Active and passive are the two modes that FTP can run in. FTP uses two channels between client and server, the command channel and the data channel, which are actually separate TCP connections. The command channel is for commands and responses, the data channel is for actually transferring files. It's a nifty way of sending commands to the server without having to wait for the current data transfer to finish.
In active mode, the client establishes the command channel (from client port
X to server port 21(b)) but the server establishes the data channel (from server port 20(b) to client port Y, where Y has been supplied by the client).In passive mode, the client establishes both channels. In that case, the server tells the client which port should be used for the data channel.
Passive mode is generally used in situations where the FTP server is not able to establish the data channel. One of the major reasons for this is network firewalls. While you may have a firewall rule which allows you to open up FTP channels to
ftp.microsoft.com, Microsoft's servers may not have the power to open up the data channel back through your firewall.Active mode:
- Client opens up command channel from client port 2000(a) to server port 21(b).
- Client sends
PORT 2001(a) to server and server acknowledges on command channel. - Server opens up data channel from server port 20(b) to client port 2001(a).
- Client acknowledges on data channel.
- Client opens up command channel from client port 2000(a) to server port 21(b).
- Client sends
PASVto server on command channel. - Server sends back (on command channel)
PORT 1234(a) after starting to listen on that port. - Client opens up data channel from client 2001(a) to server port 1234(a).
- Server acknowledges on data channel.
