Asklemmy

A port is a convenience wrapper for the application space. That's really it. The networking stack delivers messages to the host, and then the kernel uses ports to distribute messages from there. Otherwise every application would need to parse out every network (or local) payload to determine if it is relevant or not. This obviously ends up with a lot of duplicate processing, thus port routing instead.

You have servers that provide some kind of resource or service, and clients that use those resources or services (will just say resource from now on).

Servers provide that resource using a port so clients will come ask for it using that port.

Sometimes servers can do multiple things, so they will provide multiple resources...maybe a web server hosting a web page is also an email server that can receive and send email too. They do those things using different ports to distinguish the kind of request it's getting.

On the client side, clients use source ports to distinguish which app asked for a resource. Think of your browser having 20 tabs open, each has it's own source port so your computer never gets confused which page goes to which tab.

I'm skipping a lot of things (ports flipping for replies, well known, etc), but that's the basics.

VPN: you give your mail to a dude who puts it in a plain suitcase and goes with it to the VPN company's HQ. Nobody knows whose mail he's got or where it's headed. When that dude gets to the VPN company's office he gives that envelope to another dude who carries it to the destination. If someone's peeping they can only see the dude going from your place to the VPN place or from the VPN place to the destination, not from your place to the destination.

If an IP address is like a building address for a mall, ports are like suite numbers of the different businesses inside the mall.

There are a few types of ports, but mostly you deal with tcp and udp. Tcp ports create a connection, udp is connectionless.