Ephemeral and Reserved Port Numbers

Ephemeral port numbers, also known as dynamic or private ports, are temporary ports assigned by the operating system for client-side connections during network communication. They are used to distinguish between different client connections to a server and are released once the connection is closed. On Linux and Unix operating systems, the default range for ephemeral port numbers typically starts at 32,768 (2^15) and goes up to 61,000, although some systems might have a different range. To check the current ephemeral port range on a Linux system, you can use the following command:

cat /proc/sys/net/ipv4/ip_local_port_range

One possible output on a system could be:

32768   60999

This command will display the start and end values of the ephemeral port range. For example, if the output is "32768 61000", it means the range starts at port 32,768 and goes up to port 61,000.

• Modify the ephemeral port Range:
  You can also modify the ephemeral port range on Linux by modifying the /proc/sys/net/ipv4/ip_local_port_range file or by using the sysctl command:
  

  sudo sysctl -w net.ipv4.ip_local_port_range="new_start_port new_end_port"
  

  
  On Unix-based systems like macOS, you can use the following command to check the ephemeral port range:
  

  sysctl net.inet.ip.portrange.first net.inet.ip.portrange.last
  

  
  The output will show the start and end values of the ephemeral port range, similar to the Linux command output. It is essential to keep in mind that the specific range for ephemeral ports may vary between different operating systems and distributions, and some applications or network configurations might require adjusting the range to better suit their needs.
• Reserved Port Numbers: Port numbers in the range 1 to 1023 are considered “reserved” or “privileged.” TCP/IP conventions require that a connection using such low port numbers have special privileges, such as root privileges on the originating machine. On UNIX machines, a process cannot open a connection on low port numbers without root permissions.

A network server process must use a “well-known” port number so that potential clients can locate it. The client also needs a port number to create a TCP/IP connection, but this port number need not be well known. Clients are assigned port numbers by the operating system, as part of the sequence of system calls that create a network connection. These port numbers are called “ephemeral” because they are valid only for the life of the connection and have no special significance.

Ephemeral ports play a crucial role in network communications by providing temporary endpoints for connections. Here's how they are used with TCP, UDP, and SCTP:

1. Transmission Control Protocol (TCP):
   • Port Range: Ephemeral ports typically range from 49152 to 65535, though this can be configured differently in various operating systems.
   • Usage: When a client initiates a TCP connection to a server, it uses an ephemeral source port. Here's how it works:
     • Client Side: When you open a web browser to connect to a server (e.g., visiting a website), your system selects an ephemeral port as the source port for the TCP connection. This port, combined with your IP address, forms the local endpoint of the connection.
     • Server Side: The server listens on a well-known port (e.g., 80 for HTTP). The client's TCP packet will have the destination port as this well-known port, and the source port will be the ephemeral port.
     • Connection Tracking: The combination of source IP, source port (ephemeral), destination IP, and destination port uniquely identifies each connection, allowing multiple connections to the same server from the same client machine.
2. User Datagram Protocol (UDP):
   • Port Range: Similar to TCP, UDP also uses ephemeral ports from the same range.
   • Usage:
     • Client Side: For UDP, when a client sends a datagram to a server, it uses an ephemeral port as the source port. Unlike TCP, UDP doesn't establish a connection; it just sends datagrams.
     • Server Side: The server listens on a specific port. The client's UDP packet will have the destination port as this server port, and the source port will be the ephemeral port.
     • Stateless Nature: Since UDP is stateless, each datagram might use a different ephemeral port if multiple requests are sent, although often the same port is reused for efficiency.
3. Stream Control Transmission Protocol (SCTP):
   • Port Range: SCTP also uses ephemeral ports, generally within the same range as TCP and UDP.
   • Usage:
     • Client Side: When initiating an SCTP association, the client uses an ephemeral port. SCTP is more complex as it can handle multiple streams within one association.
     • Server Side: The server listens on a designated port. The client's initial packet (INIT chunk) will use the ephemeral port as the source, aiming at the server's port.
     • Multi-homing: SCTP supports multi-homing, meaning a single endpoint can have multiple IP addresses. Ephemeral ports help in managing these multiple paths within one association.

Commonalities and Differences:

• Reuse and Recycling: Ephemeral ports are reused after the connection or association is closed or after a timeout. This recycling is managed by the operating system to ensure uniqueness during the lifetime of a connection.
• Security Considerations: Ephemeral ports can be exploited in certain attack vectors like port exhaustion or in certain types of denial-of-service attacks, where an attacker might try to consume all available ephemeral ports.
• Dynamic Assignment: The assignment of ephemeral ports is dynamic and handled by the operating system, which ensures that they are unique for each new connection or datagram session.

Ephemeral ports are thus fundamental in allowing multiple simultaneous connections or communications from a single device to various services across the internet, ensuring each communication stream is uniquely identifiable and manageable.

Click the Quiz link below to take a short multiple-choice quiz on client/server processes, TCP, UDP, and port numbers.
TCP UDP Port Numbers - Quiz