However, since the server is expected to receive a greater number of connection requests compared to a client, then it would be logical for the server admin to adapt to the situation and open up a selection of ports to satisfy passive mode configurations. It's possible for the server side to have a firewall too. That's because the client will be the one initiating the connection, something that a client-side firewall won't have any problem with. In this particular scenario, a passive configuration will not pose a problem. As a result, an attempt to connect to it will be blocked by the firewall and no connection will be established.
So chances are, that port wouldn't be one of those predefined ports. Remember that in an active mode configuration, the server will attempt to connect to a random client-side port. In such cases, only a select number of predefined ports are going to be accessible from the outside. In most cases, clients are located behind a firewall or a NAT (which basically functions like a firewall). But threats to information security are on the rise and hence the presence of firewalls is almost always a given. There shouldn't be any problem had there not been any firewalls in existence. Here, the server specifies which server-side port the client should connect to and the client initiates the connection. Meaning, the client initially specifies which client-side port it has opened up for the data channel, and the server initiates the connection.īy contrast, in the passive mode, the second arrow is pointing to the server. In the active mode, the second arrow is pointing to the client. In this section, we'll focus on those second arrows and the ports associated with them. If you compare those two diagrams, one of the things that should really stand out are the opposing directions at which the second arrows (which also represent the data channels) are pointing to. I wanted to focus on the main difference between active mode and passive mode FTP data transfers. There's a reason why I opted to simplify those two diagrams above. Once connection is established, data transfers are made through these client and server ports.Īctive Mode vs Passive Mode FTP: Which Is More Suitable For You?
It sends the PORT command, specifying what client-side port the server should connect to.
ACK replies) have been omitted to simplify things. Here's a simplified explanation on how an active mode connection is carried out, summarized in two steps. Active FTP was introduced in the early days of computing when mainframes were more common and attacks to information security were not as prevalent. Active Mode FTPĪmong the two connection modes, active mode is the older one. We'll include client-side FTP ports in our discussion in a short while. Note that the FTP ports we are referring to up to this point are only the ports on the server side. But if you choose passive mode, then the port that will be used will be a random port. If you choose active mode, then the data channel will normally be FTP port 20. The FTP port you'll use for the data channel, on the other hand, can differ depending on which data transfer mode you choose. Unless you configure your FTP server differently, you will normally set your command channel to use FTP port 21.