1. Introduction
In the context of computer networks, a port is an endpoint for communication between applications (or network services). Each port has a port number for identification. Thus, a network service can use one or more ports by specifying their numbers.
By definition, there are 65,536 possible ports for use. However, many of them have a specific purpose or have already been assigned to some service. In this article, we’ll study how to choose a default port number for a new network service.
The main issue we have to deal with is choosing a port that’s not being used by any other service. Otherwise, there’s a good chance that our new service will eventually be executed on a machine with another service running on the same port. This would prevent both services from working.
To have a full view of the problem, we’ll first understand the subdivision of the port range. Next, let’s learn how to choose ports other than those used by well-known services. Then, we’ll see how to avoid conflicts with services running on our machine or the local network. Finally, we’ll briefly look at how to request an official assignment of the chosen port for our service if desired.
2. Understanding the Subdivision of Port Ranges
The full range of possible port numbers extends from 0 to 65535. However, properly using this large but limited port range requires global coordination. In this sense, RFC6335 designates the Internet Assigned Numbers Authority (IANA) as responsible for the assignment of these ports.
IANA handles port number assignments through procedures also specified in RFC6335. In short, the specification subdivides the full range of port numbers into three smaller ones. Each one of them is intended for different uses, as described in the table below:
Range Name
Port Numbers
Assignment
System Ports
0 – 1023
Assigned by IANA
User Ports
1024 – 49151
Assigned by IANA
Dynamic Ports
49152 – 65535
Never assigned
System Ports and User Ports are available for assignment through IANA, which requires the IETF review or the IESG approval. However, the Dynamic Ports range has been specifically set aside for local and dynamic use, so it can’t be assigned through IANA.
The possible states for each port are Assigned, Unassigned, or Reserved. So, the only ports free to use are those with Unassigned state.
2.1. From Which Sub-range Should We Choose a Port?
The System Ports range (also known as the Well-Known Ports) is both the smallest and the most densely assigned. So, the requirements for new port assignments in this range are much more strict than those for the User Ports range (also called Registered Ports). Therefore, ports in the System Ports range are only used by very well-known services and protocols.
Ports in the Dynamic Ports range are considered ephemeral ports, i.e., they’re only for temporary and dynamic use. Therefore, we should never use a port in this range as a service identifier since there’s no guarantee that ports will be available for the service.
Thus, in most cases, we should look for a free port in the User Ports range when choosing a default port for a new service.
3. How to Avoid Conflicts With Well-Known Services?
Nowadays, there’s a wide range of network services (and protocols) used worldwide. Most of them are well-known services that have assigned ports in the IANA. Other services, although well-known, don’t have IANA-assigned ports for some reason.
Next, let’s see how to avoid selecting a port that services in both cases are already using.
3.1. Check Allocated Ports in IANA
For not choosing a port assigned by IANA, we need to check the IANA port number registry. It lists all port assignments and their respective services. In this case, the ports available are the ones that aren’t listed in the registry or have the Description field marked as Unassigned.
Given the large number of port assignments, it can be challenging to find available port numbers in the desired range. For convenience, we can download the IANA port number registry in CSV format and use the Python script list_iana_available_ports.py below to list the available ports in any given range.
import csv, sys
def get_assigned_ports_in_csv_file(filename):
assigned_ports = []
try:
with open(filename, 'r') as csv_file:
for row in csv.DictReader(csv_file):
if row.get('Description') != 'Unassigned':
port_number = row.get('Port Number')
try:
port_number = int(port_number)
assigned_ports.append(port_number)
except:
str = port_number.split('-')
if len(str) == 2:
assigned_ports.append(range(int(str[0]), int(str[1]) + 1))
except FileNotFoundError:
print(f"File not found: {filename}")
except Exception as e:
print(f"An error occurred: {e}")
return assigned_ports
def print_free_ports(start_port, end_port, assigned_ports):
for port in range(start_port, end_port + 1):
if port not in assigned_ports:
print(port)
if __name__ == "__main__":
if len(sys.argv) != 4:
print("Usage: python script.py ")
sys.exit(1)
csv_file, start_port, end_port = sys.argv[1], int(sys.argv[2]), int(sys.argv[3])
print_free_ports(start_port, end_port, get_assigned_ports_in_csv_file(csv_file))
To use the script above, we just need to run the command below, replacing
python list_iana_available_ports.py <csv-file-name> <port-start> <port-end>
It may be a good idea to select one or more of the available ports according to IANA. For example, we may use the provided script to find available ports ranging from 2000 to 3000 (which is a subrange of User Ports) and then select one or more ports.
After that, we can follow the next steps just to make sure that no other service is unofficially using the chosen port.
3.2. Check Ports Listed by NMAP
Some widely used services utilize ports that haven’t been officially assigned to them in the IANA registry. So, to avoid choosing a port used by one of these services too, we need to refer to an alternative (unofficial) but comprehensive listing.
An example of such a list is provided by NMAP.org. The NMAP list includes port assignments registered in IANA and others that have been detected by NMAP itself.
Thus, by accessing this list, we can check whether the port (or range) we selected in the previous step has also been identified by NMAP as frequently used by services. Since the port we’ve selected so far isn’t present in the NMAP list, we can follow the steps below to check further.
4. How to Avoid Local Conflicts?
Besides avoiding conflicts with widely used services, we also need to ensure that the chosen port doesn’t create conflicts with our organization’s own services. Next, we’ll see how to avoid conflicts with other services on our local machine or local network.
4.1. Check the Local System
Usually, Operating Systems (OS) have a file that maps services and their respective ports. Applications use it to convert human-readable service names into port numbers. Specifically, in Linux and MacOS, we can find this file at /etc/services, whereas, in Windows, its location is %windir%\System32\drivers\etc\services.
The services file includes the assignments made by IANA but also maps services related to the OS and others running on the local machine. For example, in a Debian-based distribution, the file includes a section named “Services added for the Debian GNU/Linux distribution” and another named “Local services”.
Hence, we can just open the file and search for the chosen port. So, if we don’t find the port in the file, we know that there are no local conflicts.
4.2. Check the Local Network
To check if another service on our local network is using the port we’ve chosen so far, we can use a network scanning tool. An example of such a tool is NMAP, which is widely used and available for various OSes, including Linux, Windows, and MacOS.
In short, NMAP has a command-line interface that expects some parameter (or command option) and a target host. The target host refers to the host that will be scanned. So, it can be a hostname or an IP address.
However, in our case, we don’t want to scan a specific target host but the whole network for open ports (ports being used by some service). Fortunately, the NMAP command line also supports multiple target hosts. There are many ways to do this, but one of the easiest is by using the CIDR notation.
This way, we can scan the entire network at once, specifying the target host in the format
nmap 192.168.1.0/24
In addition, we can also scan only the port we’ve chosen later. The command below exemplifies a search for hosts using port 3000 on the network 192.168.1.0/24.
nmap -p 3000 192.168.1.0/24
5. How Can We Request a Port Assignment for Our Service?
Once we’ve chosen a port that’s currently available, we can request that the port be assigned to our service if we so desire. However, we should do this only if the service is genuinely distinct. Otherwise, IANA will probably not approve the port assignment.
For example, if the service is a new web application, instead of requesting a new port assignment, we should use the ports already assigned for this kind of service (such as 80 for HTTP and 443 for HTTPS).
Nevertheless, to make the request, we can submit an application for port assignment through the official IANA form.
6. Conclusion
In this article, we learn how to choose a port for a new network service. A good choice requires in-depth investigation to avoid choosing a port that’s already in use by another service.
The first step is to check the IANA port assignment registries. After that, we can consult unofficial registries and local port mappings and scan the network for ports in use.
In conclusion, these are the key steps to selecting a port number for a new network service, ensuring effective communication.