Explanation of PASSIVE (PASV) ftp and ACTIVE (Standard) ftp connections

The following describes an Active mode connection:

The client initiates a connection from a dynamically chosen port > 1024 to port 21 of the server
The server completes the connection to the client's control port (from port 21 to client control port > 1024)
The client tells the server which dynamically chosen port is the client data port (which is > 1024)
The server opens a TCP connection from port TCP/20 to the client's data port (> 1024)
The connection is then established where ftp commands are sent through the control session and transfers are sent through the data session.

Active mode transfer had problems with firewalls that do not allow a connection to be made from the server back to the client. To get around this they created Passive mode ftp.

The following describes a Passive mode ftp connection:

The client initiates a connection from a dynamically chosen port > 1024 to port 21 of the server
The server completes the connection to the client's contorl port (from port 21 to client port > 1024)
The server tells the client which dynamically chosen port is the server data port (not 20, it will be a port > 1024)
The client then opens a TCP connection from a dynamically chosen port > 1024 to the server's data port
The server completes the connection. Ftp commands are sent through the control session and transfers are sent through the data session.

Active mode ftp has two connections where 1 connection was initiated by the client and the other by the server.
Passive mode ftp has two connections where both connections are initiated by the client.

Some ftp clients will open multiple connections for speed reasons.

Add Feedback