TFTP and FTP Basics

BUPT/QMUL2016-04-25

2

Agendan File transfer and accessn TFTP (Trivial File Transfer Protocol)n FTP (File Transfer Protocol)n NFS (Network File System)

3

File Transfer And Access

4

File Transfer And Accessn Providing computers with the ability to access

files on remote machinesn Different goals

n To lower overall costn To archive datan To share data across multiple programs, multiple

users, or multiple sitesn Two forms

n On-line access: NFSn Whole-file copying: FTP, TFTP

5

TFTP(Trivial File Transfer Protocol)

6

TFTPn TFTP Featuresn TFTP Protocolsn TFTP Operationsn TFTP Example

7

TFTP Featuresn Read and write files from / to remote computersn Minimal overhead (no security)n Designed for UDP, although could be used with other

transport protocolsn Easy to implementn Small – possible to include in firmwaren Often uses to bootstrap workstations and network

devicesn No Access Control / No Directory Retrieval

8

TFTP Protocols – RFCs n RFC 1350 – The TFTP Protocol (Revision 2)n RFC 906 – Bootstrap loading using TFTPn RFC 1785 – TFTP Option Negotiation Analysisn RFC 1986 – Experiments with a Simple File Transfer Protocol

for Radio Links using Enhanced Trivial File Transfer Protocol (ETFTP)

n RFC 2090 – TFTP Multicast Optionn RFC 2347 – TFTP Option Extensionn RFC 2348 – TFTP Blocksize Optionn RFC 2349 – TFTP Timeout Interval and Transfer Size Optionsn RFC 3617 – Uniform Resource Identifier (URI) Scheme and

Applicability Statement for the Trivial File Transfer Protocol (TFTP)

9

TFTP Protocols – Packet Format (1)

n Order of headers

Ethernet Frame Header IP Header UDP Header TFTP

Header

TFTP header consists of a 2 byte opcodefield indicating the packet's type:1 Read request (RRQ)2 Write request (WRQ)3 Data (DATA)4 Acknowledgment (ACK)5 Error (ERROR)

TFTPData

10

TFTP Protocols – Packet Format (2)

n Read request (RRQ)

01 filename 0 mode 0

2 byte opcode in network byte order

null terminated ASCII string

containing name of file

null terminated ASCII string

containing transfer mode

Variable length fields

11

TFTP Protocols – Packet Format (3)

n Write request (WRQ)

02 filename 0 mode 0

2 byte opcode in network byte order

null terminated ASCII string

containing name of file

null terminated ASCII string

containing transfer mode

Variable length fields

12

TFTP Protocols – Packet Format (4)

n Data (DATA)

03 block# Data 0 to 512 bytes

2 byte opcode in network byte order

2 byte block number in network

byte order

all data packets have 512 bytes

except the last one (often indicating the

end of the data)

13

TFTP Protocols – Packet Format (5)

n Acknowledgment (ACK)

04 block#

2 byte opcode in network byte order

2 byte block number in network

byte order

14

TFTP Protocols – Packet Format (6)n Error (ERROR)

05 errcode errorstring

2 byte opcodein network byte order

2 byte error code in network byte order

null terminated ASCII error string

0 - not defined1 - File not found 2 - Access violation3 - Disk full4 - Illegal TFTP operation5 - Unknown transfer ID6 - File already exists7 - no such user

0

15

TFTP Operations – Transfer Mode

n Netascii - for transferring text filesn all lines end with \r\nn provides standard format for transferring

text filesn both ends responsible for converting

to/from netascii formatn Octet - for transferring binary files

n no translation done

16

TFTP Operations – Retransmissionn Symmetric

n Both machines involved in a transfer are considered senders and receivers.

n One sends data and receives acknowledgmentsn The other receives data and sends acknowledgments

n Each side implement the timeout and retransmissionn If a data packet gets lost in the network, the data sender times out and

retransmits the last data packetn If an acknowledgment is lost, the acknowledgment sender retransmits the

last acknowledgmentn The sender has to keep just one packet on hand for retransmission,

since the lock step acknowledgment guarantees that all older packets have been received

n Duplicate data packets must be recognized (ignored) and acknowledgment retransmitted

n This original protocol suffers from the sorcerer’s apprenticesyndrome (SAS)

17

TFTP Operations – Sorcerer’s Apprentice Syndrome

Sender Receiver

Send DATA[n]

Receive DATA[n]Send ACK[n]timeout

Retransmit DATA[n]

Receive ACK[n]

Send DATA[n+1]

Receive DATA[n] (dup)Send ACK[n] (dup)

Receive ACK[n] (dup)

Send DATA[n+1] (dup)Receive DATA[n+1]Send ACK[n+1]

Receive DATA[n+1] (dup)Send ACK[n+1] (dup)

and so on…

• Arising when an acknowledgment for a data packet is delayed, but not lost

• Leading toexcessive retransmissions

• Once started, the cycle continues indefinitely with each data packet being transmitted exactly twice

18

TFTP Operations – How to fix SAS

n Principle: break the retransmission loopn Sender should not resend a data packet in

response to a duplicate ACKn If sender receives ACK[n] - don’t send DATA[n+1]

if the ACK was a duplicate

n See details in RFC 1123

19

TFTP ExampleRRQ

file1netasciiDATA

Block1 512 bytes1ACK

1DATA

Block2 512 bytes2Losttimeoutresend

DATABlock2 512 bytes2

ACK2

DATABlock3 512 bytes3

ACK3 Lost

timeoutresend

ACK3

DATABlock4 464 bytes4Damaged

timeoutresend

DATABlock4 464 bytes4

ACK4

client server

n Beginning with RRQ/WRQ

n Every good block is Acknowledged

n Both sides use timers n Simple automatic

repeat request mechanism provides flow control

n A block of less than512 bytes signals the end of the file

20

TFTP Summaryn Used to move files between machines on different networks

implementing UDP

n The protocol is very restrictive, in order to simplifyimplementation

n Used with BOOTP and DHCP Configuration applications (RFC 906, “Bootstrap loading using TFTP”)

n The fixed length blocks make allocation straight forward, and the lock step acknowledgement provides flow control and eliminates the need to reorder incoming data packets

21

FTP(File Transfer Protocol)

22

FTPn FTP Featuresn FTP Protocolsn FTP Operationsn FTP Modeln FTP Control Commands and Repliesn FTP Example

23

FTP Featuresn Used to transfer files between hostsn Used to manipulate files, for example:

n List directoriesn Delete filesn Rename files

n Uses TCP for reliable transfersn Official Internet protocol

24

FTP Protocolsn RFC 959 – File Transfer Protocol n RFC 5797 – FTP Command and Extension Registryn RFC 4823 – FTP Transport for Secure Peer-to-Peer Business

Data Interchange over the Internetn RFC 4217 – Securing FTP with TLSn RFC 3659 – Extensions to FTPn RFC 2577 – FTP Security Considerationsn RFC 2428 – FTP Extensions for IPv6 and NATsn RFC 2389 – Feature negotiation mechanism for the File

Transfer Protocoln RFC 2228 – FTP Security Extensionsn RFC 1635 – How to Use Anonymous FTPn RFC 1579 – Firewall-Friendly FTPn RFC 0913 – Simple File Transfer Protocoln ……

25

FTP Operation Sequences(user commands)n Open connection to remote host

n ftp hostnamen open hostname

n Log into server (provide username and password)n user [username [password]]

n Set file transfer mode (such as ASCII or image)n type type-coden stru and mode commands used to alter transfer

n Transfer files (using get or put commands)n get remote-file [local-file]n put local-file [remote-file]n mget and mput commands used to transfer multiple files (such as * to

transfer all of a directory)n Perform other file operations

n delete, rename, mkdir, rmdir, ls, dir, ...n Exit client (quit) or close connection (close)

26

FTP Model (1)

File System

Server PI

Server DTP

Client PI

Client DTP

User Interface

File System

User

FTP server FTP client

Control Connection

Data Connection

27

FTP Model (2)n FTP Client

n Users interact with Client directlyn Active open of control connectionn Control connection uses ASCII plain-textn Sends commands (over control connection)n Receives replies (over control connection)n Data connection used to transfer file data

n FTP Servern System processn “Listens” for connection on well-known port 21n Receives commandsn Sends replies

28

FTP Model (3)n PI (Protocol Interpreter): The user and server sides of the

protocol have distinct roles implemented in a user-PI and a server-PI.

n DTP (Data Transfer Process): The data transfer process establishes and manages the data connection. The DTP can be passive or active.

n Control Connection: The communication path between the client-PI and server-PI for the exchange of commands and replies. This connection follows the Telnet Protocol.

n Data Connection: A full duplex connection over which data is transferred, in a specified mode and type. The data transferred may be a part of a file, an entire file or a number of files. The path may be between a server-DTP and a client-DTP, or between two server-DTPs.

29

FTP Model (4) - User interface (UI)

30

FTP Model (5) - Protocol Interpreter (PI)

n Interprets the user’s commands

31

Overview of an FTP Transfer

Active Mode

Downloading a file in

32

FTP Control Commandsn Usage

n Usually four (4) characters (such as RETR)n Arguments separated by spacesn Terminated by CR/LF sequencen Sent from client-PI to server-PIn The client program translates your requests into

the necessary commands and responsesn Three command groups

n Access controln Transfer parametern Service

33

FTP Control Commands: Access control group

n Specify user name: USER usernamen Specify password: PASS passwordn Specify account: ACCT accountn Change directory: CWD directory

n CDUP: Change to parent directoryn Reinitialize: REINn Terminate session: QUIT

34

FTP Control Commands: Transfer parameter group(1)

n Define data connection port:n PORT h1,h2,h3,h4,p1,p2

--used in active mode, telling FTP server the port number of client to accept data connection

orn PASV

--used in passive mode, informs server that client will contact to set up data connections

n Example of port number calculationn PORT 210,25,137,230,23,189

n IP: 210.25.137.230n Port: 23*256+189=6077

35

FTP Control Commands:Transfer parameter group(2)

n The 2 systems may use different ways to represent text and data.

n They need to define data type to use: n Command: TYPE type-code [form-code]

n type-code can be:n A for ASCII (initial default), used for text filesn I for image, used for binary filesn E for EBCDICn L byte-size to specify local byte size

n form-code (used for ASCII and EBCDIC) can be:n N for non-print (default)n T for TELNETn C for ASA (FORTRAN)

36

FTP Control Commands:Transfer parameter group(3)

n The 2 systems may store files in different directory structures.

n Define file structure: STRU structure-coden F for file (contiguous bytes terminated by EOF)n R for record (terminated by EOR)n P for page (indexed pages)

n Define file mode: MODE mode-coden S for stream (default)n B for blockn C for compressed

37

FTP Control Commands: Service group

n Retrieve (get) file: RETR filen Store (put) file: STOR filen Append to file: APPE filen Delete a file: DELE filen Create a directory: MKD directoryn Delete a directory: RMD directoryn Rename a file: RNFR file and RNTO filen List a directory: LIST spec and NLST specn Others such as HELP, SITE, SYST, ...

38

FTP Control Replies (1)n Every command must generate at least one replyn 3 digit code followed by delimiter and text

messagen Delimiter is space if last line of text messagen Delimiter is hyphen if not last line of text message

220-******Welcome to the Network Information Center*******220-******Login with username *anonymous* and password *guest*220 And more!

n Numeric code for client program, text for humans

39

FTP Control Replies (2)n Reply code meanings

Reply Code Meaning Reply Code Meaning

1nn Positive preliminary reply n0n Syntax error

2nn Positive completion n1n Information

3nn Positive intermediate n2n Connection information

4nn Transient negative (try again)

n3n Authentication / accounting

5nn Permanent negative (no such file)

n5n File System

40

FTP Control Replies (3)n Reply code examples (see RFC959 for more details)

[shiyan@localhost ~]$Connected to 192.168.1.253.220 (vsFTPd 2.0.1)530 Please login with USER and PASS.530 Please login with USER and PASS.KERBEROS_V4 rejected as an authentication typeName (192.168.1.253:shiyan):331 Please specify the password.Password:230 Login successful.Remote system type is UNIX.Using binary mode to transfer files.ftp>257 "/home/shiyan"ftp>250 Directory successfully changed.

ftp 192.168.1.253

shiyan

pwd

cdup

Service ready for new userNot logged in

User name okay, need password

User logged in, proceed

"PATHNAME" created

Requested file action okay, completed

41

FTP Control Connection & Data Connection (1)Server

20data

21control

Client2189

control5001data

Control connection is initiated by client and established

PORT (5001)200

Request to establish the data connection

Acknowledgment to the request

data

Receive user commandAcquire port 5001

Control command (RETR)

Reply (150)

Reply (226)

Active Mode: Server port

for data connection

=20

FTP Control Connection & Data Connection (2)n Typical data connection handling sequence (in active mode)

n Client sets up to “listen” on a unique portn Client uses local socket information to send PORT command to

servern Server responds with “200” reply to acknowledge the port numbern Client sends RETR, STOR, or other transfer commandn Server sends preliminary replyn Server does active open (“connect”)n File data sent over connectionn Server sends “226” or other replyn Server/client closes data connection

n Another mode: passive moden Client sends command PASVn server listens to a specific port and client should access that port

43

FTP Control Connection & Data Connection (3)Server

6077data

21control

Client2189

control5001data

Control connection is initiated by client and established

PASV227 (6077)

Request to establish the data connection

Acknowledgment to the request

data

Receive user commandAcquire port 5001

Control command (RETR)

Reply (150)

Reply (226)

Passive Mode: Server port

for data connection

>1024

44

FTP Control Connection & Data Connection (4)

n Control connectionn Remain alive as long as the user keeps the FTP session

activen Passing commands and repliesn Used to coordinate the ports used for data connection and

establish data connectionn follows the Telnet protocol in that it uses the NVT ASCII

character setn Data connection

n Be created dynamically when needed n One data connection persists for one file transfern Used for data transmission

45

FTP Session Examplen User command sequence

D:\temp>ftp 192.168.1.253ftp> lsftp> get a.tclftp> put file-for-upload.txtftp> rename file-for-upload.txt mykey.txtftp> lsftp> delete mukey.txtftp> binaryftp> ascii

46

Control commands and replies used when logging in

47

Commands and replies used for ls

Commands and replies used for get

Commands and replies used for put

One data connection persists for one file transfer

IP Address(192.168.1.168)

Port number(5001)

48

The procedure of get a.tcl• Data connection establishment• Data transmission• Data connection close

Between server port 20 and client port 5002, which is indicated in PORT command

49

Commands and replies used for switching between different types• binary• ascii

50

Traditional FTP vs. Anonymous FTPn Traditional FTP

n Must log in to FTP server before transfersn You log into a specific account with a password

n i.e. your own user accountn You can transfer to and from directories accessible to that

account

n Anonymous FTPn You log in with “anonymous” as the account namen Give your e-mail address as passwordn Host gives you access to public directoriesn Usually for downloading onlyn Not truly anonymous: your computer’s IP address is known

51

FTP via the Webn Downloading Files

n In the browser, type the URL: ftp://hostnamen Note that the URL begins with “ftp”, not “http”

n This will log you into that host (anonymous FTP) and show you a list of files and directories

n Go down the directory path to the directory you want

n Click on the filename to start the downloadingn Uses binary file transfer

52

FTP Archivingn Many FTP files are archivedn Two-step process

n First, several files are combined into one archive to avoid having to make multiple downloads

n Second, the combined files are compressed to reduce download times

n Receiver must unarchive the files to read them

1. Combine (tar)

2. Compress (zip)

53

NFS(Network File System)

54

Brief Introduction To NFSn The Network File System (NFS) is a client/server

application that lets a computer user view and optionally store and update file on a remote computer as though they were on the user's own computer

n The user's system needs to have an NFS client and the other computer needs the NFS server

n Earlier versions of NFS use UDPn NFS was developed by Sun Microsystems

55

Comparing FTP/NFS

FTP NFS

FTP just provides file transferNFS provides transparent file access for clients to files and file-systems on a server

With FTP a complete copy of the file is made NFS accesses portions of a file

FTP uses TCP NFS usually uses UDP on port2049

56

Secure FTPn SSL-FTP (Secure Socket Layer FTP)n SFTP (Secure File Transfer Program)n SCP (Secure Copy)

57

Summary

58

Summary Of Key Pointsn TFTP

n TFTP packet formatn TFTP transfer moden Sorcerer’s Apprentice Syndromen Typical communication procedure

n FTPn FTP modeln FTP control commands and repliesn Control connection vs. Data connectionn Active FTP vs. Passive FTPn Traditional FTP vs. Anonymous FTP

Abbreviations

EOF End Of FileEOR End Of RecordFTP File Transfer ProtocolNFS Network File SystemSAS Sorcerer’s Apprentice SyndromeTFTP Trivial File Transfer Protocol

59