As you are probably aware, IP port numbers are 16 bit unsigned integers in the range 0 to 65535. IANA (Internet Assigned Numbers Authority) manages these port numbers. See the IANA Service Name and Transport Protocol Port Number Registry for more information.
IANA specifies the range 49152 to 65535 be used for dynamic (AKA private) ports. From the above referenced document:
Port numbers are assigned in various ways, based on three ranges: System Ports (0-1023), User Ports (1024-49151), and the Dynamic and/or Private Ports (49152-65535); the difference uses of these ranges is described in RFC6335. System Ports are assigned by IETF process for standards-track protocols, as per RFC6335. User Ports are assigned by IANA using the "IETF Review" process, the "IESG Approval" process, or the "Expert Review" process, as per RFC6335. Dynamic Ports are not assigned.
Contrary to the IANA, Linux kernels typically use the range 32768 to 61000. In 2007, the Linux kernel maintainers decided to use that range following a short discussion on the Linux kernel mailing list (See lkml.org).
Two kernel settings control the IP dynamic port ranges on a system, i.e. ip_local_port_range and ip_local_reserved_ports.
# pwd /proc/sys/net/ipv4 # ls | grep port ip_local_port_range ip_local_reserved_ports # cat ip_local_port_range 32768 61000 # cat ip_local_reserved_ports #
The range specified in ip_local_port_range determines the port assigned to an application by default when the application itself does not specify a TCP or UDP port to use for an outgoing connection. The upper range value (port number) was reduced to 61000 because ports above that number are used for masquerading ports when masquerading is enabled. The lower range value was selected because it was felt that more ports were needed than suggested by IANA.
From the kernel documentation:
ip_local_port_range - 2 INTEGERS Defines the local port range that is used by TCP and UDP to choose the local port. The first number is the first, the second the last local port number. The default values are 32768 and 61000 respectively.
The ip_local_port_range enables you to add exceptions to the range of ports listed in ip_local_port_range.
From the kernel documentation:
ip_local_reserved_ports - list of comma separated ranges Specify the ports which are reserved for known third-party applications. These ports will not be used by automatic port assignments (e.g. when calling connect() or bind() with port number 0). Explicit port allocation behavior is unchanged. The format used for both input and output is a comma separated list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and 10). Writing to the file will clear all previously reserved ports and update the current list with the one given in the input. Note that ip_local_port_range and ip_local_reserved_ports settings are independent and both are considered by the kernel when determining which ports are available for automatic port assignments. You can reserve ports which are not in the current ip_local_port_range, e.g.: $ cat /proc/sys/net/ipv4/ip_local_port_range 32000 61000 $ cat /proc/sys/net/ipv4/ip_local_reserved_ports 8080,9148 although this is redundant. However such a setting is useful if later the port range is changed to a value that will include the reserved ports. Default: Empty