Practically Networked Home Earthweb HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.

SW Proxy Servers  
NAT SW (ICS, Sygate, etc)
NAT HW Routers
Other Problems
Secure LAN
Special Applications
Other Help

This explanation is courtesy of Ted Ede.
In active mode you talk to the FTP server, and ask for a file.  Over that connection, the server says to you, "Okay, I'm going to send you a file, and I'm going to send it you over a new connection to Port X on your machine".  X is from 1024 to 65535.  Your client replies, "go for it".  

Now the FTP server tries to open that port, but speaking on a port that the NAT gateway would not be expecting a request on.  So, all of a sudden your NAT gateway receives a request on Port X, and it does not know which machine on the your net that the packet was intended for, so it denies the request, and you don't get your file.

On linux, ip_masq_ftp, a kernel module, can be loaded to fix this.   Instead of blindly NATing away, it eavesdrops on the FTP protocol, and it knows in active mode that the server will reply to the client over the control connection with a port number which is contained in the *data* of the packet.  When a reply comes in on this port,  the ip_masq_ftp module tells the NAT code to route it to the correct client behind the gateway.  You still need to open the firewall to all incoming ports, but only if the source port is the FTP data port.

In PASV (passive) mode, port 21 is always initiated by the client for control and port 20 is always initiated by the client to receive data.  This makes it NATable.  Most FTP clients are set to Active mode by default and must be told to switch to PASV mode.

It's kind of a misnomer to say the client is passive.   Basically, it instructs the server to be passive, telling it, "Hey FTP server, don't get active on me!  When I want the file, I'll open a connection to you and get it."

So, you may be saying, why did they bother with this active baloney at all?  Like everything invented in unix, there's more to it than meets the eye. Two properly implemented FTP servers can be made to work together from a third machine.  Using the FTP control port from machine A, you can tell the FTP server on machine B to download the contents of a directory on machine C.  This is basically how FTP mirror sites get updated. Earthweb HardwareCentral earthwebdeveloper CrossNodes Datamation

Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums