File Transfer: FTP

Knowledge Base

File Transfer: FTP

In a typical FTP session, the user is sitting in front of one host and wants to transfer files to
or from a remote host. In order for the user to access the remote account, the user must
provide user identification and a password. After the authorization information is provided,
the user can transfer files from the local file system to the remote file system and vice versa.

HTTP and FTP are both file transfer protocols and share some common characteristics;
they both run on top of TCP. However, the two application-layer protocols have some
important differences. The most striking difference is the FTP uses two parallel TCP
connections to transfer a file, a control connection and a data connection. The
control connection is used for sending control information between two hosts; such as user
identification, password, commands to change remote directory, and commands to put and
get files. Because FTP uses a separate control connection, FTP is said to send its control
information out of band. HTTP is said to send its control information inband because it
sends request and response header lines into the same TCP connection that carries the
transferred file itself. When a user stars an FTP session with a remote host, the client side of
FTP first initiates a control TCP connection with the server side on server port number 21.

The client side of FTP sends the user
identification and password over this
control connection. The client side of
FTP also sends over the control
connection, commands to change the
remote directory. When the server
side receives over the control
connection a command for a file
transfer, the server side initiates a
TCP data connection to the client
side. FTP sends exactly one file over
the data connection and closes the
data connection. With FTP, the control connection remains open for
the duration of the user session, but a new data connection is created for each transferred within a session.

Throughout a session, the FTP server must maintain state about the user. The Server must
associate the control connection with a specific user account, and the server must keep track
of the user's current directory as the user wanders about the remote directory tree. Keeping
track of this state information for each user session, constrains the total number of session
that FTP can maintain simultaneously.

The commands from client to server and replies from server to client are sent across the
control connection in 7-bit ASCII format. Like HTTP commands, FTP commands are
readable by people. Each command consists of four uppercase ASCII characters, some with
optional arguments. Here are some of the more common commands:

USER username: Used to send the user identification to the server

PASS password: Used to send password to the server.

LIST: Used to ask the server to send back a list of all the files in the current remote directory. The list of files is sent over a data connection instead of the control TCP connection.

RETR filename: Used to retrieve a file from the current directory of the remote host. Triggers the remote host to initiate a data connection and send the requested file over the data connection.

STOR filename: Used to store a file into the current directory of the remote host.

There is typically a one to one correspondence between the command that the user issues
and FTP command sent across the control connection. Each command is followed by a reply,
sent from server to client. The replies are three-digit numbers with an optional message
following the number. This is similar to the status code structure and phrase in the status line
of the HTTP response message.

Back to Knowledge Base