IP subnet routing
Chapter 4. Application Protocols
4.4 File Transfer Protocol (FTP)
FTP is a standard protocol with STD Number 9. Its status is recommended. It is described in RFC 959 File Transfer Protocol (FTP) and updated in RFC 2228 FTP Security Extensions.
Copying files from one machine to another is one of the most frequently used operations. The data transfer between client and server can be in either direction.
The client can send a file to the server machine. It can also request a file from this server.
To access remote files, the user must identify himself or herself to the server. At this point the server is responsible for authenticating the client before it allows the file transfer.
From an FTP user's point of view, the link is connection-oriented. In other words, it is necessary to have both hosts up and running TCP/IP to establish a file transfer.
4.4.1 Overview of FTP
FTP uses TCP as a transport protocol to provide reliable end-to-end connections.
The FTP server listens to connections on port 20 and 21. Two connections are used: the first is for login and follows the TELNET protocol and the second is for managing the data transfer. As it is necessary to log into the remote host, the user must have a user name and a password to access files and directories. The user who initiates the connection assumes the client function, while the server function is provided by the remote host.
On both sides of the link the FTP application is built with a protocol interpreter (PI), a data transfer process (DTP), and a user interface (see Figure 121 on page 176).
The user interface communicates with the protocol interpreter, which is in charge of the control connection. This protocol interpreter has to communicate the necessary information to its own file system.
On the opposite side of the link, the protocol interpreter, besides its function of responding to the TELNET protocol, has to initiate the data connection. During the file transfer, the data management is performed by DTPs. After a user's request is completed, the server's PI has to close the control connection.
File System
USER FTP
User Interface
PI User DTP User
Control
Connection PI
Server DTP Server
Server System Client System
Data
Connection File
System
3376a\3376FDOH
Figure 121. FTP - FTP Principle
4.4.2 FTP Operations
When using FTP, the user will perform some or all of the following operations:
Connect to a remote host
Select a directory
List files available for transfer
Define the transfer mode
Copy files to or from the remote host
Disconnect from the remote host
4.4.2.1 Connecting to a Remote Host
To execute a file transfer, the user begins by logging into the remote host. This is the primary method of handling the security. The user must have a user ID and password for the remote host, unless using anonymous FTP which is described in 4.4.6, “Anonymous FTP” on page 180.
There are four commands that are used:
Open Selects the remote host and initiates the login session User Identifies the remote user ID
Pass Authenticates the user
Site Sends information to the foreign host that is used to provide services specific to that host
4.4.2.2 Selecting a Directory
When the control link is established, the user can use the cd (change directory) subcommand to select a remote directory to work with. Obviously, the user can only access directories for which the remote user ID has the appropriate
authorization. The user can select a local directory with the lcd (local change directory) command. The syntax of theses commands depends upon the operating system in use.
4.4.2.3 Listing Files Available for Transfer
This task is performed using the dir or ls subcommands.
4.4.2.4 Specifying the Transfer Mode
Transferring data between dissimilar systems often requires transformations of the data as part of the transfer process. The user has to decide on two aspects of the data handling:
The way the bits will be moved from one place to another
The different representations of data upon the system's architecture This is controlled using two subcommands:
Mode Specifies whether the file is to be treated as having a record structure in a byte stream format.
Block Logical record boundaries of the file are preserved.
Stream The file is treated as a byte stream. This is the default, and provides more efficient transfer but may not produce the desired results when working with a record-based file system.
Type Specifies the character sets used for the data.
ASCII Indicates that both hosts are ASCII-based, or that if one is ASCII-based and the other is EBCDIC-based, that
ASCII-EBCDIC translation should be performed.
EBCDIC Indicates that both hosts use an EBCDIC data representation.
Image Indicates that data is to be treated as contiguous bits packed in 8-bit bytes.
Because these subcommands do not cover all possible differences between systems, the SITE subcommand is available to issue implementation-dependent commands.
4.4.2.5 Transferring Files
The following commands can be used to copy files between FTP clients and servers:
Get Copies a file from the remote host to the local host.
Mget Copies multiple files from the remote to the local host.
Put Copies a file from the local host to the remote host.
Mput Copies multiple files from the local host to the remote host.
4.4.2.6 Using Passive Mode
Passive mode reverses the direction of data transfer, so that the FTP server on the remote host selects a port and informs the FTP client program which port to use when the client connects to the server on the remote host. Since, passive mode allows the FTP server to create a port for the connection, it will be relatively easy to ensure that no dangerous service goes on a given port. This approach makes it easier to configure filtering rules for firewalls. Therefore, this mode is also referred to as firewall-friendly mode. Please see 5.3.4.2, “An Example: FTP Proxy Server”
on page 286 for more detail about FTP proxy server and passive mode.
4.4.2.7 Using Proxy Transfer
Proxy transfer allows the clients that have slow a connection to use a third-party transfer between two remote servers. A client that is connected to a server opens an FTP connection to another server using that server by issuing the proxy open command. For example, client A wants to download a file from server B but the connection is slow. In this case, client A can first connect to server C and then issue the proxy open server_B command to log into server B. Client A sends proxy get file_name to transfer the file from server B to server C.
4.4.2.8 Terminating the Transfer Session
The following commands are used to end an FTP session:
Quit Disconnects from the remote host and terminates FTP. Some implementations use the BYE subcommand.
Close Disconnects from the remote host but leaves the FTP client running. An open command can be issued to work with a new host.
4.4.3 Reply Codes
In order to manage these operations, the client and server conduct a dialog using the TELNET convention. The client issues commands, and the server responds with reply codes. The responses also include comments for the benefit of the user, but the client program uses only the codes.
Reply codes are three digits long, with the first digit being the most significant.
Example: For each user command, shown like this, the FTP server responds with a message beginning with a 3-digit reply code, shown like this:
FTP foreignhost 22ð service ready USERNAME cmsð1 331 user name okay PASSWORD xyxyx 23ð user logged in TYPE Image
2ðð command okay
Table 8. FTP Reply Codes. The second and third digits provide more details about the response.
Reply code Description
1xx Positive preliminary reply.
2xx Positive completion reply.
3xx Positive intermediate reply.
4xx Transient negative completion reply.
5xx Permanent negative completion reply.
4.4.4 FTP Scenario
A LAN user has to transfer a file from a workstation to a system running VM. The file has to be transferred from the workstation's disk drive to the minidisk 191 owned by CMS user cms01. There is no Resource Access Control Facility (RACF) installed. The symbolic name corresponding to an Internet address is
host01.itsc.raleigh.ibm.com.
FTP Client FTP Server
TCP/IP
USER VM/IS
TCP/IP
foreignhost user ID password
: host01 : cms01 : cmspw Disk
Ethernet LAN Disk
Data
3376a\3376FDOI
1) Login to remote host FTP LOGIN PASSWORD
host01 cms01 cmspw 2) Open a directory CD
PW
cms01 191 pw191
3) Define a transfer mode SENDSITE
SITE FIXrecfm 80
4) Define the file to be
transferred PUT file01.tst file01.tst 5) End of operation QUIT
Figure 122. FTP - FTP Scenario
4.4.5 A Sample FTP Session
Figure 123 on page 180 illustrates an FTP session as seen from an FTP client program:
à ð
[C:\SAMPLES]ftp hostð1.itsc.raleigh.ibm.com Connected to hostð1.itsc.raleigh.ibm.com.
22ð hostð1 FTP server (Version 4.1 Sat Nov 23 12:52:ð9 CST 1991) ready.
Name (rs6ððð2): cmsð1
331 Password required for cmsð1.
Password: xxxxxx
23ð User cmsð1 logged in.
ftp> put fileð1.tst fileð1.tst 2ðð PORT command successful.
15ð Opening data connection for fileð1.tst (1252 bytes).
226 Transfer complete.
local: fileð1.tst remote: fileð1.tst
1285 bytes received in ð.ð62 seconds (2ð Kbytes/s) ftp> close
221 Goodbye.
ftp> quit
á ñ
Figure 123. FTP - A Sample FTP Session
4.4.6 Anonymous FTP
Many TCP/IP sites implement what is known as anonymous FTP, which means that these sites allow public access to some file directories. The remote user only needs to use the login name anonymous and password guest or some other common password conventions, for example the user's Internet e-mail ID. The password convention used on a system is explained to the user during the login process.
4.4.7 Remote Job Entry Using FTP
The FTP server on MVS allows sending job control language (JCL) to the internal reader. With this feature a kind of remote job entry (RJE) for TCP/IP can be implemented. It uses the site filetype=jes subcommand to indicate that the file sent is not really a file but a job. The FTP server on MVS then transfers the job to the job entry system (JES) for spooling and execution. The individual spool files can be received with the get subcommand of FTP.