 to 65535. The ports that are numbered from 0 to 1023 are reserved for privileged services and are designated as well-known ports. For example, port 80 is the port that the server listens to expecting to receive data from Web clients. Some applications, however, have the ability to hop between ports. A good example of this is instant messaging software such as AOL’s Instant Messenger (AIM). AOL has been assigned ports 5190 – 5193 for its Internet traffic and AIM is typically configured to use these ports. If these ports are blocked, however, AIM will use port 80. As a result, a network manager might well think that by blocking ports 5190 – 5193 they are blocking the use of AIM when in reality they are not. Skype is a well-known, peer-to-peer based IP telephony and IP video service. Many peer-to-peer applications, including Skype, change the port that they use each time they start. In addition, Skype is particularly adept at port-hopping with the aim of traversing enterprise firewalls. Entering via UDP, TCP, or even TCP on port 80, Skype is usually very successful at passing typical firewalls. We are not saying that network managers should block applications like AIM or Skype. That is a policy decision that needs to be made by the management of the company. What we are saying is it is difficult to see how we can be successful with application delivery if we ignore the port 80 black hole and continue to let growing volumes of traffic transit our networks without the ability to identify and control this traffic.
|
Contact the author: Steve Taylor is president of Distributed Networking Associates and publisher/editor-in-chief of Webtorials. For more detailed information on most of the topics discussed in this newsletter, connect to Webtorials, the premier site for Web-based educational presentations, white papers, and market research. Taylor can be reached at taylor@webtorials.com Jim Metzler is the Vice President of Ashton, Metzler & Associates, a consulting organization that focuses on leveraging technology for business success. Jim assists vendors to refine product strategies, service providers to deploy technologies and services, and enterprises evolve their network infrastructure. He can be reached via e-mail. This newsletter is sponsored by Raritan Computer, Inc. Data Center Build outs Simplified ARCHIVEArchive of the Wide Area Networking Newsletter. BONUS FEATUREIT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE International subscribers, click here. SUBSCRIPTION SERVICESTo subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007 |
No comments:
Post a Comment