Outbound port on sockets
Steve Holden
steve at holdenweb.com
Fri Sep 15 13:53:09 EDT 2006
Grant Edwards wrote:
> On 2006-09-15, Sergei Organov <osv at javad.com> wrote:
>
>
>>>>>It's not the issue here, but to specify the outgoing port
>>>>>call bind(('', portnum)) before connect().
>
>
>>>It's an interesting thing to know, but I've been doing TCP
>>>stuff for many years and never run across a situation where
>>>it's something I needed to do. If somebody in this thread
>>>actually does need to do it, I'd be curious bout why...
>>
>>Well, one of ftpd implementations I have here (C code from RTEMS) does
>>this:
>>
>> /* anchor socket to avoid multi-homing problems */
>> data_source = info->ctrl_addr;
>> data_source.sin_port = htons(20); /* ftp-data port */
>> if(bind(s, (struct sockaddr *)&data_source, sizeof(data_source)) < 0)
>> ERROR;
>> ...
>> if(connect(s,
>> (struct sockaddr *)&info->def_addr,
>> sizeof(struct sockaddr_in)) < 0
>> )
>> ERROR;
>>
>>I've no idea what "multi-homing problems" are, but maybe it gives you
>>some hint?
>
>
> I don't know what "multi-homing problems are either".
> Apparently there must be some ftp clients that require the
> source port for the data connection to be port 20.
>
> The RFC is pretty vague. It does say the server and clinet but
> must "support the use of the default data port [port 20]" or
> something like that. But, it's not all all clear to me what
> that is supposed to mean. My reading is that they must support
> the default port as the destination port for a data connection
> untill it's been changed by receipt of a PORT command.
>
> But, like I said, is very vague, and I suppose some client
> implementor could have read it as the server must use the
> default data port as the source port for a data connection.
Standard (port-mode) FTP has the client send a PORT command to the
server when data transfer is required. The server then makes a
connection to the indicated port from its own port 20. If you look in
/etc/services you'll likely see that port 21 is identified as "ftp" or
"ftp-control" and 20 as "ftp-data".
Passive mode was introduced so that the server is not required to make a
connection inbound to the client, as more and more firewalls were
interposed at the perimeter of networks, blocking the inbound requests
to clients from servers.
I suspect that the reason for the comment is simply that the connection
out from the server is being bound to the same interface (*IP address*)
that the inbound request arrived on. That way it's less likely that the
data stream will be routed differently from the control (port 21) stream.
regards
Steve
--
Steve Holden +44 150 684 7255 +1 800 494 3119
Holden Web LLC/Ltd http://www.holdenweb.com
Skype: holdenweb http://holdenweb.blogspot.com
Recent Ramblings http://del.icio.us/steve.holden
More information about the Python-list
mailing list