Does Linux have a system for reserving certain network ports for particular utilties, namely for a VM host to reserve for VMs?

I want to reserve certain port numbers on a VM host for use by the VMs themselves. Is there a mechanism by which the host can exclude those ports from being allocated to processes not related to the VMs by looking them up in a list or checking them against preset rules? If some other software requests a port without checking with the host it should find it blocked as though it is in use. The VMs themselves are also software running on the host so I guess they could be blocked themselves, so it should be more of a system reserving certain ports for some particular utilities used by the VM manager to allocate those ports. It could also be relevant for docker containers. Update: The VMs share the IP address with the host, and some incoming ports need to be forwarded to services running on the VMs or the containers. I don't know if the outgoing ports need to be reserved unless they will interfere with the listening services. I guess the iptables rules can distinguish them, or not.