A network port is a numbered logical endpoint that identifies a specific service or application on a networked device. A network port lets one device run many services at once, since each service listens on its own port number while sharing a single IP address. The Internet Assigned Numbers Authority (IANA) maintains the official registry of port numbers, which range from 0 to 65535.
This article defines a network port, explains how ports combine with IP addresses to form sockets, describes the three port ranges, lists the common port numbers, compares TCP ports with UDP ports, and explains how ports relate to firewalls and port forwarding. A table lists the common ports and their services.
Each section states one part of the topic and connects it to the numbered endpoint at the center of the definition. The result is a complete account of what network ports are, how port numbers direct traffic, and which ports carry the most common internet services.
What Are Network Ports?
A network port is a numbered logical endpoint that identifies a specific service or application running on a networked device. A network port is a 16-bit number, from 0 to 65535, that the transport layer uses to direct incoming data to the correct service on a device that runs many services at once. The defining traits of a network port are listed below:
- A 16-bit number ranges from 0 to 65535, giving 65536 possible ports on a single device.
- A logical endpoint identifies a service, not a physical connector, on the device.
- One IP address can host many services, each listening on its own distinct port.
- The transport layer reads the port number to deliver data to the correct application.
A network port operates at the transport layer of the suite described in the overview of TCP/IP, where TCP and UDP carry the port numbers. A port works alongside the device address defined in the overview of an IP address to direct traffic to one service among many.
How Do Ports Work With IP Addresses?
A port works with an IP address to form a socket, where the IP address identifies the device and the port number identifies the service on that device. An IP address alone reaches a device, but the port number specifies which application receives the data once it arrives. The relationship between ports and IP addresses is described below:
- An IP address identifies the device on the network and routes data to that device.
- A port number identifies the service on the device once the data arrives.
- A socket combines the IP address and the port into one endpoint, written as address:port.
- A connection links two sockets, one on each device, to carry data between two services.
A socket such as 192.0.2.10:443 names both the device and the service, so the device delivers the data to the web server listening on port 443. The IP address half of the socket follows the addressing in the overview of an IP address, while the port half identifies the application that handles the request.
What Are the Port Number Ranges?
Port numbers divide into three ranges: well-known ports from 0 to 1023, registered ports from 1024 to 49151, and dynamic ports from 49152 to 65535. The IANA assigns the lower ranges to standard services and reserves the highest range for temporary connections. The three port ranges are listed below:
- Well-known ports run from 0 to 1023 and identify standard services such as HTTP and HTTPS.
- Registered ports run from 1024 to 49151 and serve specific applications registered with IANA.
- Dynamic ports run from 49152 to 65535 and serve temporary client-side connections.
- The IANA registry records the official assignment of well-known and registered ports.
A server listens on a well-known or registered port, while a client opens a temporary dynamic port for the outgoing side of each connection, according to IANA. The dynamic range is also called the ephemeral range, since the operating system assigns and releases these ports for the duration of a single connection.
What Are the Common Port Numbers?
Common port numbers include 80 for HTTP, 443 for HTTPS, 22 for SSH, 53 for DNS, 25 for SMTP, and 3389 for RDP, each assigned to a standard service by IANA. A standard service listens on a fixed port so clients reach it without configuration. The common port numbers are listed below:
- Port 80 carries Hypertext Transfer Protocol (HTTP) traffic for unencrypted web pages.
- Port 443 carries HTTPS traffic, the encrypted form of HTTP secured by TLS.
- Port 22 carries Secure Shell (SSH) traffic for encrypted remote command-line access.
- Port 53 carries Domain Name System (DNS) queries that resolve names into IP addresses.
- Port 25 carries Simple Mail Transfer Protocol (SMTP) traffic for sending email between servers.
- Port 3389 carries Remote Desktop Protocol (RDP) traffic for remote graphical access to Windows.
Each common port maps to one protocol, so a firewall or administrator identifies a service by its port number. The IANA records these assignments, and the standard ports stay consistent across operating systems so any client reaches the matching service on any server.
Common Network Ports Table
| Port | Protocol | Service | Transport |
|---|---|---|---|
| 20, 21 | FTP | File transfer | TCP |
| 22 | SSH | Secure remote shell | TCP |
| 25 | SMTP | Email sending | TCP |
| 53 | DNS | Name resolution | TCP and UDP |
| 67, 68 | DHCP | Automatic IP assignment | UDP |
| 80 | HTTP | Web pages | TCP |
| 110 | POP3 | Email retrieval | TCP |
| 143 | IMAP | Email retrieval | TCP |
| 443 | HTTPS | Encrypted web pages | TCP |
| 3389 | RDP | Remote desktop | TCP |
How Do TCP Ports Differ From UDP Ports?
TCP ports and UDP ports use the same numbering range but belong to separate protocols, so port 53 on TCP and port 53 on UDP are different endpoints. A port number is meaningful only together with its transport protocol, since TCP and UDP maintain independent port spaces. The differences between TCP and UDP ports are listed below:
- TCP ports serve connection-oriented services that confirm delivery, such as HTTP and SSH.
- UDP ports serve connectionless services that prioritize speed, such as DNS queries and DHCP.
- The same number can be open on TCP and UDP at once, identifying two distinct endpoints.
- Some services such as DNS use both a TCP port and a UDP port for different operations.
DNS uses UDP port 53 for most queries and TCP port 53 for larger transfers, showing how one number serves two protocols. The reliable and fast transport behind these ports is explained in the overview of TCP/IP, where TCP and UDP operate at the transport layer.
How Do Ports Relate to Firewalls and Port Forwarding?
Firewalls allow or block traffic by port number, and port forwarding directs traffic that arrives on a router port to a specific device and port on the internal network. A firewall uses ports to control which services accept connections, while port forwarding routes external requests to an internal service. The roles of ports in firewalls and forwarding are listed below:
- A firewall rule permits or denies traffic based on the destination port number.
- An open port accepts incoming connections for the service that listens on it.
- A closed port rejects connections, hiding any service that might run behind it.
- Port forwarding maps a router port to an internal device and port so external clients reach it.
Port forwarding lets a service on a private network accept connections from the internet, configured as the guide to setting up port forwarding describes. The router applies the address translation in the overview of NAT as it forwards the traffic from its public port to the internal device.
How Do You Check Which Ports Are Open?
A user checks which ports are open with command-line tools such as netstat, ss, and nmap, which list the ports a device listens on or scan a device for reachable ports. A port check reveals which services accept connections, so an administrator confirms a service runs or finds a port left open by mistake. The tools that check open ports are listed below:
- The netstat command lists active connections and listening ports on Windows, macOS, and Linux.
- The ss command replaces netstat on modern Linux and reports socket and port status faster.
- The nmap scanner probes a remote device across a range of ports to map reachable services.
- The telnet command tests a single port by attempting a connection to one address and port.
A port scan with nmap reports each port as open, closed, or filtered, which shows whether a firewall blocks the port before any service answers. An open port on a device reached from outside the network usually depends on a forwarding rule, configured as the guide to setting up port forwarding describes.
Key Takeaways
- A network port is a numbered logical endpoint that identifies a service on a device.
- A port and an IP address form a socket that identifies one end of a connection.
- Three port ranges are well-known (0-1023), registered (1024-49151), and dynamic (49152-65535).
- Common ports include 80 (HTTP), 443 (HTTPS), 22 (SSH), 53 (DNS), 25 (SMTP), and 3389 (RDP).
- TCP and UDP ports share the numbering range but form separate endpoints.
- Firewalls and port forwarding use port numbers to control and direct traffic.
What is a network port in simple terms?
A network port is a numbered logical endpoint that identifies a specific service on a device. It lets one device run many services at once, since each service listens on its own port number from 0 to 65535.
What are the three port number ranges?
The three ranges are well-known ports from 0 to 1023, registered ports from 1024 to 49151, and dynamic ports from 49152 to 65535. IANA assigns the well-known and registered ranges to services.
What is the difference between a port and an IP address?
An IP address identifies the device on the network, while a port number identifies the service on that device. Together they form a socket, written as address:port, that names one end of a connection.
What are the most common port numbers?
Common ports include 80 for HTTP, 443 for HTTPS, 22 for SSH, 53 for DNS, 25 for SMTP, and 3389 for RDP. Each number maps to one standard service assigned by IANA.
What is the difference between TCP and UDP ports?
TCP and UDP ports use the same numbering range but belong to separate protocols. Port 53 on TCP and port 53 on UDP are different endpoints, and some services such as DNS use both.
What is port forwarding?
Port forwarding directs traffic arriving on a router port to a specific device and port on the internal network. It lets a service on a private network accept connections from the internet.
Last Thoughts on Network Ports
A network port is the numbered logical endpoint that directs traffic to the correct service on a device, letting one IP address host many services at once. The port combines with the IP address to form a socket, and the three ranges, well-known, registered, and dynamic, separate standard services from temporary connections.
Common ports such as 80, 443, 22, 53, 25, and 3389 carry the most used internet services, TCP and UDP maintain separate port spaces, and firewalls and port forwarding use port numbers to control traffic. Readers can continue with the overview of TCP/IP, the overview of an IP address, the guide to setting up port forwarding, or the guide to how networks work.
