Windows system >> Computer software Tutorial >> Server technology >> About the server

Dual-powered FTP working mode

First, map 21 port to PC
, PC install FTP service serv-u, use serv-u because he can easily set two working modes of FTP. The external network initiates a connection as an example. PORT mode can be connected, can not be listed in the directory PASV mode can be connected, can not be listed directory analysis: FTP supports two modes. These two modes are called "standard" (or PORT, or "active") and "passive" (or PASV). The "standard" mode FTP client sends a PORT command to the FTP server. The "passive" mode client sends a PASV command to the FTP server. These commands are sent through the FTP command channel when an FTP session is established. Both modes of the FTP client must establish a connection to TCP port 21 on the FTP server. The client chooses a port greater than 1024 to initiate a connection, which establishes an FTP command channel. Can not list directories because FTP uses different channels to transfer data, which is where FTP is different from HTTP service. HTTP requires one channel.

Second, re-map 20 ports to PC
, the default way of serv-u is PORT mode. PORT mode can be connected, can also be listed, can download files PASV way can connect, can not list directory download file analysis: PORT mode: When the FTP client needs to receive data (such as folder list or file), the client will pass The FTP command channel sends a PORT command. This PORT command contains information about which port the FTP client is receiving on (for example, 3328). Next, the PC initiates a connection from TCP port 20 to the 3328 user port, and this is a new connection, perhaps the client firewall will intercept. It can be seen that the server uses 20 ports to "actively" connect to the port specified by the client, so the PORT mode is also called the active mode. There are two features in this mode: //article from the application of computer hardware and software network www.45it.com reproduced please specify

1 customers are dynamic port and the server using a fixed port 20, and is The server initiates an active new connection.

2 throughout FTP client connection to the server, the control channel is always connected, and the data transmission channel is temporarily set up. PASV mode cannot be reached because PASV requires the server to connect with dynamic ports, and this port is generally between 1024-5000, and the user initiates the connection. Although the PC opens this port and waits for the connection, NAT does not map so many ports. , so the communication is interrupted.

Third, close 20 port mapping
, then map 10001-10004 to PC, PORT mode can connect, can not be listed, can not download files PASV way can connect, can not list, can not download The file serv-u is really handsome. Set 10001-10004 in the Settings (Advanced) option and then start Passive mode so that the connection can be established.

Analysis: The process and analysis of this experiment was included in Microsoft's official website by Microsoft, but through my experiments, I found that he has a place that is not comprehensive, because he is directly in the meeting 2 I did the experiments on the computer, and I used them to do it separately with NAT, and I can see the problem more.

problem lies in the so-called "consultation process", reads like this: "Send PASV command, in this command, the user tells the server what port to connect to a server, if the port on the server Is idle available, then the server will return an ACK confirmation message, after which the data transmission channel is established and returns the information the user wants (according to the instructions sent by the user, such as ls, dir, get, etc.); if the server's port is another A resource is used, then the server returns UNACK information, then the FTP client will send the PASV command again, which is the so-called negotiation process of connection establishment.

In fact, the message I caught is like this. of:

1serv-u PASV mode is set to specify the port, and the port is activated immediately to the listening state, for example, I set up is 10001-10004, related software can be used to "see" these ports have been set For listening. When

2 when the client sends a PASV command over the command channel, FTP server opens an ephemeral port, and notifies the FTP client transfer request data from the port, rather than consultation. The FTP server responds to the request by using the ephemeral port as the source port for the data transfer. Obviously, this connection is initiated by the user, too, also called passive.

3 throughout FTP client connection to the server, the control channel is always connected, and the data transmission channel is temporarily set up.

4-port between 1024-5000, not more than 5000, why you, I do not know, because I set up more than 5,000 TCP connection can not be established, the actual theory is so I do not know.

I did not do with other FTP server software, it can not determine whether there is negotiation, if FTP so mentally, that when you want to negotiate, it is better to tell customers not on the list. The disadvantage is that the port is limited. If multiple users are connected at the same time, these ports are not enough.

Fourth, the way to solve the problem PASV
: the problem can not transfer data out in: the IP server transmits to the client. When the FTP client logs in to the server, the PASV mode server will transmit the IP address and data port of the machine to the client. When the server is placed in the intranet, the server will return the IP of the intranet to the client, which of course If the connection cannot be completed, the server needs to return the address of the external network. Fortunately, there is still a good news, that is, serv-u itself has the function of returning the external network address by first selecting the attribute of the new FTP server and selecting "enabledynamicdns" in the domain label. The second label will appear. Call "dynamicdns", then go to tz0.com to apply for a dynamic domain name. After applying, you will get a key. Fill in this key in this tab. The final step is to go to the settings property of the new server, select the advanced tab, and select "allowpassive modedatatransfer". The IP address box next to it is left blank. This box is not required for dial-up users. Only the export uses a fixed address. In this way, before serv-u returns the IP and port to the client, it will first query tz0.com for the address of the ISA external network and then send it to the client.

Summary: in what way is determined by the user, and active and passive server is said is a relative term. During the entire process of connecting the FTP client to the server, the control channel is always connected, and the data transmission channel is temporarily established. In active mode, the server initiates a connection with port 20, while in the passive mode, the server tells the client a dynamic port, and the client initiates the connection. If you use the FTP client program, you can only log in and cannot transfer data. You may want to change the working mode. Of course, you need server support.

About the firewall

For external users, if your firewall does not accept active connections, it is a big problem: the standard mode FTP client cannot run in this environment. Because the FTP server must issue a new connection request to the FTP client. For the server, the firewall administrator may not want to use the PASVFTP server because the FTP server can open any ephemeral port number, which may be unsafe if the firewall configuration allows unsolicited connections to fully access all ephemeral ports.

Tips
, IE uses the active mode to initiate the connection by default. To use the passive mode, you need to set IE-Tools-Internet Options-Advanced. Under Browse, click "Enable for FTP site." The Folder View check box to clear it. Click the "Use passive FTP (for firewall and DSL modem compatibility)" checkbox to select it. Click OK. If the "Enable folder view for FTP site" checkbox is selected, Internet Explorer will behave like a "standard" mode FTP client, even if you also select the "Use passive FTP" checkbox. If you clear the "Enable folder view for FTP site" checkbox and then select the "Use passive FTP" checkbox, Internet Explorer will behave like a "passive" mode FTP client.

IIS6.0 server station series problem solution

Government agencies server software full Raiders operating system articles

About the server

Windows system

One way to solve the problem that the application pool is automatically disabled is
which is again a problem with the client Exchange server. Exchange 2003 and DC are the same server.

Logging in to the server with a certificate
I recently found openssl and found that the certificate is safe. Then on the Internet, I found out h

Handling World Wide Web Publishing Service does not start
1. start --- & gt; control panel --- & gt; management tools --- & gt; Internet In

IIS supports any extension download method (group image)
Sometimes the download space is provided for download, so you can directly set up any file download.

Improve FSO security under Win2003
ASP provides powerful file system access capability, which can read, write, copy, delete, rename, et

Iis 7 how to cancel the directory execution permission diagram
Nowadays, hackers are increasingly scrambling. It can be said that there is no lo

DNS server

FTP server

Web server

Proxy server

Mail server

Server synthesis

About the server

Windows articles

Tips: buy a brand server or assemble a server?

Prohibit PHP execution permission for a directory under Apache

Error in SVN update: Cannot open new file svn-base system cannot find the specified file

Failure analysis of the three major components of the server

IIS server to do 301 permanent redirection settings explain

phpMyAdmin error: unable to create a session when an error occurs, please check the PHP or web server logs and properly configure the PHP installation

Linux system vps server entry level security configuration guide

System security: solve the problem of improving sshd service security

IIS server formation strategy

Server dual line access technology common sense analysis

IIS appears An error occurred on the server when processing the URL. Please contact the system administrator solution

Solution for error when connecting SQL Server to server

Windows knowledge

How do you use the traditional "personalization" settings in the Win10 system?

Windows10 system click shutdown to become an automatic restart how to solve

How to customize the replacement of Windows7 system fonts

WinXP desktop bottom right corner prompts to run the Chkdsk tool method

Not commonly used. Win7 is easy to ignore four functions

Win7 using Excel prompt stdole32.tlb lost how to solve?

Qt Recovery Maxthon does not close the list of webpages

The WinX menu is the next generation of the Win8 system start menu (2)

Windows 2000, XP SP2 emergency announcement

Win8 vs. Win7: A number of daily operation speeds measured

Windows system

Windows XP System Tutorial

Windows 7 System Tutorial

Windows 8 System Tutorial

Windows 10 System Tutorial

Windows 2003 System Tutorial

Windows 2008 System Tutorial

Windows Vista System Tutorial

Windows tutorial synthesis

Windows Server System Tutorial

Linux system Tutorial

Computer software Tutorial

Windows NT Tutorial