In the integration process, data may needs to be fetched from the FTP and in turn has to be published in the web or published in the ESB. I think knowing some internals about the protocol is required to do that. So here I am sharing the knowledge I have on FTP protocol.
FTP is acronym for File Transfer Protocol. It basically used to transfer the file between the FTP server and the FTP client based on the user privilege. By default ftp service is accessible on the port 21. Actually port 21 is called as control port. As per the initial definition of FTP, port 20 act as data port.
Now as per RFC959, either PORT or PASV command decides the data port. FTP is stateful protocol, means it keeps the state for a transaction at all the time. You can read more about the FTP in RFC959.
Coming to the point, to configure FTP connection as integration engineer, you must know, in what mode the FTP server is working. Because there are two different modes available in FTP, Active and Passive. In all the integration tools you can see these two modes as part of FTP connection palette, you have to choose either one. Some FTP server may work in both the modes, but some may not. So it is mandatory to know which one you supposed to choose. So let me explain what does that two modes mean and how does they differ from each other. Basically in the Active Mode, we can decide on which port the FTP server should send the file. But in the Passive Mode, FTP Server decides in which port the file going to be sent out.
Active Mode [PORT command]
Connect to:(08/24/2007 1:02:30 PM)
hostname=10.117.34.151
username=anand
startdir=
220 (vsFTPd 2.0.4)
USER anand
331 Please specify the password.
PASS ***********
230 Login successful.
SYST
215 UNIX Type: L8
FEAT
211-Features: EPRT EPSV MDTM PASV REST STREAM SIZE TVFS
211 End Connect ok!
PWD
257 "/home/anand" Get directory
TYPE A
200 Switching to ASCII mode.
PORT 10,117,34,225,5,190
200 PORT command successful. Consider using PASV.
LIST
150 Here comes the directory listing. Download Waiting for server...
226 Directory send OK
TYPE I
200 Switching to Binary mode.
PORT 10,117,34,225,7,31
200 PORT command successful.
Consider using PASV.
RETR CONFIG.SYS
150 Opening BINARY mode data connection for CONFIG.SYS (0 bytes). Download Waiting for server...
226 File send OK.
In the above FTP transaction all RED bolded lines are ftp commands. You can identify PORT commands in the transaction. PORT command accepts 6 octets delimited by comma. The first four represents ip address of the FTP server. Sometime it could be NAT address. The 5&6 octets represent 16-bit port number. Fifth octet contains higher order 8 bit address. Sixth octet contains lower order 8 bit address. So as per our example, LIST command output streamed in the port (5*256)+190=1470. And the download CONFIG.SYS ( RETR CONFIG.SYS), streamed in the port (7*256)+31=1823. In the FTP server output, you can find, "200 PORT command successful. Consider using PASV.", why because sometime requested port might not be available, so server says to consider PASV, that is nothing but Passive mode.
Passive Mode [PASV command]
TYPE I200 Switching to Binary mode.
PASV
227 Entering Passive Mode (10,117,34,151,236,100)
RETR CONFIG.SYS
150 Opening BINARY mode data connection for CONFIG.SYS (0 bytes). Download Waiting for server...
226 File send OK. Copied (08/24/2007 3:22:08 PM): ftp://10.117.34.151/home/anand/CONFIG.SYS -> c:\apps\CONFIG.SYS
The difference in this is, as you see visibly, server decides and says the port number, "227 Entering Passive Mode (10,117,34,151,236,100)". So CONFIG.SYS will be streamed in the port (236*256)+100=60516. Here the advantage is, as server decides the port number, the administrator can give the passive port number range in ftp server settings, and can exclude and open up those ports in firewall and can NAT the firewall with FTP server. So it could be concluded that it's better to choose Passive Mode, unless client says to use Active Mode. I hope this helps all of us to better understand Active and Passive Mode of FTP.
--
Anand
anand.sadasivam@googlemail.com
No comments:
Post a Comment