[Linux] FTP Active Mode and Passive Mode


Writing time : 2015-12-27 01:10:59

FTP Active Mode and Passive Mode

Difference between Active Mode and Passive Mode


Since FTP requires a port to send and receive commands and a port to send and receive data, two ports are used. The difference between Active Mode and Passive Mode is classified according to whether the server or the client attempts to access the port to send and receive data. do.

In Active Mode, the server tries to access the port to send and receive data from the server to the client.
From the server's point of view, it is called Active Mode because it actively tries to connect.

Passive Mode attempts to connect to a client that sends and receives data.
From the server's point of view, it is called passive mode because it waits passively.

Active Mode


In Active Mode, the server usually communicates using port 21 for commands and port 20 for data.

The client tries to connect to the server's command port (21) with a specific port over 1024, for example, port 5000, and makes the command port +1, that is, port 5001, a listening state.

The 5001 port made in the listening state is used for sending and receiving data when communication of commands is completed.

The server accepts commands on port 20 and attempts to connect to send data to port 5000 +1, that is, port 5001 connected by the client.

As mentioned above, since the client is already listening to port 5001, data communication starts.

The disadvantage of Active Mode is that the server tries to connect to the client, so communication may fail due to the client's firewall.

So, Passive Mode was added to complement this.

Passive Mode


Passive Mode attempts to connect from the client to the server for data communication.

At this time, the server must open a separate port except for the 20 port for Acive Mode to handle the client's connection.

The disadvantage of Passive Mode is that the server has to open additional ports to handle client data port access in addition to ports 20 and 21.

Firewall related


In Active Mode, only ports 20 and 21 need to be excluded from the firewall.

For passive mode data communication, additional ports accessed by clients should not be excluded from the firewall.

References


http://guru4u.tistory.com/entry/FTP-%EC%95%8C%EC%95%84%EB%B3%B4%EA%B8%B0-PORT-Ftp-modeActive-Passive

Previous post

Next post

Other posts in the category