What TCP port to use with SeaCat

Introduction

SeaCat requires to specify one TCP port that is eventually used for client-gateway communication. Clients connect to this port to establish TLS channel that is used to exchange requests and related responses. SPDY-based communication protocol is used for traffic in this channel.

SeaCat protocol stack
SeaCat: Protocol stack

TCP ports reachability

Google performed investigation during WebSocket implementation (late 2009) that showed surprising facts about success rate of client-to-server connections:

  • HTTP port 80: 67%
  • Custom TCP port (61985): 86%
  • HTTPS port 443: 95%

The reason for low HTTP score is that the Internet is today full of proxies and firewalls that are configured to be transparent to HTTP traffic. However, non-HTTP traffic doesn't successfully pass them. Detailed reasoning can be found here: SPDY Essentials presentation from Google at approx. 18th minute of the video.

443 or custom port

SeaCat communication protocol is up to Session layer compatible with HTTPS protocol stack, HTTPS client that connects to SeaCat gateway is politely rejected with no harm on both sides. SeaCat traffic is indistinguishable from HTTPS traffic for intermediates on the network path, and,therefore, it shares the same success rate of connections. For these reasons TCP port 443 is recommended choice for SeaCat.

If for whatever reason you cannot use this port, use any TCP port above 1024 (non-reserved ports). You will likely got little bit worst connection success rate but still useful for practical deployments in common network scenarios.

Need help?

Do you want to review your SeaCat-related design proposal?

Do you have a question we didn’t cover?

Do you want to give some feedback?

Feel free to contact us support@teskalabs.com.

About the Author

Ales Teska

TeskaLabs’ founder and CEO, Ales Teska, is a driven innovator who proactively builds things and comes up with solutions to solve practical IT problems.


TurboCat.io

Data anonymization tool for GDPR

More information


You Might Be Interested in Reading These Articles

SeaCat tutorial - Chapter 3: Introduction to REST Integration (iOS)

The goal of this article is to extend the knowledge and develop an iOS application which is able to comunicate with REST interface provided by Node.js that we are going to create as well. A full integration with SeaCat is essential for information security of our example.

Continue reading ...

tech tutorial ios osx

Published on October 07, 2014

SeaCat trial for iOS on Mac OSX

This blog entry is meant to help you to start using SeaCat component on your Xcode iOS development environment. It contains instructions how to install and configure SeaCat gateway and how to integrate SeaCat client into your iOS application. SeaCat gateway is a secure gate to the restricted network. It allows access only to selected HTTP hosts and prevents exposure of others. It also secures communication with SeaCat clients that are typically in the Internet. SeaCat client becomes part of said mobile application and provides secured channel to SeaCat gateway and to target hosts in the restricted network. It ensures mutual security of the connection and transferred data.

Continue reading ...

tech trial ios osx

Published on March 14, 2014

Software architect's point of view: Why use SeaCat

I've recently received an interesting question from one software architect: Why should he consider embedding SeaCat in his intended mobile application? This turned into a detailed discussion and I realised that not every benefit of SeaCat technology is apparent at first glance. Let me discuss the most common challenges of a software developer in the area of secure mobile communication and the way SeaCat helps to resolve them. The initial impulse for building SeaCat was actually out of frustration of repeating development challenges linked with implementation of secure mobile application communication. So let's talk about the most common challenges and how SeaCat address them.

Continue reading ...

tech development

Published on April 16, 2014