FTP Mode-Simple: PORT/PASV/EPRT/EPSV

There are two modes of common ftp: PORT (Active mode), PASV (passive mode).

Port mode:

1 2 3 4

When the FTP client connects to the FTP server in port mode, it dynamically selects a port X (note that the port must be more than 1024, since the port of 1024 was already defined beforehand and used by some typical services, of course some have not yet been used,          It is also reserved for resource services that use these ports to connect to port 21 of the FTP server, and the connection (control channel) is established after three handshake of TCP. Now that the user wants to list the directory structure on the FTP server (using the ls or dir command), the first step is to establish a data channel, because only the data channel can transfer the directory and file list, at which point the user will issue a port command to tell the FTP server to connect to its port Y to create a data channel (this command is sent to the server by the control channel).      When the FTP server receives this directive, FTP server uses port Y, which the user specifies in the port directive, using 20 ports to send a list of directories. When this is done, the FTP client may be downloading a file, and then a GET command is issued, notice that the client sends the port command again to tell the server which "new" port to connect to. (You can use Netstat-na this command to verify that the last use of Y is already in the TIME_WAIT state.) When this new data transmission channel is established (in Microsoft's system, the client will usually use a continuous port, which means that this time the client will use the port of y+ 1), the file transfer work began.

PASV mode:

The process of connecting to an FTP server is the same as the port mode during initialization of the connection.      However, when the FTP client connects the FTP SERVER,FTP client in PASV mode to send commands such as LS, dir, get, and so on, when the data is returned, the situation is somewhat different. The FTP client does not send the port directive to the server but sends the PASV instruction, in which the client tells the FTP server to connect to one of the ports of the server: 1 > If this port on this server is free, the server will return AC K's confirmation information, the data transmission channel is then established and returns the information (according to the instructions sent by the user, such as LS, dir, get, etc.) 2 > If the server's port is used by another resource, the server returns unack information, then the FTP client sends      Send the PASV command, which is called the connection established by the negotiation process. In order to verify this process we have to use CuteFTP Pro this FTP client software, because Microsoft's own FTP command client, does not support PASV mode. Although you can use the quote PASV command to force PASV mode, when you list the server directory with the LS command, you will find that it uses port to connect to the server.

PS: For more detailed instructions, please refer to http://www.microsoft.com/china/community/Column/70.mspx

Why the EPRT/EPSV mode appears:

FTP provides only the ability to make data communications on IPV4, based on the assumption that the network address is 32-bit. However, when IPv6 appeared, the address was much longer than the 32-bit. The original extension to FTP can sometimes fail in a multi-protocol environment. We must extend the FTP again for IPV6.

Eprt and EPSV are shorthand for extended PORT/PASV.

Eprt mode:

Eprt considering the extended address problem of the data connection, the extended address must include network protocols as well as network and transport addresses. The format is as follows: eprt< Space ><d>< Network protocol ><d>< Network address ><d><tcp Port ><d> eprt followed by spaces, The space must be followed by the delimiter <d> the delimiter must be within the range of 33 to 126 of ASCII. Recommended to use | Unless it already has it used. A network protocol is a number that indicates what protocol is being used. The specific data are as follows: 1 =ipv4 2 =ipv6; The network address is the corresponding address under the specified network protocol, under IPV4 and IPV6, respectively, in the following format: ipv4= 132.235. 1.2 ipv6= 1080:: 8:800:200c:417a TCP port refers to the TCP port on which the protocol listens for data connections. Here are two examples of EPRT commands: eprt | 1 | 132.235. 1.2 | 6275 | eprt | 2 | 1080:: 8:800:200c:417a| 5282 | The first command opens the host "132.235.1.2" with IPv4 on TCP port 6275, and the second command opens the host "1080::8:800:200c:417a" with IPv6 on TCP port 5282. After receiving the legitimate EPRT command, the server must return 200 (the command is valid). Standard error Codes 500 and 501 are enough to handle most errors, but you need an error code, code 522 specifies that the server does not support the requested network protocol, and the new error code is interpreted as follows: 5yz  exchange information End x2z  Connection xy2  Extended Port Error: The text portion of an unknown network protocol       response must indicate what protocol the server is running, and the format of the response string is as follows: < description string > /for unsupported Network (protocol 1, Protocol 2, ..., protocol N) The above digital code and the protocol information in parentheses are received by software automatic control to receive the response, while in the digital Code and ' (') between the content for human users to process. The protocols in the subsequent protocol table should be separated by commas. Here are two examples of response strings: network protocol not supported,  USE&NBsp (1) network protocol not supported,  use  (1, 2)

EPSV mode:

The EPSV format is as follows: epsv< Space >< Network protocol > If the requested network protocol is supported by the server, you must use this Protocol; if not, return 522. Finally, the EPSV command can use the parameter "all" through the network address translator, and the EPRT command is no longer used. Here is an example: epsv< space >all After receiving this command, the server rejects all connection-setting commands except EPSV. For all FTP transmissions that establish control and data connections between two identical machines, EPSV must be used. Use it to reduce the impact on efficiency through firewalls and network address translators (NAT). Some articles recommend using passive commands behind firewalls, so firewalls do not normally allow active connections. The EPSV command defined in this article does not require NAT to change the network address when it is transferred. If you use Eprt,nat you must change the network address. If the customer sends a "epsv all" command, NAT can turn the connection into a quick way, and you don't need to change the data portion of the data segment as long as you don't use EPRT. If the customer wants a two-way FTP transfer, this command should be used, and if the client later needs to establish three FTP transmissions, a new FTP session must be opened.      EPSV requests that the server listen on a data port for waiting connections, which can take parameters. The response to it is the TCP port number. The format of the response is very much like the eprt parameter. This is a great convenience for implementation. The response also leaves the network protocol and/or network address vacant for later use. The response code that uses the extended address for passive mode must be 229, which is interpreted as follows: The passive mode response of the 2yz  active completion x2z  connection xy9  is as follows: < indicates that the server has entered a passive mode of initial expansion >  /(<d><d><d><tcp port ><d>) The string enclosed in parentheses must be the port where the EPRT opens the data connection. As you can see, there is no more to say. The protocol used by the data connection must be consistent with the protocol and address used to control the connection, and here is an example of the response: entering extended passive mode  (| | | 6446 |) standard error code 500 and 501 is enough for EPSV (EPSV is not supported). When the EPSV command does not use parameters, the server chooses the network protocol used by the data connection based on the protocol used to control the connection. But in a proxy, this mechanism may not be appropriate. So the customer also needs to be able to request a specified protocol. If the server returns stating that it does not support this protocol on the specified port, the customer must send the Abor (abort) command to shut the server down, and then the customer will use the EPSV command to request a specific network protocol, in the following format: SOURCE Http://hi.baidu.com/1986baby/item/cace6cb6746f61a7eaba93c6