Passive vs. Active FTP
FTP has two ways to transfer data, called active and passive FTP. Traditionally, FTP uses the active process?let's see how this works. Remember that FTP uses TCP ports 20 and 21?
Well, when your client sends an FTP request, it goes out on port 21. However, when your FTP server responds, it sends the data back using an ephemeral destination port and port 20 as a source port.
Active FTP works great unless your client uses NAT. Since your client didn't initiate the incoming port 20, your NAT router has no idea where to send this incoming packet. No problem! Good FTP clients all support passive FTP. With passive FTP, the server doesn't use port 20. Instead, it sends back the packet using the ephemeral source port used by the client as the destination port and uses another ephemeral port for the source port. This way the NAT router knows where to send the packet.
The only trick to passive FTP is that the client needs to expect this other incoming data. When you configure an FTP client for passive, you're telling it to expect these packets.
NOTE TFTP is used for transferring files and has a similar-sounding name to FTP, but beyond that it is very different. TFTP uses UDP port 69 and does not use user names and passwords, although you can usually put some restriction based on the client's IP address. TFTP is not at all secure, so never use it on any network that's less than trustworthy.
Use this table as a review tool to help you remember each Internet application.
|HTTPS||TCP||443||The Web, securely|
|SSH||TCP||22||Secure terminal emulation|
In this tutorial:
- TCP/IP Applications
- Transport Layer Protocols
- The Power of Port Numbers
- Registered Ports
- Connection Status
- Rules for Determining Good vs. Bad Communications
- Common TCP/IP Applications
- Publishing Web Pages
- Web Servers and Web Clients
- Secure Sockets Layer and HTTPS
- Telnet Servers and Clients
- Configuring a Telnet Client
- Rlogin, RSH, and RCP
- SSH and the Death of Telnet
- SMTP, POP3, and IMAP4
- Alternatives to SMTP, POP3, and IMAP4
- E-mail Servers
- Passive vs. Active FTP