Is the same port acting as both client and server?

networking netstat port tcp

Line: TCP 127.0.0.1:55486 127.0.0.1:55487 ESTABLISHED 5808

Is stating the client is connecting to the port on 55487 for the server while the client uses port 55486.

Line: TCP 127.0.0.1:55487 127.0.0.1:55486 ESTABLISHED 5808

is stating the server is connecting back to the client on port 55486 from 55487.

TCP requires the "3-way handshake" to set up the connection between a client and server.

The client connects to the a server (part 1 of the 3 way handshake). The server responds acknowledging the connection (part 2). The client responds to the acknowledgement with its own acknowledgement (part 3).

TL;DR - Client generally uses random port to connect to a server with a specific port. The server responds back to that machine using the random port. The client and server are NOT on the same port.


I can’t quite tell how much of this you understand now, so allow me to be a little bit pedantic.

Clearly you understand the concept of client and server, so it surprises me that you write, “the Local Address column denotes the client side of a TCP connection and the Foreign Address column denotes the server side.”  That’s wrong; the Local Address column denotes the local side of a TCP connection and the Foreign Address column denotes the foreign (or remote) side.  In other words, the Local Address column denotes the (TCP) socket that a process on your computer is using (i.e., a socket that your computer owns), and the Foreign Address column denotes the socket that the local socket is connected to.  As you seem to understand, processes on your computer can function as servers, so local sockets can be server sockets -- and then the corresponding client socket would be listed as “foreign”.

Things start to get confusing when a client process on your computer connects to a server process on your computer.  Now, this one connection represents two local sockets -- and netstat reports one line for each; one showing the client as local and the server as foreign (even though it really is a local socket), and one the other way around.

Your situation is just a little bit more confusing.  Your jetty server (process 5808) is, of course, creating sockets and accepting connections on them -- that’s what servers do.  But it is creating many sockets at once.  (By necessity, they are on different port numbers; the OS won’t allow multiple sockets with the same protocol and port number to co-exist.)  And it seems to be using random (OS-assigned) port numbers.  For example, as you pointed out, it is listening on port 55484.  I’m not familiar with jetty, so I don’t know whether that is normal.

If you examine your netstat output closely, you’ll see that local process 184, using a socket on port 8081, has a connection to process 5808 / port 55482.

The part that I find really weird is that process 5808 has connected to itself on several of these sockets.  So you have several TCP connections where both sockets are held, not just on the same host, but in the same process.  I don’t think we can tell for sure which end is the client and which is the server.  I would actually guess that the lower port number is more likely to be the server, but that is just a guess.

Related

Shortcut to enable/disable a device in Windows
Dual boot wrong time on windows [duplicate]
Writing a Simple AutoHotkey Script (press a key every X second on desktop)
Unlock bitlocked volume from command prompt?
What does the following notation mean: \\?\c:\ mean?
Configuring firefox to use a chain proxy
Serial Port Polling and Data handling
Youtube Video Header Background
jqGrid auto filter highlighting search result
Merge cells in datagridview
Replace text in a website
Barplots on a Map