Skip to content

Linux's Reserved Network Ports

When hosting some services, some ports should be avoided, those ports are:

0-1023: The "Well-Known Ports": used/reserved by system processes and core services

32768–65535: The "ephemeral ports": automatically allocated by the system to software that need to bind to a port (for outgoing connections).

About the "ephemeral ports":

Some distribution have a different lower values for the "ephemeral ports" (usually 49152 instead of 32768).

Some distribution have a different higher values for the "ephemeral ports" (usually 60999 or 61000 instead of 65535).

To be safe it's easier to assume any port above 32768 is "unsafe" to use everywhere.

To check what is the value on your system, you can do:

/usr/sbin/sysctl net.ipv4.ip_local_port_range


cat /proc/sys/net/ipv4/ip_local_port_range

The output of either of those will be [LOWER VALUE] [HIGHER VALUE].