TCP/IP Ports and Sockets Explained

tcp-portsOn a TCP/IP network every device must have an IP address.

The IP address identifies the device e.g. computer.

However an IP address alone is not sufficient for running network applications, as a computer can run multiple applications and/or services.

Just as the IP address identifies the computer, The network port identifies the application or service running on the computer.

The use of ports allow computers/devices to run multiple services/applications.

The diagram below shows a computer to computer connection and identifies the IP addresses and ports.



If you use a house or apartment block analogy the IP address corresponds to the street address.

All of the apartments share the same street address.

However each apartment also has an apartment number which corresponds to the Port number.

Port Number Ranges and Well Known Ports

A port number uses 16 bits and so can therefore have a value from 0 to 65535 decimal

Port numbers are divided into ranges as follows:

Port numbers 0-1023 – Well known ports. These are allocated to server services by the Internet Assigned Numbers Authority (IANA). e.g Web servers normally use port 80 and SMTP servers use port 25 (see diagram above).

Ports 1024-49151- Registered Port -These can be registered for services with the IANA and should be treated as semi-reserved. User written programs should not use these ports.

Ports 49152-65535– These are used by client programs and you are free to use these in client programs. When a Web browser connects to a web server the browser will allocate itself a port in this range. Also known as ephemeral ports.

TCP Sockets

A connection between two computers uses a socket.

A socket is the combination of IP address plus port

{outline]Each end of the connection will have a socket.{/outline]

Imagine sitting on your PC at home, and you have two browser windows open.

One looking at the Google website, and the other at the Yahoo website.

The connection to Google would be:

Your PC – IP1+port 60200 ——– Google IP2 +port 80 (standard port)

The combination IP1+60200 = the socket on the client computer and IP2 + port 80 = destination socket on the Google server.

The connection to Yahoo would be:

your PC – IP1+port 60401 ——–Yahoo IP3 +port 80 (standard port)

The combination IP1+60401 = the socket on the client computer and IP3 + port 80 = destination socket on the Yahoo server.

Notes: IP1 is the IP address of your PC. Client port numbers are dynamically assigned, and can be reused once the session is closed.

TCP and UDP -The Transport Layer

Note: You may find reading the article on the TCP/IP protocol suite useful to understand the following

IP addresses are implemented at the networking layer which is the IP layer.

Ports are implemented at the transport layer as part of the TCP or UDP header as shown in the schematic below:


The TCP/IP protocol supports two types of port- TCP Port and UDP Port.

TCP – is for connection orientated applications. It has built in error checking and will re transmit missing packets.

UDP – is for connection less applications. It has no has built in error checking and will not re transmit missing packets.

Applications are designed to use either the UDP or TCP transport layer protocol depending on the type of connection they require.

For example a web server normally uses TCP port 80.

It can use any port, but the web server application is designed to use a TCP connection. See TCP vs UDP

Here is a very good video that explains ports and sockets really well

Checking For Open Ports

Windows and Linux systems have a utility called netstat which will give you a list of open ports on your computer.

These articles show you how to use netstat on windows and on linux.

You can check the port status of remote machines using a port scanner line nmap.

You can install NMAP on windows,Linux and Apple. It can be used with a graphical user interface of as a command line tool.

Here is a useful article on using NMAP from the command line.

Here is a good video on using Nmap and also covers TCP/IP connection procedures which is useful for understanding ports.

References and resources:

TCP and UDP basics -Connecting to a website- This is for programmers but there is no coding just an explanation of ports and sockets.

Connection states– if you are wondering what established and listening and the other state descriptions mean. here is a good state diagram that it refers to.

Online port tester Collection of tools for port scanning and web server testing.

Related Articles:

Please rate? And use Comments to let me know more
[Total: 95   Average: 4.1/5]


  1. I want to read a data from a machine which supports open protocol if the machine is in network and if I know IP address and port number(socket) how can I read a data from it(I know it send and receive data in packet format )

  2. Thank you, Steve!
    Is it possible with TCP/IP sockets to send requests to one IP:PORT and listen for responses on a different IP:PORT. E.g. we want to send to a load balancer IP but listen for response on localhost.

  3. Question: When a program on your computer sends or receives data over the Internet it sends that data to an ip address and a specific port on the remote computer. How does my computer know what port a specific application is working on another computer to populate the TCP Header?

  4. Hi Steve,
    Thanks for the tutorial can you please help me with the following issue
    I have multiple devices connected to the same network and I want to transfer data across them, how can I transmit the data the IP of some devices changes after a particular time I can keep the port number constant but the devices don’t know each others IP address and also I don’t want to use UDP because it is not reliable

  5. Hi,

    Great site. I have a quick question. If I receive a UDP datagram using recvmsg(), will the msghdr structure be filled out with the sender’s IP and port (in the msg_name field, which is a sockaddr struct)?

    Many thanks.

  6. hi ,I have some questions
    When using TCP protocol, the client must use in its message the IP address and Port number of the server. And it must also include its own IP address and port number. why?

    4- When using UDP protocol, the client is required to use in its message the IP address and Port number of the server. But it is not required to include its own IP address and port number.why?

    1. TCP is a connection orientated protocol and so the destination device needs to know who to send a reply to.
      UDP is connectionless and so doesn’t require a response and hence the source IP address is optional.

  7. Hi Steve,

    Can Server and client share the port number, eg : Server is listening at port num : 51001 and client also listens on the same port num : 510001 .

    Can you pls explain this

    1. Yes providing they are on different hardware.
      A port is simply a door into the machine the numbers themselves aren’t really important except for the conventions already adopted and standardised. Machines use 16bits for the port numbers hence the limitation of 64,000.

  8. Good job Steve. I have a question, and it goes like this: if i have 2 browsers from my PC connecting to the same service, for example both browsers are connecting to, does that mean that the two browsers from my computer are connecting to the same socket in the google server? Meaning can more than one socket connect to a socket at the same time?

  9. Hi, Thanks for this information sharing. It is very well explained.
    I have following doubt,
    What I understand is TCP protocol takes care of data transmission error that duplication of packets or packet in true form delivered to other end. This is not done in UDP protocol. But when I see the Schematic of TCP, UDP & IP in your article I do not find any block for error checking in TCP where as UDP has checksum. Could you please clear my doubt.

  10. In above example, google application/service and yahoo application/service both uses same port number i.e:80.
    Then there should be ambiguity that is to which application/service it should refer to either google or yahoo ;How it knows that it is google or yahoo as both has same port number?
    Answer will help me alot.

    1. Google and Yaoo have different IP addresses. When you connect to google you use Google_IP +port 80.
      When you connect to Yahoo you connect to Yahoo_IP + port 80.
      Does that make sense?

    2. The IP address of google and yahoo is different.
      say for google
      and for yahoo
      so even accessing the same port the two sockets will be totally different and hence different connections.

      using the real world analogy two rooms of two different apartments may have the same room number and hence two server system may have same port number as well.

    3. The port number 80 is the open port of Google server had an open port (80) also Yahoo had an open port (80).

      Both Google and Yahoo had different IP addresses.

      If I want to connect Google server,I will open a new port,for example I will open port 5000, at the same time I will open another port 5002 to connect with Yahoo server.

      Example :

      My IP + 5000 — connects — Google IP + 80

      My IP + 5002 — connects — Yahoo IP + 80

  11. Hi! keep up the good work. I have few doubts though, hope you can clear them:
    1. Can you tell if a server uses a single port 80 on all of its connections to clients? Or is it used only by the Welcoming socket?
    Can port 80 handle multiple connections simultaneously?

    1. A port (e.g port 80) can handle multiple connections each connection is a socket and will have a different source IP address and port number.

  12. Could someone explain what is the socket buffer size. What’s the maximum size we can set? Is socket buffer and MTU same ?

    1. MTU is the largest packet that you can send on the network and is determined by the underlying network and protocols –
      Buffer size relates to the software buffers allocated for sending and receiving data from the network.
      As far as I understand the two are not directly related.
      See this unix network programming book (MSS is equivalent to MTU as far as I understand)

  13. One basic thing I have been trying to determine is what is a socket. Eg is a stream socket a means to access tcp or something built on top of tcp? Reading many explanations of sockets this is not clear. Ie, can you read any tcp stream using a socket, or do both ends have to use sockets for it to work?

    1. All data communication over tcp/ip and udp/ip uses sockets. Streaming refers to how the data is transmitted i.e. as contiguous bytes see socket stream om WIKI
      A socket is effectively an application ID as it is the combination of port and IP address that the application is using.
      Both end of the connection will use a socket regardless of whether they are streaming data or sending datagrams (UDP).
      See also

      1. Hello Steve
        In this article, u said port numbers from 1024 to 49151 are not to be used by programs.
        I don’t know if the port I can enter in a browser is client port or server port but I see :8080 in browser when connecting to my local XAMPP server. Why 8080 and why not just 80

        1. It is because port 80 is reserved for web servers whereas Xampp is an application and so it uses the alternative http port. Ports under 1024 require super user permissions on Linux and so they are usually avoided.
          This is what the wiki says about these ports

          The range of port numbers from 1024 to 49151 are the registered ports. They are assigned by IANA for specific service upon application by a requesting entity. On most systems, registered ports can be used without superuser privileges.

          There is a list of ports and usage here

          You might notice that there are lots of ports used but not officially. In this case a developer has chosen a free port and used it but not registered it.

Leave a Reply

Your email address will not be published. Required fields are marked *