It’s a hotel! The IP address is the street address of the resource and the ports are the individual rooms you go to ask for specific resources.

If you go to a website the following analogy plays out:

1. You need to know where to go. You have a hotel name (Website). We use DNS (phone book) to turn that hotel name into a locally reachable street (IP) address.
2. You then use navigation software to determine the route to get there the best way (routing).
3. Once you arrive you are expected to check in for access. This could include the need for the room to let reception (firewall) know who is coming. If you don’t show up knowing the guest name, or have an exception already registered at the front desk, you will not be able to pass. (Firewall rules).
4. Now that you’re inside you need to know which room to go to for the website. This is provided in the address you started with. If you are looking for www or e-mail those rooms are implied as 80 & 443 or 25 & 587.
5. Go to room 80 and they will probably tell you to go to room 443 for a private conversation instead of yelling. This is a re-direct.
6. Once you knock on room 443 you’ll be asked if you agree to whisper your converation through a special language (cypher) like pig latin.
7. If you are capable and agree to speak pig latin (SSL Handshake) then room 443 will ask where you are from or if you have a special token to provide some form of identity.
8. To secure this special token of identity they will provide a secure mail slot where you, or any other visitor, can safely place a secure token in knowing that whilst anyone can deposit safely in this box only the box owner on the other side of the door can retrieve the contents. (Public-key encryption)
9. If room 443 trusts where you’re from or recognizes your token you will now have some trust in the conversation and communication ensues. You now have access to the website within.