Networking / Beginners

---

Passive vs. Active FTP

FTP has two ways to transfer data, called active and passive FTP. Traditionally, FTP uses the active process?let's see how this works. Remember that FTP uses TCP ports 20 and 21?

Well, when your client sends an FTP request, it goes out on port 21. However, when your FTP server responds, it sends the data back using an ephemeral destination port and port 20 as a source port.

Active FTP works great unless your client uses NAT. Since your client didn't initiate the incoming port 20, your NAT router has no idea where to send this incoming packet. No problem! Good FTP clients all support passive FTP. With passive FTP, the server doesn't use port 20. Instead, it sends back the packet using the ephemeral source port used by the client as the destination port and uses another ephemeral port for the source port. This way the NAT router knows where to send the packet.

The only trick to passive FTP is that the client needs to expect this other incoming data. When you configure an FTP client for passive, you're telling it to expect these packets.

NOTE TFTP is used for transferring files and has a similar-sounding name to FTP, but beyond that it is very different. TFTP uses UDP port 69 and does not use user names and passwords, although you can usually put some restriction based on the client's IP address. TFTP is not at all secure, so never use it on any network that's less than trustworthy.

Internet Applications

Use this table as a review tool to help you remember each Internet application.

Application	TCP/UDP	Port	Notes
HTTP	TCP	80	The Web
HTTPS	TCP	443	The Web, securely
Telnet	TCP	23	Terminal emulation
SSH	TCP	22	Secure terminal emulation
SMTP	TCP	25	Sending e-mail
POP3	TCP	110	E-mail delivery
IMAP4	TCP	143	E-mail delivery
FTP	TCP	20/21	File transfer
TFTP	UDP	69	File transfer