-
Notifications
You must be signed in to change notification settings - Fork 51
Active vs. Passive FTP
This information is fairly easy to find in teh internets, but as I had never bothered to look into the details before working on FakeFtp (and since this was the most difficult part of writing the gem) I thought it would be helpful to add an explanation as to the differences between active and passive FTP upload.
FTP uses two sockets to process commands, a control connection and a data connection. The control connection is a socket through which FTP clients give commands and receive responses (success and error). This runs on the primary FTP port, 21 by default. The data connection is a secondary socket through which any necessary data is read or written. This is the connection that file bytes are written to, for instance. A lot of web pages say that this is generally port 20. Having looked at many server responses in the last few weeks, most servers pick their data ports from a range of free ports.
One interesting thing about this is that control and data don't have to be on the same machine, and they don't have to link to file stores. For example, an FTP client could send its data connection straight to a printer. A server could serve its control port from one IP address, but serve passive clients to a port on another IP.
When you upload a file using active FTP (the default of many clients), what happens is that the client opens a local port and tells the server to retrieve data from it. The server connects back to the client on a new socket, through which it retrieves the file.
client: hay! i gots soem filez!
server: ohai! ill connects to you and gets filez!
client: kthxbai!
If you are behind a firewall, this may be a problem.
Because of the fact that system administrators generally don't like to open ports in firewalls, Passive FTP was invented. In this scenario, the client asks for a new connection. The server either opens a new port or provides the info for one freed up from another client. The client then connects to this secondary port and sends its data there.
client: I HAS FILEZ!
server: Ok, fine. Put them here.
client: FIIIIIILEZZZZZZZ!
server: Dude. Chill out.
When you play around with the FTP protocol, you'll see lots of strings like this:
PORT 198,162,0,1,74,98
or
227 Entering Passive Mode (127,0,0,1,80,137)
This is an IP address and a port. The first four comma separated values signify an IP address. The fourth and fifth values designate a port, as follows:
(80 * 256) + 137
In this case, the port is 20617.