Argthtjtr

When I connect to https://www.google.co.uk this changes to 216.58.198.228:443. Then a connection to me opens on [My IP Address]:63998.

My question is how is 63998 port choosen and is there a way of forcing it to be 63999.

How are local ports determined

The port number is chosen by the TCP implementation software from a range of port numbers called Ephemeral Ports.

The exact mechanism for choosing the port number and the range to be used is Operating System dependent.

Is there a way of forcing it to be 63999.

This can be done by changing the configuration of the TCP implementation software.

Instructions on configuring the Ephemeral Ports range for a variety of different Operating Systems can be found at Changing the Ephemeral Port Range.

• Instructions for Linux and Windows are included in this answer below for reference.

However, it is not a good idea to restrict the range to a single port, for example 63999.

• 
  

  In fact on Windows this is not possible as:

  
  
  

  
  

  The minimum range of ports that can be set is 255.

  
  

  
  

The Ephemeral Port Range

A TCP/IPv4 connection consists of two endpoints, and each endpoint
consists of an IP address and a port number. Therefore, when a client
user connects to a server computer, an established connection can be
thought of as the 4-tuple of (server IP, server port, client IP,
client port).

Usually three of the four are readily known -- client machine uses its
own IP address and when connecting to a remote service, the server
machine's IP address and service port number are required.

What is not immediately evident is that when a connection is
established that the client side of the connection uses a port number.
Unless a client program explicitly requests a specific port number,
the port number used is an ephemeral port number.

Ephemeral ports are temporary ports assigned by a machine's IP stack,
and are assigned from a designated range of ports for this purpose.
When the connection terminates, the ephemeral port is available for
reuse, although most IP stacks won't reuse that port number until the
entire pool of ephemeral ports have been used.

So, if the client program reconnects, it will be assigned a different
ephemeral port number for its side of the new connection.

Source The Ephemeral Port Range

Changing the Ephemeral Port Range

Linux:

Linux allows you to view and change the ephemeral port range by simply
using the file /proc/sys/net/ipv4/ip_local_port_range. For example,
this shows the default configuration on a kernel 2.2 system:

$ cat /proc/sys/net/ipv4/ip_local_port_range 

1024 4999

To change this to the preferred range, you could do (as superuser):

# echo "49152 65535" > /proc/sys/net/ipv4/ip_local_port_range 

Note that you would need to do this each time the system boots, so be
sure to add a line to a system startup script such as /etc/rc.local
so your range is always used.

Also note that the Linux 2.4 kernel will default the range of 32768
through 61000 if adequate kernel memory is available, so changing the
range may not be necessary on newer Linux systems.

Finally, also note that you may be able to use the sysctl interface
to change the settings rather than using the /proc filesystem. The
name of the sysctl parameter is "net.ipv4.ip_local_port_range".
Edit the /etc/sysctl.conf file if you have it, or have a startup
script run the sysctl command manually if you want to change this
parameter using sysctl.

Windows Vista/Windows Server 2008 and newer:

As of Windows Vista and Windows Server 2008, Windows now uses a large
range (49152-65535) by default, according to Microsoft Knowledgebase
Article 929851. That same article also shows how you can change
the range if desired, but the default range is now sufficient for most
servers.

Source Changing the Ephemeral Port Range

You can view the dynamic port range on a computer that is running
Windows Vista or Windows Server 2008 computer by using the following
netsh commands:

netsh int ipv4 show dynamicport tcp

netsh int ipv4 show dynamicport udp

netsh int ipv6 show dynamicport tcp

netsh int ipv6 show dynamicport udp 

Notes:

• The range is set separately for each transport and for each version of IP.


• The port range is now truly a range with a starting point and with an endpoint.


• Microsoft customers who deploy servers that are running Windows Server 2008 may have problems with RPC communication between servers
  if firewalls are used on the internal network.


• In these cases, we recommend that you reconfigure the firewalls to allow for traffic between servers in the dynamic port range of 49152
  through 65535.


• This range is in addition to well-known ports that are used by services and by applications.


• Or, the port range that is used by the servers can be modified on each server.

You adjust this range by using the netsh command, as follows:

netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range

This command sets the dynamic port range for TCP. The start port is
number, and the total number of ports is range. The following are
sample commands:

netsh int ipv4 set dynamicport tcp start=10000 num=1000

netsh int ipv4 set dynamicport udp start=10000 num=1000

netsh int ipv6 set dynamicport tcp start=10000 num=1000

netsh int ipv6 set dynamicport udp start=10000 num=1000

These sample commands set the dynamic port range to start at port
10000 and to end at port 10999 (1000 ports).

Notes:

• The minimum range of ports that can be set is 255.


• The minimum starting port that can be set is 1025.


• The maximum end port (based on the range being configured) cannot exceed 65535.


• To duplicate the default behavior of Windows Server 2003, use 1025 as the start port, and then use 3976 as the range for both TCP and
  UDP. This results in a start port of 1025 and an end port of 5000.

Source Microsoft Knowledgebase Article 929851:

Windows XP and older:

For older Windows operating systems (Windows XP and older), Windows
uses the traditional BSD range of 1024 through 4999 for its ephemeral
port range. Unfortunately it appears that you can only set the upper
bound of the ephemeral port range. Here is information excerpted from
Microsoft Knowledgebase Article 196271:

• Start Registry Editor (Regedt32.exe).


• 
  

  Locate the following key in the registry:

  
  
  

  HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters

  
  


• 
  

  On the "Edit" menu, click "Add Value", and then add the following registry value:

  
  
  

  Value Name: MaxUserPort Data Type: REG_DWORD Value: 65534 (for
  example)

  
  
  

  Valid Range: 5000-65534 (decimal) Default: 0x1388 (5000 decimal)

  
  
  

  Description: This parameter controls the maximum port number used
  when an application requests any available user port from the system.
  Normally, ephemeral (that is, short-lived) ports are allocated between
  the values of 1024 and 5000 inclusive.

  
  



• Quit Registry Editor.

Note: There is another relevant KB article (812873) which claims
to allow you to set an exclusion range, which could mean that you
could exclude ports 1024-9999 (for example) to have the ephemeral
port range be 10000-65534. However, we have not been able to get
this to work (as of October 2004).

Source Changing the Ephemeral Port Range

David Postill's answer is perfectly right. I would like just to add to it, by stressing that changing the ephemeral port range in Linux is so simple, that the OP has an affirmative answer.

You change the EPR as follows:

echo "40000 60000" > /proc/sys/net/ipv4/ip_local_port_range 

and you can select port 50000 (as an example) with the following script:

OLD_RANGE=$(cat /proc/sys/net/ipv4/ip_local_port_range)

MY_PORT=50000

echo "$MY_PORT $MY_PORT" > /proc/sys/net/ipv4/ip_local_port_range

sudo -u SomeUser SomeApplication  & 

echo $OLD_RANGE" > /proc/sys/net/ipv4/ip_local_port_range 

One caveat here: since there is a single port in the range, another application might snatch it away from you between the execution of the third and the fourth lines above; also, even if there is no race condition, you will paralyze all other applications until you restore a large EPR, which is why I restored the original range as soon as possible.

Thus, if the OPs' operating system had been Linux, the answer would have been that it could easily be done.

Amazingly, this is not as straightforward on BSDs, some of which do not even have a runtime kernel setting for the EPR. MacOS X, FreeBSD and OpenBSD require modifying the file /etc/sysctl.conf, but they have different choices for the EPR.

Regardless of the above and of the OS, the fact that something can be done does not mean it ought to be done: why on Earth do you need this? I cannot think of a single use case.

It's worth adding that Linux kernel also has

net.ipv4.ip_local_reserved_ports

knob that does somewhat opposite but nevertheless it might be very useful because that way you can "punch a hole" for services that open specific port(s) in otherwise ephemeral range of ports.

Brief excerpt from the docs:

Specify the ports which are reserved for known third-party
applications. These ports will not be used by automatic port
assignments (e.g. when calling connect() or bind() with port
number 0). Explicit port allocation behavior is unchanged.

The format used for both input and output is a comma separated
list of ranges (e.g. "1,2-4,10-10" for ports 1, 2, 3, 4 and
10). Writing to the file will clear all previously reserved
ports and update the current list with the one given in the
input.