Status of this Memo

This document provides information for the Internet community. This document does not specify an Internet standard of any kind. Distribution of this document is unlimited.

Abstract

This memo describes a suggested change to the behavior of FTP client programs. No protocol modifications are required, though we outline some that might be useful.

Overview and Rational

The FTP protocol [1] uses a secondary TCP connection for actual transmission of files. By default, this connection is set up by an active open from the FTP server to the FTP client. However, this scheme does not work well with packet filter-based firewalls, which in general cannot permit incoming calls to random port numbers.

If, on the other hand, clients use the PASV command, the data channel will be an outgoing call through the firewall. Such calls are more easily handled, and present fewer problems.

The Gory Details

The FTP specification says that by default, all data transfers should be over a single connection. An active open is done by the server, from its port 20 to the same port on the client machine as was used for the control connection. The client does a passive open.

For better or worse, most current FTP clients do not behave that way. A new connection is used for each transfer; to avoid running afoul of TCP's TIMEWAIT state, the client picks a new port number each...