# IP Addresses and Ports

### Introduction

In this lesson, we'll learn about both ip addresses in ports.  IP addresses is how any computer connected to the Internet is identified.  As we'll see, this includes both our local computer and a computer hosting a website, like our EC2 machine.  We can use our knowledge of IP addresses to potentially restrict which computers can access our EC2 machine.  We'll also learn about network ports, which will allow to enable access to specific services on our EC2 machine, while preventing access to our entire computer.

### What are IP Addresses

When we use the Internet, there are a lot of similarities to sending a letter through the mail.  When mailing a letter, we need to identify is where we are sending the letter to, and the receiver of the letter needs to know where to respond.  With the mail system, we do this with the mailing address address.

It is the same with making a request to a website.  We need to identify the computer we are making the request to (the server).  And that computer needs to know where to send back this response.  For this, each computer connected to the Internet is given an ip address.

A typical IP address looks like the following:

`192.168.1.102`

### Identifying the IP address

We can see the ip address of a website, by going to our terminal and using `ping`.  For example, let's find the IP address of Google.

`ping www.google.com`

<img src="./ping-google.png" width="60%">

So we can see from the above that google's ip address is 172.217.10.36.  

> And you can confirm that by typing the number (instead of google.com) inside of a browser.

We can also see the IP address of our computer.  We can do this by going to the terminal and typing `ipconfig getifaddr en0`:  

In [5]:
!ipconfig getifaddr en0

# 192.168.1.10

192.168.1.10


So as we can see that both the servers like Google, and our local computers connected to the Internet are given an ip address.  This is what allows us to make a request for information, and for a website like Google to send a response.

### Components of an IP Address

Now there are two versions of IP addresses generally used today.  IPv4 is what the majority of systems support, while IPv6 is increasing in popularity.  Essentially, there are so many internet-connected devices that we were running out of IPv4 addresses.  

A typical IPv4 address looks like the following:

`192.168.0.5`

The important part is that there are four segments -- separated by a dot -- and each segment represents 8 bits.  What is a bit?  

Well it's easier to answer that if we represent the ip address in binary.

`1100 0000 - 1010 1000 - 0000 0000 - 0000 0101`

So above is now a binary version of the above ip address.  Notice that just like our original version, there are four segments of the address.  And the eight bits are the eight characters of 1 or 0 in each segments.

> We don't need to go too deep into binary, but we notice that the last segment, the number 5 is represented by the digits `0000 - 0101`.  This is because, going from right to left, there is one 1, zero 2s and one fours to equal five.

### A bit about ports

Now we know that when a user makes a request to our website, they are doing so by specifying the IP address of the computer that hosts that website.  But we may not want to allow the user to access every service on the computer.  So how do we allow access to just one of these services without allowing access to the others?

It turns out that each service (really a process) in Linux can be accessed a specific location called a **port**.   This port is specified when we access a service.  For example, when we try to connect to our local flask application, by default this service can be accessed at port 5000.

<img src="./flask-running.png" width="60%">

And when we access Google's website, we are really accessing by the ip address followed by port 80.  So while we can access Google's website by visiting http://172.217.10.36:80, we cannot do so if we try to access a different service other than website by visiting a different port like http://172.217.10.36:800.  This is because Google only us access to the port 80, which is where the website is accessible.

With AWS, we also specify which ports, and thus which services we expose to the outside world.

> Take a look at the `Port Range` value below.

<img src="./ssh-ip-address.png" width="100%">

There we are allowing access to the AWS machine at port 22, which is the port associated with SSH.  If your curious, below is a list of services and the commonly assocciated port numbers [from Wikipedia](https://en.wikipedia.org/wiki/Port_(computer_networking)#Common_port_numbers).

<img src="./common-ports.png" width="50%">

And if we want to see a list of the ports associated with the running services on our machine, we can see them through the `top` program. 

> Notice that the 7th column from the right is responsible for listing the ports.

<img src="./top_port.png" width="90%">

### Summary

In this lesson, we gained a deeper understanding of ip addresses.  An ip address is used to identify all computers connected to the Internet.  An IP address identifies consists of both a network ID, which identifies *the network* where a connected device can be found, and the host id which identifies a particular computer.  When we set up which machines can connect to our EC2 machine, we can do so through the ip address.  

Then we learned about ports, which are assigned to each service (or process) running on our computer.  We can then use this to only allow external access to specific certain ports, and thus specific services.