Random Port Generator
Instantly generate random, available port numbers, avoiding well-known services and common development ports.
Random numbers are generated using the browser's cryptographic random number generator (crypto.getRandomValues) and are unique. You should check on your server whether the ports are actually available.
If "Avoid well-known/common ports" is enabled, ports from this table will be excluded from the generated results.
What is the Random Port Generator?
Tired of the 'address already in use' error shutting down your workflow? Stop guessing and get a port number that just works. This random port generator instantly finds collision-resistant ports for your development servers or Docker containers. It intelligently avoids standard services and common dev tools to suggest numbers that are likely free. Generate one or many, from dynamic ranges or your own custom scope. It's free, runs entirely in your browser, and requires no installation.
How to use
- Select a port range, such as "Dynamic 49152–65535", or choose "Custom" to define your own.
- Enter the desired "Count (1–200)" of port numbers to generate.
- Optionally, enable "Avoid well-known/common ports" to exclude standard service ports, and "Sort ascending" for an ordered list.
- Click the "Generate Ports" button to see a unique list of random ports in the result field.
- Use the "Copy" button to copy the list to your clipboard, or "Save" to download it as a ports.txt file.
Random Port Generator guide
How this tool is used in real work, and what to watch out for.
What the three port ranges mean, and where to run your dev server
IANA, the organization that manages internet standards, divides the 65,535 port numbers into three ranges. The tabs at the top of the tool correspond to these ranges.
But there's a trap here. The Dynamic/Private range is officially designated for operating systems to use for temporary, or "ephemeral," outbound connections. However, the default ephemeral port range on Linux is often 32768–60999, which significantly overlaps the registered and dynamic ranges. If you run a server on a port in this range, another process's outbound connection might grab that port before your server starts. This leads to intermittent "Address already in use" errors during reboots or redeploys—a frustrating bug that's hard to reproduce.
| Range | Ports | Description |
|---|---|---|
| Well-known Ports | 1–1023 | Standard services like HTTP (80) and SSH (22). Requires root privileges on Linux. |
| Registered Ports | 1024–49151 | Services like MySQL (3306). Registration is conventional; anyone can use them. |
| Dynamic/Private Ports | 49152–65535 | Assigned by the OS for temporary client-side connections. |
Why ports below 1024 require root and how to handle it in practice
On Linux, ports below 1024 are considered privileged and require root permissions to bind. This is a legacy security measure to prevent any user from starting a fake web server on a standard port like 80. However, running your web application as the root user is the worst possible choice — if your app is compromised, the entire server is compromised.
In practice, the standard solution is to run the application on a non-privileged port (like one in the 3000s) and use a reverse proxy like Nginx to listen on ports 80 and 443 and forward traffic to your app. The ports you generate with this tool are typically used for that "backend" service.
# Method 1 (Recommended): Nginx handles 80/443, app runs on a non-privileged port
# proxy_pass http://127.0.0.1:3000;
# Method 2: Grant bind capability to the executable
sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/bin/node
# Method 3: Grant capability to a systemd service
# [Service]
# AmbientCapabilities=CAP_NET_BIND_SERVICE
Debugging Port Conflicts
"Address already in use (EADDRINUSE)" is one of the most common errors a developer will encounter. Following these steps will usually solve the problem in under a minute.
- The most common culprit is your own process. Check if a previously launched nodemon or pm2 process is still running.
- If no process is using the port but you still get the error, the port may be in a TIME_WAIT state. This means a connection from a recently terminated server is still being cleaned up and will be released shortly. For dev servers, you can often avoid this using the SO_REUSEADDR socket option.
- On macOS, if port 5000 is unavailable, it's likely being used by the system's AirPlay Receiver feature. This is why 5000 is included in the reference table.
- If the server starts correctly but you can't connect, the issue is likely your firewall, not the port. Check if your cloud provider's security group allows traffic on that port.
# Linux/macOS — who is using port 3000?
ss -ltnp | grep :3000
lsof -i :3000
# Windows
netstat -ano | findstr :3000
taskkill /PID 12345 /F
# Check Docker too (containers often hold ports)
docker ps --format '{{.Names}}\t{{.Ports}}'
What "Avoid well-known/common ports" Does (and Doesn't Do)
When this option is enabled, ports listed in the reference table below are excluded from the results. This includes conventional ports like 3306 (MySQL), 6379 (Redis), 5432 (PostgreSQL), 3000 (Node/Grafana), 5173 (Vite), and 8080. This helps prevent you from accidentally choosing the default Redis port for your app, only to find you can't run Redis later.
However, this table only covers about 60 of the most common ports. It has no way of knowing about ports already in use within your company, ports occupied by system agents, or ports reserved by other teams. This tool generates candidates that are unlikely to clash by convention, but you must always verify on the server that a port is actually available.
How to Manage Ports Within a Team
Once you start running multiple services, ports can get tangled quickly. Establishing a convention is often easier in the long run than picking ports at random. For example, you could assign ranges like 31xx and 32xx to different teams, who then document their service ports within a shared document. This tool can then be used with the "Custom" range to find an available port within your team's assigned block.
By increasing the count and enabling "Sort ascending," you can generate a clean list of ports that can be saved as a .txt file. This is useful for allocating ports for several new projects at once.
- If you use containers, you can avoid host port conflicts altogether. Inside their containers, all services can use the same standard port; you only need to map them to different, unique ports on the host when you expose them.
- A port number is not a secret. The idea that "security through obscurity" by using an unusual port will keep you safe is false; automated scanners will find it in minutes. Real security comes from proper authentication and firewalls.
- This tool uses a cryptographically-secure, unbiased random number generator to pick unique ports. However, unpredictability is rarely a requirement for port selection—the primary goal is simply to avoid collisions.
Frequently asked questions
Why should I avoid ports below 1024?
Ports 1-1023 are 'Well-known Ports' reserved for standard services like HTTP (80) and SSH (22). Using them on Linux or macOS typically requires administrator (root) privileges and can cause system conflicts.
Is a generated port guaranteed to be available?
No. This tool suggests ports that are *likely* to be free. Another program on your local machine could already be using a generated port. If you get a 'port in use' error, simply generate a new number.
What does 'Avoid well-known/common ports' exclude?
It excludes more than just standard system ports. The filter also removes ports used by common databases (MySQL, Postgres), dev tools (Node.js, Vite), and services. See the 'Major Port Reference' table for the full list.
How truly random are the generated port numbers?
They are cryptographically secure. The tool uses your browser's `crypto.getRandomValues` function for high-quality, unpredictable random numbers. All ports generated in a single batch are guaranteed to be unique.