And that doesn't even get into the issues of security and FTP. (I wonder if anyone is using WebDAV yet? Apple is pushing it. WebDAV, from what I understand, is for updating Web sites. It isn't really a general replacement for FTP, but it can be used in a lot of cases instead of FTP.)
I like the word "ephemeral." It means short-lived. It helps you understand that these ports are used for connections that get opened when needed, as opposed to a port that a server that runs a service keeps open all the time. Not to be confused with this other categorization of port numbers: 1. Well-known port numbers are used to identify standard services that run above TCP (or UDP), including HTTP, Telnet, SMTP, and so on. Well-known port numbers are 0 to 1,023. 2. Registered port numbers identify an application that has been registered with the Internet Assigned Numbers Assigned Numbers Authority (IANA). Registered port numbers are 1,024 to 49,151. 3. Private port numbers are unregistered and can be dynamically assigned to any application. Private port numbers are 49,152 to 65,535. The registered port numbers have fallen prey to the second law of thermodynamics, however. (Increasing chaos in the universe.) You will see them get used in an ephemeral manner in situations that have nothing to do with their registered meaning. I cut and paste the FTP steps from my new book. (You all keep giving me chances to talk about it. ;-) There's more info about it here: http://www.troubleshootingnetworks.com/ Thanks Priscilla At 05:06 PM 6/3/02, John Dorffler wrote: >Way off topic: > >1. Priscilla mentions ephemeral ports at the end of this post. I just saw >"Scanners" this weekend and the drug they use to give people wacky >telepathic powers was "ephemerol". Apparently it gives you the ability to >make people's heads explode, just like networking can at times! > >2. Priscilla, please tell me you cut and paste that stuff from somewhere and >don't just reel it off from memory (e.g. the 10-step FTP process below). If >you do reel it off from memory, do you use some herbal memory supplement or >something? > >-John > > >""Priscilla Oppenheimer"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Although I can't answer your question, I can tell you how FTP works and > > maybe that will help. I can believe that it has problems in your >situation! > > ;-) > > > > FTP does not use both TCP and UDP. It does, however, open multiple TCP > > connections. > > > > Assuming you are using Active (non-passive, aka PORT mode), here's what > > happens: > > > > 1. The client sends a TCP SYN to the well-known FTP control port (port 21) > > on the server. The client uses an ephemeral (short-lived, not well-known, > > greater than 1024) port as its source port. > > 2. The server sends the client a SYN ACK from port 21 to the ephemeral >port > > on the client. > > 3. The client sends an ACK. The client uses this connection to send FTP > > commands and the server uses this connection to send FTP replies. > > 4. When the user requests a directory listing or initiates the sending or > > receiving of a file, the client software sends a PORT command that >includes > > an ephemeral port number that the client wishes the server to use when > > opening the data connection. The PORT command also includes an IP address, > > which is usually the client's own IP address, although FTP also supports a > > third-party mode where a client can tell a server to send a file to a > > different host. (Third-party mode is rarely used.) > > 5. The server sends a SYN from port 20 to the client's ephemeral port > > number, which was provided to the server in the client's PORT command. > > 6. The client sends a SYN ACK from its ephemeral port to port 20. > > 7. The server sends an ACK. > > 8. The host that is sending data uses this new connection to send the data > > in TCP segments, which the other host ACKs. (With some commands, such as > > STOR, the client sends data. With other commands, such as RETR, the server > > sends data.) > > 9. After the data transfer is complete, the host sending data closes the > > data connection with a FIN, which the other host ACKs. The other host also > > sends its own FIN, which the sending host ACKs. > > 10. The client can send more commands on the control connection, which may > > cause additional data connections to be opened and then closed. At some > > point, when the user is finished, the client closes the control connection > > with a FIN. The server ACKs the client's FIN. The server also sends its >own > > FIN, which the client ACKs. > > > > Notice that an additional command (DIR, in your example) opens another >data > > connection. (In Active mode, these data connections come from the server's > > port 20.) > > > > Now, if you're using Passive mode, the client opens the data connection, > > from an ephemeral port to an ephemeral port on the server. Here are the > > steps: > > > > 1. The client sends a TCP SYN to the well-known FTP control port (port 21) > > on the server. The client uses an ephemeral port as the source port. > > 2. The server sends the client a SYN ACK from port 21 to the ephemeral >port > > on the client. > > 3. The client sends an ACK. The client uses this connection to send FTP > > commands and the server uses the connection to send FTP replies. > > 4. When the user requests a directory listing or initiates the sending or > > receiving of a file, the client software sends a PASV command to the >server > > indicating the desire to enter passive mode. > > 5. The server replies. The reply includes the IP address of the server and > > an ephemeral port number that the client should use when opening the > > connection for data transfer. > > 6. The client sends a SYN from a client-selected ephemeral port to the > > server's ephemeral port number, which was provided to the client in the > > reply to the client's PASV command. > > 7. The server sends a SYN ACK from its ephemeral port to the client's > > ephemeral port. > > 8. The client sends an ACK. > > 9. The host that is sending data uses this new connection to send the data > > in TCP segments, which the other host ACKs. (With some commands, such as > > STOR, the client sends data. With other commands, such as RETR, the server > > sends data.) > > 10. After the data transfer is complete, the host sending data closes the > > data connection with a FIN, which the other host ACKs. The other host also > > sends its own FIN, which the sending host ACKs. > > 11. The client can send more commands on the control session, which may > > cause additional data connections to be opened and then closed. At some > > point, when the user is finished, the client closes the control connection > > with a FIN. The server ACKs the client's FIN. The server also sends its >own > > FIN, which the client ACKs. > > > > > > The gist of your problem is these multiple connections that happen. I > > assume that HTTP works fine. That's probably because it opens only one > > connection. > > > > So, is there some more advanced configuration you can do to make FTP work? > > That's the question..... > > > > As far as your idea of fixing the problem with a static route, I'm afraid > > that won't work because static routes don't let you specify a port number. > > Would policy routing work? It's going to be tricky, though, because of > > those ephemeral ports. > > > > Maybe you could just pull one of the connections when you do FTP! ;-) > > > > HTH > > > > Priscilla > > > > > > At 01:06 PM 6/3/02, question cisco wrote: > > >i have a question regarding static routing and ports. i have a 2621 >router > > >with two dsl lines going to two different dsl providers, and one line >going > > >into my network. using the "extendable" feature of nating, i'm able to >use > > >both dsl line together to load balance traffic. the problem i run into, > > >however, is when i try to ftp. since the router is forwarding packets in >a > > >"per packet" fashion, ie one goes out dsl 1, the other dsl2, etc, >etc...when > > >i connect to an ftp server outside my network i often run into problems. >i > > >can connect to the ftp site, but usually the second command (such as dir) > > >responds saying that there is no ftp connection. from what i gather, the > > >problem lies in the fact that ftp sends out both tcp and udp packets, and > > >since my router is forwarding on a per packet basis, they're going out > > >different dsl lines and causing the problem. > > > > > >how can i solve this? i was wondering if there is a way that i can set a > > >static route, something like...ip static 0.0.0.0 :21 blah blah, where all >of > > >my port 21 (ftp) traffic goes out one dsl line. > > > > > >thanks. > > ________________________ > > > > Priscilla Oppenheimer > > http://www.priscilla.com ________________________ Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45714&t=45682 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
