Network port (computer networking)

A network port is a 16-bit number used by transport protocols (TCP, UDP) to direct traffic to a specific process or service on a host. Ports enable multiple services, are grouped by ranges, and are managed and filtered by systems.

Overview

A network port is a numeric identifier assigned by transport-layer protocols to direct network traffic to the correct application or service on a host. In the Internet Protocol suite a port number, combined with an IP address and a transport protocol, defines a network endpoint. This combination is commonly referred to as a socket or a four-tuple (source IP, source port, destination IP, destination port). Ports help multiple services coexist on the same machine, similar to room numbers within a street address.

Technical characteristics

Ports are 16-bit unsigned integers with valid values from 0 through 65,535. Each transport protocol maintains its own namespace, so TCP port 80 and UDP port 80 are separate and may be used independently. TCP provides connection-oriented communication using ports to establish and maintain sessions; UDP is connectionless and uses ports to deliver datagrams to the appropriate receiving process. Operating systems expose application programming interfaces (APIs) that let programs bind to ports and listen for incoming traffic or send from ephemeral ports.

Port ranges and assignments

Port numbers are commonly grouped by intended use and administrative policy. The Internet Assigned Numbers Authority (IANA) maintains a registry of standard assignments:

Well-known ports (0–1023): Historically reserved for core system services and standard protocols; many systems require elevated privileges to bind to these ports.
Registered ports (1024–49151): Used by ordinary applications and services that register preferred defaults.
Dynamic/private ports (49152–65535): Typically used for ephemeral client ports and temporary allocations.

Practical usage

Servers commonly listen on known ports so clients can find and connect to services (for example, HTTP or HTTPS). Clients usually use ephemeral ports for the local endpoint of an outgoing connection. When two hosts communicate, their sockets include both local and remote ports; network monitoring tools display these to help identify sessions. Common utilities for examining ports and connections include netstat, ss, lsof and service-specific diagnostic tools.

Address translation, forwarding and firewalls

Network devices and host software often manipulate ports to permit sharing of limited public addresses or to control access. Network Address Translation (NAT) rewrites addresses and port numbers so multiple internal hosts can share a single public IP address; administrators use port forwarding to map external ports to internal services. Firewalls and packet filters can permit or block traffic based on source or destination ports, IP addresses and protocol. It is common to check whether an intermediate device, such as a firewall, is blocking a port when troubleshooting connectivity.

Security considerations

Ports are a frequent focus for security controls because open ports indicate reachable services. Port scanning tools are used by administrators and attackers alike to discover services. Best practices include running minimal services, closing unnecessary ports, using nondefault ports only with caution, and combining host-based controls with network-level filtering. On many Unix-like systems, binding to ports below 1024 requires administrative rights, which provides a simple limit on which programs can impersonate standard system services.

Operational notes and limitations

Although any program may choose an unused port within policy constraints, operational issues can arise. Port exhaustion can occur when many ephemeral ports are in use or when sockets remain in transitional states. Some systems provide options to reuse ports for specific scenarios, but those options require careful configuration to avoid conflicts. Because port assignments and default ranges can vary between platforms, administrators often consult registry information and platform documentation when configuring services.

For background on addressing that complements the role of ports, see a discussion of network addresses. Note: The 16-bit port space is part of early TCP/IP design and shapes many modern deployment and security practices.