428

What is the highest port number one can use?

username
  • 15,721
  • 11
  • 37
  • 44

8 Answers8

600

The port number is an unsigned 16-bit integer, so 65535.

Greg Hewgill
  • 828,234
  • 170
  • 1,097
  • 1,237
  • 234
    "Hey, Jim, how many ports should we support?" "Just make it 16 bits for good measure. No one will ever have more than a few hundred open at once, tops." – JessieArr Sep 12 '14 at 13:41
  • 1
    @JessieArr and since you seem to be taking a leaf out of bill gate's book with his famous line about RAM, which was a statement made long ago that 640KB RAM would easily be enough in the future, and of course it is not.. Are you also trying to suggest that you think 16 bits/65536 isn't enough? (And how would having a few hundred open ports make 65536 ports not enough?) – barlop Jul 13 '16 at 18:23
  • 4
    @barlop I was suggesting that when they first created ports, a single machine with hundreds of connections was probably considered a worst-case scenario. But today web servers, network devices, etc. can definitely bump up against port count limitations. Microsoft wrote an interesting Technet article about how to diagnose and avoid it in Windows environments: https://blogs.technet.microsoft.com/askds/2008/10/29/port-exhaustion-and-you-or-why-the-netstat-tool-is-your-friend/ – JessieArr Jul 13 '16 at 20:04
  • 3
    @JessieArr in both those cases it's not really a 65536 issue, it's an issue of A)programs not releasing connections, leaving them in a "WAIT" state that netstat shows combined with B)some earlier windows versions only going from 1024-5000 for dynamic ports.And even then, who knows if that ever even happened,since no program has ever bothered to report to anybody that it couldn't get a dynamic port, neither has windows.So it's a thoretical problem not even really caused by the 65536 number.The Web browser may be the biggest user of connections.I have 297 lines in my netstat output. Far from 65K – barlop Jul 14 '16 at 00:02
  • 3
    @JessieArr Most IP stacks use a tuple of Source IP address, Source port, Destination IP address and Destination port as a unique identifier for connections. This means that a server can have many _many_ more active connections than there are available open ports, and the amount of ports only places a limitation (albeit a very large one) on the amount of open connections between a single source and a single destination. I don't think anyone will ever be running servers on (or listening for connections on) more than 65536 ports at any one time. – jduncanator Feb 24 '17 at 05:17
  • @JessieArr That being said, there is still a limitation of the active connections a server can open _outbound_, however a web server usually only handles many incoming connections and opens very few outgoing connections and so does not run into a port exhaustion situation (due to the above connection tuple mechanics). – jduncanator Feb 24 '17 at 05:20
  • 44
    @JessieArr - that'll teach you to try and make a joke, this is a serious business you know, there's no time for that kind of thing round here :/ – Matt May 09 '17 at 12:16
  • @barlop Oh, but It IS really "a 65536 issue" (or to be exact 65535), since in today's data-centers there are servers with memory counted in terabytes, and CPU cores counted in thousands, with the number of containers and other virtual instances soon reaching for that magic number we all love... – Lennart Rolland Dec 08 '17 at 02:42
  • @JessieArr I have 3258 ports open today, and counting, pm2 load balancing – Tino Costa 'El Nino' Jan 08 '18 at 22:46
  • I think the problem is the amount of softwares "taking" ports for itselves. Like "8080" for Tomcat, "19999" to NetData and so on... I'm a web developer and I'm afraid to take some already taken port to use in my microservices infra. – Magno C Jun 24 '18 at 21:48
146

The largest port number is an unsigned short 2^16-1: 65535

A registered port is one assigned by the Internet Corporation for Assigned Names and Numbers (ICANN) to a certain use. Each registered port is in the range 1024–49151.

Since 21 March 2001 the registry agency is ICANN; before that time it was IANA.

Ports with numbers lower than those of the registered ports are called well known ports; port with numbers greater than those of the registered ports are called dynamic and/or private ports.

Wikipedia : Registered Ports

Rohit Gupta
  • 2,411
  • 11
  • 21
  • 36
Brian R. Bondy
  • 314,085
  • 114
  • 576
  • 619
75

As I understand it, you should only use up to 49151, as from 49152 up to 65535 are reserved for Ephemeral ports

Smashery
  • 49,979
  • 30
  • 90
  • 123
  • 11
    ephemeral port range vary by system. I am running ubuntu linux with 3.19.0-43-generic kernel. `$ cat /proc/sys/net/ipv4/ip_local_port_range` results in output `32768 61000`. As to if one should or shouldn't use a port in one's system's ephemeral port range, I suspect most if not all modern day network operating systems will skip over a port that is already in use. – Keith Reynolds Jan 07 '16 at 18:21
37

Just a followup to smashery's answer. The ephemeral port range (on Linux at least, and I suspect other Unices as well) is not a fixed. This can be controlled by writing to /proc/sys/net/ipv4/ip_local_port_range

The only restriction (as far as IANA is concerned) is that ports below 1024 are designated to be well-known ports. Ports above that are free for use. Often you'll find that ports below 1024 are restricted to superuser access, I believe for this very reason.

Community
  • 1
  • 1
Andrew Edgecombe
  • 35,947
  • 3
  • 32
  • 60
17

According to RFC 793, the port is a 16 bit unsigned int.

This means the range is 0 - 65535.

However, within that range, ports 0 - 1023 are generally reserved for specific purposes. I say generally because, apart from port 0, there is usually no enforcement of the 0-1023 reservation. TCP/UDP implementations usually don't enforce reservations apart from 0. You can, if you want to, run up a web server's TLS port on port 80, or 25, or 65535 instead of the standard 443. Likewise, even tho it is the standard that SMTP servers listen on port 25, you can run it on 80, 443, or others.

Most implementations reserve 0 for a specific purpose - random port assignment. So in most implementations, saying "listen on port 0" actually means "I don't care what port I use, just give me some random unassigned port to listen on".

So any limitation on using a port in the 0-65535 range, including 0, ephemeral reservation range etc, is implementation (i.e. OS/driver) specific, however all, including 0, are valid ports in the RFC 793.

Eldakka
  • 171
  • 1
  • 2
14

Valid numbers for ports are: 0 to 2^16-1 = 0 to 65535
That is because a port number is 16 bit length.

However ports are divided into:
Well-known ports: 0 to 1023 (used for system services e.g. HTTP, FTP, SSH, DHCP ...)
Registered/user ports: 1024 to 49151 (you can use it for your server, but be careful some famous applications: like Microsoft SQL Server database management system (MSSQL) server or Apache Derby Network Server are already taking from this range i.e. it is not recommended to assign the port of MSSQL to your server otherwise if MSSQL is running then your server most probably will not run because of port conflict )
Dynamic/private ports: 49152 to 65535. (not used for the servers rather the clients e.g. in NATing service)

In programming you can use any numbers 0 to 65535 for your server, however you should stick to the ranges mentioned above, otherwise some system services or some applications will not run because of port conflict.
Check the list of most ports here: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Mosab Shaheen
  • 868
  • 9
  • 20
11

It depends on which range you're talking about, but the dynamic range goes up to 65535 or 2^16-1 (16 bits).

http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Bardi Harborow
  • 1,683
  • 1
  • 27
  • 40
Jim Burger
  • 4,229
  • 1
  • 22
  • 27
7

It should be 65535.

kiamlaluno
  • 24,790
  • 16
  • 70
  • 85
Chris
  • 4,584
  • 20
  • 16