My IP Help

Port

Also known as: Network port, TCP port, UDP port

A 16-bit numeric endpoint (0 to 65,535) that allows a single IP address to host multiple network services at once, each addressable by a different port number.

Last updated:

What is a port?

A port is a 16-bit numeric endpoint used by TCP and UDP to demultiplex traffic arriving at a single IP address across multiple running services. Port numbers range from 0 to 65,535. The combination of an IP address and a port number is called a socket (e.g. 192.0.2.10:443). Every TCP or UDP packet has a source IP, source port, destination IP, and destination port — this 4-tuple uniquely identifies a connection.

Ports let a single web server handle HTTPS on port 443, a mail server on port 25, and an SSH daemon on port 22 without interfering with each other.

Port number ranges

IANA divides the port space into three ranges (RFC 6335):

  • Well-known ports (0–1023) — reserved for system services. On Linux and macOS, binding to these ports requires root or administrator privileges.
  • Registered ports (1024–49151) — assigned by IANA on request to specific applications (3306 MySQL, 5432 PostgreSQL, 6379 Redis, etc.)
  • Dynamic / ephemeral ports (49152–65535) — assigned by the OS on the fly to outbound client connections

Common ports worth knowing

| Port | Protocol | Service | |-----:|----------|---------| | 22 | TCP | SSH | | 25 | TCP | SMTP | | 53 | TCP/UDP | DNS | | 80 | TCP | HTTP | | 110 | TCP | POP3 | | 143 | TCP | IMAP | | 443 | TCP | HTTPS | | 3306 | TCP | MySQL | | 3389 | TCP | RDP |

Open, closed, filtered

When probing a port from outside, responses fall into three categories:

  • Open — a service is listening; the TCP handshake completed
  • Closed — no service is listening; the host replied with a RST
  • Filtered — a firewall is silently dropping packets, so nothing came back

Our port checker performs a TCP connect test from an external host and reports which of the three states applies.

Frequently Asked Questions

An IP address identifies a host on the network — like a street address. A port identifies a specific service running on that host — like a department or apartment number at that address. The combination (`192.0.2.10:443`) uniquely identifies a single service on a single host. A web server might run on port 443, a mail server on port 25, and an SSH daemon on port 22, all sharing the same IP address without conflict.
Not at the same time on the same protocol. Only one process can bind a given (IP, port, protocol) tuple — a second `bind()` call will fail with "Address already in use". TCP and UDP have separate port spaces, so a service can listen on TCP 53 and another on UDP 53 simultaneously (this is exactly what DNS servers do). To run multiple services on the same TCP port, you need a reverse proxy that demultiplexes by hostname (SNI) or path.
It is a Unix tradition dating to the 1980s designed to prevent ordinary users from impersonating system services like SSH, mail, or web. The kernel only allows root or processes with the `CAP_NET_BIND_SERVICE` capability to bind to ports under 1024. Modern deployments often work around this with capabilities, systemd socket activation, port-forwarding rules, or by binding to a high port and reverse-proxying through nginx/HAProxy on 443. Windows does not enforce the restriction.
An ephemeral (or dynamic) port is a high-numbered port the operating system temporarily assigns to a client for an outbound connection. When your browser opens a TCP connection to a server on port 443, the kernel picks a random port (typically in the 32768-60999 range on Linux, 49152-65535 per IANA) for the local side. The connection is identified by the 4-tuple of source IP + source port + dest IP + dest port, so each new connection gets a different ephemeral port.
They share the same numbering scheme (0-65535) and the same IANA registry, but TCP and UDP have completely independent port spaces. So `tcp/53` (DNS over TCP) and `udp/53` (DNS over UDP) are different endpoints, and a service can listen on both at once. By convention IANA assigns the same port number to both transports for protocols that use either, but the two spaces are technically separate.
Back to glossary