1. Introduction to File Transfer and FTP

In the digital world, the need to move files from one computer to another is a fundamental operation. Whether it is a web developer uploading a new website, a researcher sharing a dataset, or a user downloading a software update, a standardized and reliable method for file transfer is essential. The File Transfer Protocol (FTP) is one of the internet's oldest and most foundational protocols, designed specifically for this purpose.

At its core, FTP is a protocol that operates on a client-server model. It defines the set of rules and commands that a client application uses to communicate with a server to upload (send) and download (receive) files. Developed in the early 1970s, long before the World Wide Web, its design reflects the needs of a simpler internet but possesses a unique architecture that sets it apart from many modern protocols.

2. The Core Architecture: A Tale of Two Connections

The most distinctive and often misunderstood feature of FTP is its use of two separate, parallel connections to manage a session. Unlike most modern protocols that use a single connection for all communication, FTP splits its tasks into control and data channels.

The Control Connection

The control connection is the "brain" of the FTP session. It is the first channel to be established and remains active throughout the entire duration of the user's session.

• Purpose: Its sole purpose is for communication and management. The client sends commands (like "log me in," "list the files," or "download this file") to the server, and the server sends back replies (like "login successful," "here is the file list," or "file transfer starting").
• Port Number: The server listens for incoming control connections on the well-known port $21$.
• Longevity: This connection is established when the user logs in and is only terminated when the user explicitly logs out by sending the 'QUIT' command.
• Data Type: The control connection carries only control information: text-based commands and numeric server responses. No file data ever travels over this channel.

The Data Connection

The data connection is the "workhorse" of the FTP session. It is a temporary, separate channel established for the sole purpose of transferring the raw data of files or directory listings.

• Purpose: This channel is used exclusively for transmitting the actual content. This could be a file being downloaded from the server to the client (downloading) or a file being uploaded from the client to the server (uploading). Directory listings requested via the 'LIST' command are also sent over the data connection.
• Port Number: The port numbers for the data connection are dynamic and depend on the transfer mode (Active or Passive), which is a crucial concept discussed in detail later. In classic Active mode, the server uses port $20$ as its source port for data.
• Ephemeral Nature: Unlike the persistent control connection, a data connection is created on-demand for each transfer. It opens, the file or listing is transferred, and then it immediately closes. A new data connection must be established for the next file transfer.
• Data Type: This connection carries only the raw file data (in either ASCII or binary format) or directory listings. No commands or server replies are sent over this channel.

This two-connection architecture allows for clean separation of concerns. Commands and replies on the control channel are not delayed by a large, ongoing file transfer on the data channel, making it possible to manage the session (e.g., abort a transfer) while data is flowing.

3. The Actors: Client and Server

Understanding the two software components involved is key to understanding how FTP works.

The FTP Client

The FTP client is the application that runs on the user's local machine. It provides a user interface (graphical or command-line) that allows the user to connect to a remote server, browse directories, and initiate file transfers. Popular examples include applications like FileZilla, WinSCP, and CuteFTP. The client is responsible for initiating both the control and data connections and sending commands to the server.

The FTP Server (Daemon)

The FTP server, often referred to as an FTP daemon (FTPd), is a software program running on the remote machine. Its job is to listen for incoming connection requests from clients on the control port ($21$). Once a client connects, the daemon is responsible for handling authentication (verifying username and password), interpreting client commands, managing the file system on the server (listing files, creating directories), and managing the data transfer process.

4. A Step-by-Step FTP Session

Let's walk through a typical session to see how these components and connections work together. The interaction is a series of commands from the client and three-digit reply codes from the server.

1. Connection and Login: The user starts their FTP client application and provides the server's address (e.g., 'ftp.example.com'), a username, and a password. The client opens a TCP connection from a random local port to the server's port $21$. This establishes the control connection. The client then sends the 'USER' and 'PASS' commands. The server verifies these credentials.
2. Navigation: Once logged in, the user can navigate the server's file system. The client sends a 'LIST' command to see the files and directories in the current folder.
3. Initiating a Download: The user decides to download a file named 'report.pdf'. The client sends a 'RETR report.pdf' command over the control connection. 'RETR' stands for retrieve.
4. Opening the Data Connection: This is the critical step where the transfer mode comes into play. The client and server negotiate how to open the temporary data connection. (The details of this negotiation are covered in the next section on Active vs. Passive modes).
5. Data Transfer: Once the data connection is established, the server starts sending the contents of 'report.pdf' over this new channel. The control connection remains idle during the transfer, only being used by the server to send a final "transfer complete" message once all the data has been sent.
6. Closing the Data Connection: After the transfer is complete, the data connection is closed. The control connection remains open, waiting for the user's next command.
7. Ending the Session: When the user is finished, they command the client to disconnect. The client sends a 'QUIT' command over the control connection. The server acknowledges, and the control connection is terminated, ending the FTP session.

5. The Critical Choice: Active vs. Passive FTP Modes

The method by which the temporary data connection is established is the most complex aspect of FTP and a common source of connectivity issues. There are two distinct modes: Active Mode and Passive Mode. The choice of mode dictates which side (client or server) opens the data connection, which has significant implications for firewalls and Network Address Translation (NAT).

Active FTP Mode

In Active mode, the client tells the server where to send the data.

1. The client connects from a random port ($N$) to the server's command port $21$.
2. When a file transfer is requested, the client starts listening on a new port ($N+1$).
3. The client sends the 'PORT N+1' command to the server over the control channel. This command tells the server: "I am listening for the data on port $N+1$ at my IP address."
4. The server then initiates the data connection from its data port ($20$) back to the client's specified port ($N+1$).

The Problem with Active Mode: This mode is highly problematic in modern networks. Most client computers are behind a NAT device (like a home router) and protected by a firewall. The firewall on the client's side will see the incoming connection attempt from the FTP server as an unsolicited, external connection and will block it. The transfer will fail.

Passive FTP Mode (PASV)

Passive mode was created to solve the firewall problems caused by Active mode. In this mode, the client initiates all connections.

1. The client connects from a random port ($N$) to the server's command port $21$.
2. When a file transfer is requested, the client sends the 'PASV' command to the server over the control channel. This command essentially asks the server: "Please tell me which port I should connect to for data."
3. The server responds by opening a random high-numbered port ($P$) and sending its IP address and that port number back to the client. The response looks something like '227 Entering Passive Mode (192,168,1,10,192,5)'.
4. The client then initiates the data connection from its own random port ($N+1$) to the IP address and port ($P$) specified by the server.

Why Passive Mode Works: Since the client is the one initiating the data connection (an outgoing connection), it is permitted by most client-side firewalls and NAT devices. For this reason, Passive mode is the standard and preferred mode for virtually all modern FTP clients. It may, however, require the server's administrator to open a range of ports on the server-side firewall to allow these incoming passive data connections.

6. Security Concerns and Modern Alternatives

The original FTP specification is fundamentally insecure by modern standards. This is its single greatest weakness.

• Plain Text Transmission: In standard FTP, all information, including your username, password, commands, and the entire content of your files, is sent over the network as unencrypted plain text. Anyone with the ability to "sniff" the network traffic between you and the server can easily capture and read all of this sensitive data.
• Lack of Data Integrity: Standard FTP includes no mechanism to verify that a transferred file has not been altered in transit. A malicious actor could potentially intercept and modify a file as it is being transferred, and neither the client nor the server would know.

Secure FTP Solutions

To address these severe security flaws, several secure alternatives have been developed:

• FTPS (FTP over SSL/TLS): This is an extension to the standard FTP protocol that adds support for the Transport Layer Security (TLS) and the older Secure Sockets Layer (SSL) cryptographic protocols. It encrypts both the control and data connections, protecting credentials and file content from eavesdropping. FTPS is the direct, secure successor to FTP.
• SFTP (SSH File Transfer Protocol): Despite its name, SFTP is not related to FTP. It is a completely different protocol that runs over the Secure Shell (SSH) protocol. It was designed from the ground up to be secure, providing strong encryption and data integrity for all communications over a single connection. For new applications requiring secure file transfer, SFTP is often the preferred choice over FTPS due to its simpler firewall configuration (only uses one port).

In summary, while FTP remains a foundational protocol for understanding network principles, its direct, unencrypted use is strongly discouraged for any transfer involving sensitive data. Its modern, secure counterparts, FTPS and SFTP, provide the necessary encryption and protection for today's internet.