Ports are strictly a software and regulation concept. Inside an actual data packet there are fixed structures for the protocols at the beginning – IPv4 or v6, and then TCP or UDP are most common. A “port” is one of the fields inside the TCP or UDP header. Two actually, because there’s a port for each side of the connection. It will indicate “this packet is for TCP port #80 on your side, and #42411 on my side”. When responding the software swaps the two port numbers to switch the “my” and “yours” positions.

On the server a program starts up and indicates “I want to accept connections on TCP port 80”, and assuming nothing else already got dibs and no security issues exist, the program gets its request. Now when a TCP packet arrives that says “your TCP port #80” and “start new connection” it goes to this program.

The network card is mostly a braindead electrical converter moving data between the CPU and the network cable. (people will argue that they have features that make them smarter now, but for the most part you can treat them as dumb like this). It’s up to the TCP/IP software running on the CPU to manage who to send the data to when packets arrive, and the port numbers are to steer it in the right direction.

Ports are a part of the TCP/IP protocol, and as such are part of the wrapper around a packet of data.

When a connection is open through a network interface, the client and host both assign a port for communication.

An automated server will have a designated port open with a program listening for TCP/IP requests for that come in; this delegates them to other open ports for the data transfer back and forth between client and server.

This is integral for the multiplexing feature of TCP/IP as it allows the software to keep track of multiple concurrent sessions.

By convention, many ports are reserved for servers to listen for certain types of requests, and they stay open by quickly shuffling the incoming connections to new ports.

Physically they’re the same as any other 1 or 0 being sent over the wire: an electrical high or low to signal on or off in a transistor. But it’s in a specific spot in the data packet so that we know to expect it and what to use it for.

First of all, network cards are Ethernet cards, they’re not Internet Protocol cards^(*). They just grab every packet that’s either addressed to them (using their Ethernet MAC number) or that’s a broadcast packet. Then the operating system deals with the packets after that.

On a computer, a program can tell the OS it wants to listen on a particular port. Commonly a web server program will ask to listen on TCP^(†) port 80. When the OS gets an Ethernet packet that turns out to be a request to connect on TCP port 80, it will inform the listening program and a connexion can be established. If the OS gets a request for a port and there’s no program listening on that port then it will send back a connexion refused packet.

* Actually some cards, especially on servers, do help handle the IP tasks. This helps performance but it’s just a confusing detail when you’re learning.

† TCP is one of many Internet Protocol (IP) protocols. Others you may have heard of are UDP and ICMP. Each protocol can have its own set of port numbers and they’re handled separately, so UDP port 80 is completely unrelated to TCP port 80. TCP is used when there’s a need to send a sequence of bytes, complete, in order, and with no errors. The OS handles sending TCP acknowledgement, request-for-retry, etc. packets that are sometimes needed and the programs can just send and receive the bytes.

Networking is divided into “layers”. Ports are part of TCP, which is one of the top “layers” of networking.

For the purposes of this discussion, the layers we’re interested in are Ethernet, IP and TCP. Also, for the purposes of this discussion, everything is a “computer”, regardless of what it does or how powerful it is. Also, all data travels as “packets”, which are blobs of about 1000 bytes of information.

Ethernet is responsible for getting a packet from one computer to a computer it is directly connected to with via a cable. The details here aren’t super important, but Ethernet is how data travels a single “hop” within a network. There are a bunch of other protocols that can do this, too, but Ethernet is almost certainly what any wired connection in your house uses.

But for computers to talk across a network, a packet will generally have to travel across several “hops”. The Internet Protocol, or IP, is how that happens. When you send a packet, you include an IP address. The computers within the network are clever enough to look at the IP address and “route” the packet through the network to its destination. Essentially, an IP address is a number used to identify *which computer this packet should be delivered to.*

Cool, so using IP, we can get any packet we want to any computer we want. But there’s a problem. I have a computer that I’ve set up to be a Minecraft server, but I’m also using the same computer to run my TeamSpeak server, so we can all talk to each other as we play. When my computer sends a packet to the server, how will the server know whether that packet is meant for Minecraft or TeamSpeak?

The answer is *port numbers*. If an IP address identifies a computer, a port number identifies which program running on that computer that packet is for. This is part of what TCP does. When my computer wants to send a command to the Minecraft server, it just tags it with the “port number” 25565. When my computer wants to send a query to the TeamSpeak server, it tags it with “port number” 10011. That way, the server can sort out which packets are for which program.

A program doesn’t have to “make a port.” When a program starts up, and it wants to accept incoming network traffic, it just says, “Hey, operating system, if any info comes in labeled ‘port 80’, can you please send it my way?” If no running program already has dibs on that port, the OS can say, “Sure thing.” Now, any packets that arrive at the computer with that port number get delivered to the correct program.

There’s a very good analogy to this with the postal system. A packet in a network is like an envelope in the postal system. The street address on the envelope identifies a specific house, just like an IP address identifies a specific computer. The name on the envelope identifies a specific recipient within the house, just like the port number identifies the specific recipient within the computer.

The idea of “a port” is kind of misleading. It’s just a numeric tag on a packet.

Wow, no-one explaining like he’s five… It’s all very correct but still too complicated for a five-year-old.

Think of a computer as an appartment building and the network card is the front door. Data comes through the front door like packages. The appartment building address is the IP address and the appartment number is the port number.

The package has a destination: address and appartment number (= IP address and port number). It also has a return address written on it in the same format, that’s how replies are sent.

Obviously there’s more going on (read the other answers) but this is the gist of it.

* Imagine a business office.
* Nearly every business has the same kinds of employees:
* CEO
* IT
* Lawyer
* Accountant
* Say you need to send something to a business’s accounting office.
* You don’t know the name of the accountant but you know that the thing you’re mailing has to go to them.
* So you send the mail to the businesses address and right next to the address you also put “Attention: Accounting”.
* So once the mail gets to the company, the mail-room knows to give it to the accountant.
* That’s exactly what ports on your computer do.
* When you are trying to access a website, your browser sends a request to the server.
* But the computer running the web server might be running other servers too, so your web-browser adds a little label that says “this data is for the web server”.
* This is what “port 80” is. It’s just a label added to the data to tell the computer what application it should forward the data to.
* The people who make web-servers and web-browsers (and lots of other internet applications) got together and said “we all agree that this port # will indicate this kind of application”.