FTP is an unusual protocol in that it uses two ports
TCP PORT 20 ( DATA PORT)
TCP PORT 21 (CONTROL PORT)
(FTP is superior to HTTP for transferring large files because it uses different ports for command and data)
Active FTP :- The client initiates a connection on the server’s command port. The server then initiates a connection with the client from its data port.
Passive FTP:- The client initiates both connections with the server, which remains “passive”.
Active FTP may cause problems if your client is behind a firewall. From the firewall’s point of view, the FTP server that is trying to initiate a connection with your client looks like an intruder and is usually blocked. This is why many users have difficulty using FTP to download files from behind a firewall.
The sequence of events for active FTP is:
- Your client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as 'ls' and 'get' are sent over this connection.
- Whenever the client requests data over the control connection, the server initiates data transfer connections back to the client from port 20 of the server, and the destination port is a high port (greater than 1024) on the client.
- Thus the ls listing that you asked for comes from port port 20 of server to high port on client (not on the port 21 on which the client made request).
Passive FTP works differently:
- Your client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as ls and get are sent over that connection.
- Whenever the client requests data over the control connection, the client initiates the data transfer connections to the server. The source port of these data transfer connections is always a high port on the client with a destination port of a high port on the server.
ACTIVE FTP is default in WINDOWS
PASSIVE FTP is default in LINUX
