- Network ports allow multiple services to communicate over the same connection.
- There are more than 65.000 numbered ports, managed by the transport layer of the OSI model.
- They are divided into well-known, registered and dynamic ports according to their function and control.
- Opening ports correctly can improve the speed of games, downloads or video calls
Ports are essential for the functioning of any network communication. They are present when you watch a series for streaming, you make a video call, you play with your friends or simply you browse a websiteThey're like virtual gateways that allow multiple applications to share the same connection without interfering with each other. In this article, we'll take an in-depth look at what they are, the different types that exist, how they're classified, why they're important, and the most commonly used ports in both home and corporate networks.
What is a network port and what is it used for?
Un network port It is a logical numerical identifier assigned to specific processes or applications within a device connected to a network. Although they are called "ports," they are not physical like inputs. USB, but operate virtually within the operating system and network software.
Thanks to ports, devices can know what they are service or application the information that arrives must go. For example, when you access a web page through your browser, that request is sent to the 80 port if the website does not encrypt the data, or at 443 port If you do so via HTTPS, the server on the other end then knows how to interpret the request and which application to process it.
Each port is associated with a specific application: email, web browsing, downloads, video games online, remote access, etc. This allows multiple services to run simultaneously on a single device without interference. In other words, the network port acts as a communication channel between the operating system and external or internal services.
Available port numbers and their management
Numbers are used ranging from 0 to 65535, as they are represented in a 16-bit word. This means there are over 65.000 virtual ports available on each device.
The assignment of these ports is neither random nor automatic. There is an international organization called Internet Assigned Numbers Authority (IANA), which is responsible for controlling and maintaining a database of port assignments to avoid conflicts between protocols and applications.
This numbering is divided into three main ranges:
- Well-known ports (0 to 1023): These are reserved for standard and essential network services such as HTTP, FTP, DNS, SSH, SMTP, and others. They require administrative privileges to be used by applications.
- Registered ports (1024 to 49151): They are assigned to specific applications or services by the IANA, but can be freely used by software that requests them. For example, MySQL uses 3306, Discord uses 6463, etc.
- Dynamic or private ports (49152 to 65535): They are automatically temporarily assigned by the operating system to outgoing connections. These are also called ephemeral ports.
TCP vs. UDP Protocol: Key Differences
Ports are used by the protocols of the transport layer of the OSI model, mainly because TCP (Transmission Control Protocol) y UDP (User Datagram Protocol). Both use the same port numbers, but with key differences in their behavior:
- TCP: Connection-oriented, reliable, and ensures that data arrives in order and without errors. It is used by services such as email (SMTP, POP3, IMAP), web browsing (HTTP/HTTPS), FTP, SSH, or databases like MySQL. It requires more bandwidth and processing, but is more secure.
- UDP: Connectionless, it doesn't guarantee delivery or order. It's faster and simpler, used for services that require low latency, such as video calls, online gaming, DNS, SNMP, or streaming. It requires less control, but consumes fewer resources.
The same application can use both, depending on its configuration or needs. For example, OpenVPN can operate on both TCP and UDP using port 1194.
Examples of the most used TCP ports
In home and business networks, many TCP ports are widely used to communicate with various services. Here's a list of some of the most common ones and their primary uses:
- 21: FTP in control mode — file transfer.
- 22: SSH — remote access and encrypted connections.
- 23: Telnet — unencrypted (insecure) remote access.
- 25 - 587: SMTP — standard and encrypted email sending.
- 53: DNS — name resolution (can use TCP or UDP).
- 80: HTTP — unencrypted web browsing.
- 443: HTTPS — encrypted web browsing.
- 3306: MySQL — database.
- 3389: Remote Desktop Windows.
- 25565: Minecraft — online game server.
Each protocol or software has assigned ports, and any conflict between them can cause connection errors or loss of functionality.
Common UDP ports and their applications
UDP, being faster, is essential for certain real-time applications or where a few packet losses don't compromise functionality. Some examples:
- 53: DNS — domain resolution.
- 67 and 68: DHCP — automatic IP assignment.
- 69: TFTP — Lightweight File Transfer.
- 123: NTP — clock synchronization.
- 500: IPsec (VPN) with ISAKMP.
- 3478 3481 to: Skype and others for video calls.
- 1194: OpenVPN — secure and efficient VPN protocol.
UDP is less reliable, but much more lightweight, making it the preferred choice for gaming, video calls, and streaming services. Often, if you experience dropouts, it's because the corresponding UDP port is blocked or misconfigured on your firewall or router.
Importance of opening ports correctly
On many occasions it is necessary manually open ports on the router to allow traffic from outside your network to enter. This is known as port forwarding or port forwarding. This is essential in NAT environments (such as home networks) where all devices share a single public IP address.
Some common situations where it is useful to configure ports manually are:
- To play online: Each game uses different ports and opening them improves performance and reduces ping.
- Video calls: Programs like Skype, Meet, Zoom, or Discord require certain ports to run smoothly.
- Home Servers: Whether it's a NAS, FTP, or web, if you want to access from outside, you'll need to configure the ports.
- P2P Connections: such as BitTorrent, eMule and similar, which connect with other users.
Failure to open them properly can lead to problems such as:
- Video call interruptions
- low download speed
- Failed connections in video games
Therefore, it is vital to configure correctly and open only the necessary ports for each application or device.
Ports and network security: which ones are dangerous?
Unmonitored open ports can be a gateway for cyberattacksSome ports are more vulnerable due to the services that typically run behind them. For example, Telnet port 23 is inherently insecure because it transmits data unencrypted.
Other ports commonly operated by malware, Trojans or automated tools hacking include:
- 21: FTP — if you don’t use encryption, it can be intercepted.
- 23: Telnet — insecure and vulnerable.
- 80: HTTP — still widely used without encryption.
- 3389: Windows Remote Desktop — a common target for RDP attacks.
- 22: SSH — if weak credentials are used.
- 445: SMB — used by viruses like WannaCry to spread.
There are also ports specifically used by Trojans and intrusion tools, such as 12345 (NetBus), 31337 (Back Orifice) or 4444 (usually malware).
Therefore, it is advisable:
- Use firewalls to block all unnecessary ports.
- Limit access to specific IP addresses only if a port is exposed.
- Keep updated the software that listens on those ports.
- Use IDS/IPS to detect anomalous traffic.
And always close ports you don't need to use.
How to know which ports you have open: useful tools
Checking which ports are open on your network or computer is essential for controlling potential entry points. Here are some ways to do this:
- From the internet: You can use sites like GRC's ShieldsUP! or tools like nmap from the outside to see what ports you have exposed.
- From your own network: If you are inside the network, you can use tools like netstat or nmap to see which ports are open locally.
Basic usage example:
nmap -sU -sT 192.168.1.1This scans both TCP and UDP for the computer with IP address 192.168.1.1. You can also specify a specific port or range.
If you discover that you have open ports that you're not using, it's best to close them from your router settings or from your operating system's internal firewall.
The CG-NAT problem
An important factor that prevents opening ports is being under CG-NAT (Carrier Grade NAT)Many operators use it to save public IPv4 addresses by sharing them among different users.
When you are in CG-NAT, you cannot open ports manually Because you have no control over the public IP address that handles your traffic. As a result, services such as game servers, FTP, or remote access will no longer be available from the outside.
Some options to get out of CG-NAT:
- Call your operator and request a public IP address (this may have an additional cost).
- Request IPv6 activation if supported.
- Use a VPN that allows incoming connections.
Understanding what a network port is, how it works, the types available, and how to configure them correctly can make a huge difference in the performance and security of your connection. From improving your gaming and calling experience to protecting against cyberattacks, proper management is essential for both personal and corporate networks. Although it often goes unnoticed, this invisible component of the network is what keeps everything running smoothly every time you open your browser, click on a link, or download a file.
Passionate writer about the world of bytes and technology in general. I love sharing my knowledge through writing, and that's what I'll do on this blog, show you all the most interesting things about gadgets, software, hardware, tech trends, and more. My goal is to help you navigate the digital world in a simple and entertaining way.