Although I can't answer your question, I can tell you how FTP works and
maybe that will help. I can believe that it has problems in your situation!
;-)
FTP does not use both TCP and UDP. It does, however, open multiple TCP
connections.
Assuming you are using Active (non-passive, aka PORT mode), here's what
happens:
1. The client sends a TCP SYN to the well-known FTP control port (port 21)
on the server. The client uses an ephemeral (short-lived, not well-known,
greater than 1024) port as its source port.
2. The server sends the client a SYN ACK from port 21 to the ephemeral port
on the client.
3. The client sends an ACK. The client uses this connection to send FTP
commands and the server uses this connection to send FTP replies.
4. When the user requests a directory listing or initiates the sending or
receiving of a file, the client software sends a PORT command that includes
an ephemeral port number that the client wishes the server to use when
opening the data connection. The PORT command also includes an IP address,
which is usually the client's own IP address, although FTP also supports a
third-party mode where a client can tell a server to send a file to a
different host. (Third-party mode is rarely used.)
5. The server sends a SYN from port 20 to the client's ephemeral port
number, which was provided to the server in the client's PORT command.
6. The client sends a SYN ACK from its ephemeral port to port 20.
7. The server sends an ACK.
8. The host that is sending data uses this new connection to send the data
in TCP segments, which the other host ACKs. (With some commands, such as
STOR, the client sends data. With other commands, such as RETR, the server
sends data.)
9. After the data transfer is complete, the host sending data closes the
data connection with a FIN, which the other host ACKs. The other host also
sends its own FIN, which the sending host ACKs.
10. The client can send more commands on the control connection, which may
cause additional data connections to be opened and then closed. At some
point, when the user is finished, the client closes the control connection
with a FIN. The server ACKs the client's FIN. The server also sends its own
FIN, which the client ACKs.
Notice that an additional command (DIR, in your example) opens another data
connection. (In Active mode, these data connections come from the server's
port 20.)
Now, if you're using Passive mode, the client opens the data connection,
from an ephemeral port to an ephemeral port on the server. Here are the
steps:
1. The client sends a TCP SYN to the well-known FTP control port (port 21)
on the server. The client uses an ephemeral port as the source port.
2. The server sends the client a SYN ACK from port 21 to the ephemeral port
on the client.
3. The client sends an ACK. The client uses this connection to send FTP
commands and the server uses the connection to send FTP replies.
4. When the user requests a directory listing or initiates the sending or
receiving of a file, the client software sends a PASV command to the server
indicating the desire to enter passive mode.
5. The server replies. The reply includes the IP address of the server and
an ephemeral port number that the client should use when opening the
connection for data transfer.
6. The client sends a SYN from a client-selected ephemeral port to the
server's ephemeral port number, which was provided to the client in the
reply to the client's PASV command.
7. The server sends a SYN ACK from its ephemeral port to the client's
ephemeral port.
8. The client sends an ACK.
9. The host that is sending data uses this new connection to send the data
in TCP segments, which the other host ACKs. (With some commands, such as
STOR, the client sends data. With other commands, such as RETR, the server
sends data.)
10. After the data transfer is complete, the host sending data closes the
data connection with a FIN, which the other host ACKs. The other host also
sends its own FIN, which the sending host ACKs.
11. The client can send more commands on the control session, which may
cause additional data connections to be opened and then closed. At some
point, when the user is finished, the client closes the control connection
with a FIN. The server ACKs the client's FIN. The server also sends its own
FIN, which the client ACKs.
The gist of your problem is these multiple connections that happen. I
assume that HTTP works fine. That's probably because it opens only one
connection.
So, is there some more advanced configuration you can do to make FTP work?
That's the question.....
As far as your idea of fixing the problem with a static route, I'm afraid
that won't work because static routes don't let you specify a port number.
Would policy routing work? It's going to be tricky, though, because of
those ephemeral ports.
Maybe you could just pull one of the connections when you do FTP! ;-)
HTH
Priscilla
At 01:06 PM 6/3/02, question cisco wrote:
>i have a question regarding static routing and ports. i have a 2621 router
>with two dsl lines going to two different dsl providers, and one line going
>into my network. using the "extendable" feature of nating, i'm able to use
>both dsl line together to load balance traffic. the problem i run into,
>however, is when i try to ftp. since the router is forwarding packets in a
>"per packet" fashion, ie one goes out dsl 1, the other dsl2, etc, etc...when
>i connect to an ftp server outside my network i often run into problems. i
>can connect to the ftp site, but usually the second command (such as dir)
>responds saying that there is no ftp connection. from what i gather, the
>problem lies in the fact that ftp sends out both tcp and udp packets, and
>since my router is forwarding on a per packet basis, they're going out
>different dsl lines and causing the problem.
>
>how can i solve this? i was wondering if there is a way that i can set a
>static route, something like...ip static 0.0.0.0 :21 blah blah, where all of
>my port 21 (ftp) traffic goes out one dsl line.
>
>thanks.
________________________
Priscilla Oppenheimer
http://www.priscilla.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45685&t=45682
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx
