eli5: why so many ports?


“TCP also introduces a concept of a port: each connection has two ports, one for both sides. A port is an integer between 0 and 65535. A server typically waits for a new connection at a well-known port. Default ports for widely-used protocols are well-established and are typically small numbers, for example, HTTP uses port 80. A client also needs its own port. These ports are typically large numbers selected automatically by an operating system, based on what ports are available.”

Why is there a need for so many ports if there is just a client and a server? If there were multiple clients I assume the port number would need to be significantly big, but 65535 is relatively small.

In: 7

You are exactly right. Servers don’t have 1 client usually, they have 100s or 1000s of clients. and sometimes 65535 is a problem. Because you really don’t even have that many, as the bottom 10k are really reserved. So you really only have 55k that you can use for dynamic ports.

The way they do this, is once the communication is done between the client and server, then the port is closed. So the server has the ability to open and close ports rapidly, to hopefully keep from getting that dynamic area full.

Sometimes, you have problems with misconfigured servers that keep the ports open (called keepalive) for too long of a period of time. So they run out of ports quickly. But if servers are configured correctly you actually can handle most load ok.

Many servers can have the problem of port depletion, like database servers, Voice over IP servers, web servers, FTP servers, file servers, etc.

You’re only thinking about this from the Client’s perspective.

Servers can have thousands or tens of thousands of simultaneous clients each of them requiring a different source port for the connection. So 65,535 often isn’t enough and you need to start using load balancing and other tricks to add more capacity.

Imagine you have two families. The people in those families want to exchange letters with each other. The IP address is like the family name/last name. The Port is like the first name/personal name. A connection is letters sent back and forth between two individuals, identified by their first/last name.

Each service protocol on the server is assigned a port. HTTP communicates on port 80, HTTPS on 443, SSH uses 22, IMAP uses 143, etc. Just like each person in your family is assigned a name.

Why so many ports? Because when the protocol was designed there was no way to know how many different types of services would be offered. Why 65,536? Because computers like to operate using bits (1’s and 0’s) and bytes (8 digit binary numbers). 2 bytes or 16 bits allows you to represent up to 65,536 individual values. Going down to 1 byte or 8 bits would have limited it to only 256. And going all the way up to 4 bytes, well that would have been 4,294,967,295 values. 2 bytes is a pretty good compromise between too few and too many values.

Keep in mind, multiple different clients can talk to the same server using the same port. A port is just a number thats part of the address, its not, despite its name like a USB port or an audio port where you can only plug in one thing at a time. A TCP connection is defined using both the client and server IP and port numbers, so two different clients create two different connections, even though they share the same server IP and port. Just like one person can send and receive letters from multiple people, even at the same time.

To directly address the question of 65535 seeming very small:

In theory a server could only have a single TCP port available and still work just fine even if millions of devices connect to it simultaneously. This is because each connection, aka Session, is uniquely identified by 4 numbers. Client IP, Client TCP Port, Server IP and Server TCP Port. Obviously the Server IP and Port will be the same for every connection/session, but as long as the Client IP or Port change, it’s easy to keep track of who’s who.

If a client needs multiple sessions to the same server & port, it just picks one if it’s unused ports for each new session it needs. That’s why you can open multiple browser tabs to the same website, at the same time but all with different pages open, and both your phone and the server know what info belongs to what session/tab. (It might be easier to think of a small site with 1 server here – big companies have multiple servers, sites, load balancers, etc, but that is to do with physical limitations, not the fact that only 1 TCP port is being used)

So in fact 65535 ports is 65534 more than you need on a server for each service.

Why so many? Because they thought 16 bits was a good number of bits. The ports don’t cost anything because they’re not real – only the number that says which port it is, is real. They decided 16 bits was a good size for that number.

Every connection can be identified by the port number and IP address at *both* ends, so really there’s 96 bits in total, which is enough. The only reason a computer is likely to run out of ports is if it’s running tens of thousands of server programs because each server program needs a unique port on that computer.