Why Ports Exist
An IP address identifies a device on a network — a server, a router, a laptop. But a server running a website, an email service, and an SSH daemon all at the same time needs a way to tell incoming packets apart. That is what port numbers do. A port is a 16-bit number (0–65535) included in the TCP or UDP header of every packet. When a packet arrives at an IP address, the operating system reads the destination port and hands the data to whichever application is listening on that port.
Think of an IP address as a building's street address and a port number as an apartment number within that building. Mail (packets) arrives at the building (IP address) and is delivered to the specific apartment (port) where the intended recipient (application) lives. Without port numbers, every IP address could only serve one application at a time — port numbers are what allow a single server to simultaneously serve web pages on port 443, accept SSH connections on port 22, and handle email on port 25.
Port numbers exist in the transport layer (TCP and UDP). Each protocol has its own independent port space — TCP port 80 and UDP port 80 are distinct endpoints. The combination of protocol, IP address, and port number uniquely identifies a network endpoint, called a socket.
The Three Port Ranges
| Range | Name | Assigned By |
|---|---|---|
0–1023 | Well-known ports (system ports) | IANA; require root/admin privileges to bind on most operating systems |
1024–49151 | Registered ports | IANA upon application; used by specific services but do not require root |
49152–65535 | Dynamic / ephemeral ports | Assigned automatically by the OS for outbound client connections |
Well-known ports (0–1023) are assigned by IANA (the Internet Assigned Numbers Authority) and are reserved for core internet services. On Unix-like systems, binding to these ports requires root privileges — a deliberate security measure to prevent unprivileged processes from impersonating trusted services. Registered ports (1024–49151) are also assigned by IANA for specific applications but do not require elevated privileges to use. Ephemeral ports are assigned on the fly by the operating system when an application initiates an outbound connection.
Common Port Numbers to Know
| Port | Protocol | Service |
|---|---|---|
20/21 | TCP | FTP (data / control) |
22 | TCP | SSH (Secure Shell) — encrypted remote terminal access |
25 | TCP | SMTP — email delivery between mail servers |
53 | TCP/UDP | DNS — domain name resolution |
67/68 | UDP | DHCP (server/client) — automatic IP address assignment |
80 | TCP | HTTP — unencrypted web traffic |
443 | TCP | HTTPS — encrypted web traffic (TLS) |
3306 | TCP | MySQL database |
3389 | TCP | RDP — Windows Remote Desktop Protocol |
8080 | TCP | HTTP alternate — commonly used for development servers and proxies |
TCP Ports vs UDP Ports
TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) each have their own separate port number space. A service listening on TCP port 53 and a service listening on UDP port 53 are separate endpoints — DNS happens to use both, with UDP for standard queries and TCP for large responses and zone transfers.
TCP ports are associated with connection-oriented communication: before data flows, a three-way handshake establishes the connection, and the OS maintains state for each active connection. UDP ports are connectionless — packets are sent without establishing a session, and the OS does not maintain connection state. This makes UDP faster and suitable for latency-sensitive applications like DNS lookups, VoIP, and online gaming, where the overhead of connection setup would add unacceptable delay.
When you run a port scanner like nmap, it checks both TCP and UDP independently. A port can be open on TCP while closed on UDP and vice versa, for the same port number.
Port Forwarding: Opening Ports in Your Router
Because NAT blocks all unsolicited inbound connections by default, services you run behind a home router (a game server, a NAS, a web server) are not reachable from the internet unless you configure port forwarding. Port forwarding is a rule in your router's NAT table that permanently maps an external port to an internal IP address and port.
For example: to host a Minecraft server at 192.168.1.50 on your home network, you add a port forwarding rule mapping external TCP port 25565 to 192.168.1.50:25565. When someone outside your network connects to your public IP on port 25565, the router forwards the connection to your server. Without this rule, the router has no entry in its NAT table for unsolicited inbound connections on that port and drops them silently.
Port forwarding requires knowing your internal server's IP address, which should be made static (either by assigning a static IP on the server or by reserving an IP via DHCP based on the server's MAC address). If the internal IP changes, the forwarding rule points to the wrong device.
Frequently Asked Questions
What is a port number?
A port number is a 16-bit integer (0–65535) that identifies a specific process or service on a networked device. The port number in a TCP or UDP header tells the operating system which application should receive the data in a packet.
How many ports are there?
There are 65,536 possible port numbers (0–65535) for both TCP and UDP independently. In practice, ports 0–1023 are well-known system ports, 1024–49151 are registered ports, and 49152–65535 are ephemeral (dynamic) ports used by client applications.
What is port 80 used for?
Port 80 is the standard port for HTTP — unencrypted web traffic. Browsers connect to port 80 by default for http:// URLs and to port 443 for https:// URLs. Most web servers redirect port 80 traffic to HTTPS on port 443.
What is port forwarding?
Port forwarding is a router rule that directs inbound connections on a specific external port to a specific internal device and port. It creates an exception in NAT to allow external devices to initiate connections to services running behind your router.
What does "port blocked" mean?
A blocked port is one where a firewall, router, or ISP drops packets destined for that port number. ISPs commonly block port 25 on residential connections to prevent spam. A blocked port causes connection timeouts — the packet is discarded silently rather than refused.
What is an ephemeral port?
An ephemeral port is a short-lived port number assigned automatically by the OS to a client application for the duration of a connection. When your browser connects to a web server, the OS assigns a random ephemeral port (typically 49152–65535) as the source port. When the connection closes, the port is released.