FTP stands for File Transfer Protocol which is used to transfer files
from one host to another over TCP. RFC 959 lists all the details of FTP. It is
an application layer protocol and is used widely across the world for
transferring files.
FTP connections (what we read and know):-
FTP consists of 2 connections:-
1. Control Connection on port 21 of server
(Standard, can be changed)
2. Data Connection on port 20 of server (Standard,
can be changed)
Control
connection is established between port 21 of server and random port of client.
Once opened, this connection remains there unless closed by user or idle
timeout occurs.
Data
connection is established every time client sends a request using control
connection to server for data transfer. For every new Data connection, port
number changes. The new port number is negotiated on the control
connection.
NOTE:-
Not all the FTP commands use the Data Connection…
Here
is the list of FTP commands. Commands with (√ ) indicates that the command uses
data connection and commands with (X) indicates that the command doesn’t use
data connection.
Looking
at the above diagram, one could see that of all the commands available for FTP,
ratio of commands which use data connection to all commands is very less.
FTP
data transfer modes are of 4 types:-
· 1. Active
Mode (Also known as PORT based)
· 2. Passive
Mode (Also known as PASV based)
·
3. Extended
active mode to support NAT (EPRT)
·
4. Extended
passive mode to support NAT (EPSV)
Active
Mode:-
In this, client tells to the server on which client-port the data connection will be made. So client sends the port number with the command to the server. In PORT commands, port 20 is used by server for Data transfer.
In this, client tells to the server on which client-port the data connection will be made. So client sends the port number with the command to the server. In PORT commands, port 20 is used by server for Data transfer.
Passive
Mode:-
Sometimes client might be behind the firewall. In such cases, server cannot
directly connect to the client on the negotiated port. So for that Passive mode
is used. In Passive mode, any random port is used by server for Data
connection.
In this, Server sends the data connection port no. to client and then client
connects to that portnumber for data connection.
EPRT
and EPSV modes:-
These modes are to support FTP in case of IPv6 and NATing. More details about them can be found in FTP’s RFC document.
These modes are to support FTP in case of IPv6 and NATing. More details about them can be found in FTP’s RFC document.
Traffic flow examples for PORT and PASV
modes:-
Now
we will try to see what traffic flows in case of FTP connection.
Server’s
IP: 192.168.10.10
Client’s
IP: 192.168.10.11
Now
let us see what traffic flows when some request is sent by FTP-client to
FTP-server which uses data-connection for both Active and passive modes. Thing
to note here is that control connection is already established between client
and server. We will discuss what happens after that.
For Active mode:-
Once the user enters the
FTP request, ftp client needs to create a data connection to get the output
from the server. It first needs to negotiate the port. So it sends the command
“PORT” with client machine’s IP and port to which the data connection should be
made.
As seen from the above
diagram, client sends request to server and server responds back. Port is
successfully negotiated between them.
Next client sends the FTP
request on the control channel. Now server performs 3-way handshake with the
data port negotiated and then responds back with the output on the data
channel. Once the data-transfer is complete, the data-connection is terminated.
For each new FTP request,
a new data-connection is created.
For
Passive mode:-
In passive mode, the
client first informs server that it wants to open a passive mode
data-connection with the server. It sends “PASV” command to server on control channel.
Server responds back by sending the port to which it will open the data
connection.
As we can see from the
above diagram, server responds back with the IP and port number. 3-way
handshake occurs at this time for the data-connection.
Next client sends the FTP
request on the control-connection and server sends back the output on the
data-connection. Once the data-transfer is complete for that request, the
data-connection is terminated.
Conclusion:-
Considering the active and
passive modes, we can re-design the basic diagram of FTP to more advanced and
appropriate one as follows:-
This diagram now
appropriately lists about the FTP and the various connections in FTP.
