NTA only stores one of ports. The rule is following: "Not monitored or higher port number out of tuple [src_port; dst_port] is replaced by value 0, in meaning of random high port".
Example:
Conversation with src_port 80 (monitored) and dst_port 16542 (not monitored) is stored as 80-0, reported as http - random high port;
Conversation with src_port 1006 (not monitored) and dst_port 6343 (monitored) is stored as 0-6343, reported as random high port - sflow;
Conversation with src_port 6343 (monitored) and dst_port 80 (monitored) is stored as 0-80, reported as random high port - http;
Conversation with src_port 1006 (not monitored) and dst_port 16542 (not monitored) is stored as 1006-0 internally, reported as unmonitored application (port 1006) - random high port;