1. Library
  2. Ports
  3. Basics

How Ports Work with IP Addresses

Updated 2 hours ago

When you load a webpage, your computer doesn't just connect to another computer. It connects to a specific service on that computer—the web server, not the email server, not the database, not the hundred other things that machine might be running.

How does it know which one? Ports.

The Building and the Office

An IP address gets you to the building. A port gets you to the right office.

Without ports, every computer could only do one thing at a time. One IP address, one service. Want to run both a web server and an email server? You'd need two computers, two IP addresses. The Internet would require billions more addresses than it already does.

Ports solve this. They're numbers from 0 to 65535 that identify specific services on a machine. When you combine an IP address with a port, you get a socket—a unique endpoint written as IP:port:

  • 192.168.1.1:80 — A web server
  • 208.67.222.222:53 — A DNS server
  • 10.0.0.5:22 — An SSH server
  • 172.16.0.10:443 — An HTTPS server

The IP address says "this machine." The port says "this service on this machine."

Every Connection Has Two Ends

When your browser connects to a website, four numbers define that connection:

  • Your IP address
  • Your port
  • Their IP address
  • Their port

This four-part combination—called a socket pair—uniquely identifies the connection:

192.168.1.100:54321 → 93.184.216.34:443

Your computer (192.168.1.100) using port 54321, talking to a web server (93.184.216.34) on port 443.

The server's port (443) is predictable—that's where HTTPS lives. But your port (54321)? Your operating system picked that randomly from a pool of temporary ports. It's your return address for this specific conversation.

Ten Tabs, Ten Conversations

Open ten browser tabs to the same website. You've created ten separate connections:

192.168.1.100:54321 → 93.184.216.34:443
192.168.1.100:54322 → 93.184.216.34:443
192.168.1.100:54323 → 93.184.216.34:443
...

Same source IP. Same destination IP and port. But each tab gets its own source port. That's how your computer keeps ten conversations straight—each has a different return address.

Well-Known Ports

Services listen on predictable ports so clients know where to find them:

PortService
80HTTP (web)
443HTTPS (secure web)
22SSH (remote access)
25SMTP (email sending)
53DNS (name resolution)
3306MySQL (database)

These are conventions, not requirements. You can run a web server on port 9999 if you want. But then everyone needs to know to ask for yoursite.com:9999 instead of just yoursite.com.

NAT: Sharing One Public Address

Most home networks have dozens of devices but only one public IP address. Network Address Translation (NAT) makes this work by manipulating ports.

When your laptop connects to a website:

  1. Your laptop sends from 192.168.1.100:54321
  2. Your router rewrites this to 203.0.113.50:12345 (the router's public IP with a new port)
  3. The router remembers: "port 12345 belongs to 192.168.1.100:54321"
  4. When the response arrives at port 12345, the router forwards it back to your laptop

Every device on your network gets its own translated port. The router juggles thousands of mappings, keeping everyone's conversations separate.

Port Forwarding

NAT works automatically for outbound connections. But what if you're running a server that needs to receive inbound connections?

Port forwarding tells the router: "When traffic arrives on port 8080, send it to 192.168.1.100 on port 80."

External: 203.0.113.50:8080 → Internal: 192.168.1.100:80

Now someone on the Internet can reach your internal web server by connecting to your router's public IP on port 8080.

Seeing It in Action

Run netstat -an or ss -tuln on any computer and you'll see the socket pairs:

Local Address           Foreign Address         State
192.168.1.100:54321     93.184.216.34:443      ESTABLISHED
0.0.0.0:22              0.0.0.0:*              LISTEN
127.0.0.1:3306          0.0.0.0:*              LISTEN

The first line is an active connection to a web server. The second shows SSH listening on all interfaces. The third shows MySQL listening only on localhost—it won't accept connections from other machines.

0.0.0.0 means "all network interfaces." 127.0.0.1 means "only local connections." The IP address a service binds to determines who can reach it.

Why This Matters

Firewalls make decisions based on IP-port combinations. "Allow 443, block 23" means "let HTTPS through, stop Telnet."

Load balancers map one external socket to many internal servers, distributing traffic across machines.

Every networked application—every website, every API, every database connection—relies on this addressing system. The IP address finds the machine. The port finds the service. The socket pair identifies the conversation.

That's how billions of devices run millions of services without stepping on each other.

Frequently Asked Questions About Ports and IP Addresses

Was this page helpful?

😔
🤨
😃