Skip to content

Virtual Ports

Virtual Ports are used in TCP and UDP to identify unique end-to-end connections. They are called 'virtual ports' because a single physical connector can serve multiple connections. Each side of a connection uses its own port number, which does not change during the life of that connection.

Client-Server Pairings

All TCP and UDP traffic utilizes a client-server scheme, so there is always a client port and a server port used for every connection.

A pair of fields within the TCP and UDP headers is used to track the source and destination Virtual Port Numbers used for that socket connection. Each field in the header is sixteen bits wide, so the value in the field can range from 0 - 65534. Each computer host uses a unique IP address, and also uses a unique source and destination port pairings to identify that specific connection between the two computers. Typically, when your computer connects to a website, it connects to the destination website on port 80 (the default port for HTTP / web traffic). A different source port on the local host is used. At one time, this port number was the next number above 1024 that wasn't already in use for another connection. For example, the first website connection would be set up on the source port of 1025 and the second connection on 1026. If the 1025 port is no longer needed and is closed, and another port is needed, then 1025 would be used.

Today, to defeat hackers, computer systems are choosing the source port at random as hackers can predict this behavior and hijack sessions by predicting new connections being opened.

Servers run network services, these services are bound to a virtual port and listen for communication on that virtual port. It is possible for multiple clients to connect to the same service and thus, use the same destination port number when connecting to the server. Because each client uses a unique IP address and port number, the server can keep track of up to 65534 connections per host.

However, whether the port number is the source, or the destination port depends on which side is currently transmitting information. The client and server asynchronously transmit and receiving information using these ports.