Active FTP vs Passive FTP
FTP (File Transfer Protocol) is a set of Standard network rules (protocols), concerning the file transfer between two hosting computers over a TCP/IP-based network (a network that uses Transmission Control Protocol/Internet Protocol to deliver a stream of bytes from one computer to another) such as internet. FTP operates based on client/server principle, and it belongs to the Application level of the OSI model (Open Systems Interconnection model).
Usually, the FTP server, which stores files to be transferred, uses two ports for the transferring purpose, one for Commands and the other for sending and receiving Data. Requests from client computers are received at the port 21 of the server, which is exclusively reserved for sending Commands; therefore, it is called the Command Port. Once an incoming request is received, the data requested or uploaded by the client computer is transferred through a separate port referred to as a Data Port. At this point, depending on the Active or Passive mode of the FTP connection, the port number used for the Data Transfer varies.
What is Active FTP?
Active FTP connection mode is where Command connection is initiated by the Client, and the Data connection is initiated by the Server. And as the server actively establishes the data connection with the Client, this mode is referred to as Active. The Client opens up a port higher than 1024, and through it connects to the port 21 or the command port of the Server. Then the Server opens up its port 20 and establishes a data connection to a port higher than 1024 of the Client. In this mode, Client must set its firewall settings to accept all the incoming connections that are received at the opened port.
What is Passive FTP?
In the Passive FTP connection mode, the server acts entirely passively as the Command connection and the Data connection are both initiated and established by the Client. In this mode, Server listens for incoming requests through its port 21 (command port), and when a request is received for a data connection from the Client (using a high port), Server randomly opens up one of its High ports. Then Client initiates a data connection between the opened port of the Server and its own randomly selected port higher than 1024. In this mode, the Client does not have to change its firewall settings, as it only requires outgoing connections and the firewall do not block outgoing connections. However, the Server administrators must make sure that the Server allows incoming connections at all its opened ports.
What is the difference between Active FTP and Passive FTP?
The difference between the Active FTP and Passive FTP is based on who initiates the Data connection between the Server and the Client. If data connection is initiated by the Server, the FTP connection is active, and if the Client initiates the Data connection, FTP connection is passive.
Depending on the Active or Passive mode of the connection, port used for Data connection changes. In an Active FTP, data connection is established between port 20 of the Server and High Port of the Client. On the other hand, in Passive FTP, data connection is established between a High port of the Server and a High port of the Client.
When using an Active FTP connection, firewall settings of the Client must be changed to accept all incoming connection to the Client, while in Passive FTP connection, the Server must allow all incoming connections to the Server. Most FTP servers prefer the Passive FTP connection due to security issues.
Leave a Reply