Overview

This section explains how the FTP (File Transfer Protocol), a protocol for transferring files, works; FTP uses two TCP connections to control file transfer.

What is FTP?

FTP (File Transfer Protocol) is, as the name implies, “a protocol for transferring files. HTTP/HTTPS is often used to transfer files, but FTP offers more sophisticated file transfer features such as user authentication and the ability to transfer multiple files at once. If you run a website, you will probably use FTP to upload/download site content to/from your web server.

The files to be transferred will almost certainly be fragmented. FTP uses TCP at the transport layer to split files and ensure that file fragments can be transferred.FTP establishes two TCP connections. The well-known port numbers are TCP20 and TCP21.

Such FTP specifications are defined in RFC959.

Figure: FTP Overview
Figure: FTP Overview

How FTP works

Two TCP connections of FTP

FTP uses two TCP connections. The well-known ports of the FTP server for these two connections are “20” and “21”. Port 20 is the data transfer connection and port 21 is the control connection.

The control connection exchanges commands from the FTP client and response codes from the FTP server to the commands. A command is a request from the client to the server. The various commands inform the server of the user name, password, IP address, port number, and files to be downloaded or uploaded. The response code is a three-digit number that indicates the result of the server’s processing of the client’s command.

File data is transferred over data transfer connection. Since the size of file data is almost always larger than the TCP MSS, file data is fragmented and transferred over TCP.

Figure: FTP Two Connections
Figure: FTP Two Connections

Active and passive mode

FTP has two modes: active mode and passive mode. The difference between these two modes is the port number on the server side of the data connection and the direction in which the connection is initiated.

What we have described so far is the active mode. Initiate the data connection from the FTP server with TCP20. In passive mode, on the other hand, data transfer connection is also established from the client side. The port number of the FTP server is randomly determined.

FTP Mode FTP Server Port number(Data)Direction of connection initiation
Active 20 From Server
PassiveRandomFrom Client
Table; FTP Active and Passive mode

The control connection is initiated from the FTP client to the FTP server in both active and passive mode; the port number of the FTP server is 21.

Figure: Active and Passive mode
Figure: Active and Passive mode

The passive mode is there because it takes into account the presence of a firewall between the FTP server and the FTP client. When transferring files between an FTP client on the internal network and an FTP server on the Internet, there is a firewall between the FTP client and the FTP server. In principle, firewalls block the establishment of TCP connections from the Internet side to internal clients.

Even in active mode, the FTP client can establish a control connection and log in to the FTP server. However, when trying to establish a data connection to transfer a file, the firewall blocks the connection and the file data cannot be transferred.

Figure: Data connection cannot be established in active mode
Figure: Data connection cannot be established in active mode

One solution to these problems is to change firewall policies. However, changing firewall policies is a security loophole. Therefore, passive mode is used. In passive mode, both control and data connections can be initiated from an internal FTP client, allowing the use of FTP servers on the Internet without changing firewall policies.

Summary

Points

  • FTP (File Transfer Protocol) is the protocol for efficient file transfers.
  • FTP has active and passive modes. The direction to initiate a TCP connection for data and the server port number are different.

FTP Mode FTP Server Port number(Data)Direction of connection initiation
Active 20 From Server
PassiveRandomFrom Client
Table; FTP Active and Passive mode