2
Agenda
n File transfer and access n TFTP (Trivial File Transfer Protocol) n FTP (File Transfer Protocol) n NFS (Network File System)
4
File Transfer And Access
n Providing computers with the ability to access files on remote machines
n Different goals n To lower overall cost n To archive data n To share data across multiple programs, multiple
users, or multiple sites n Two forms
n On-line access: NFS n Whole-file copying: FTP, TFTP
7
TFTP Features n Read and write files from / to remote computers n Minimal overhead (no security) n Designed for UDP, although could be used with other
transport protocols n Easy to implement n Small – possible to include in firmware n Often uses to bootstrap workstations and network
devices n No Access Control / No Directory Retrieval
8
TFTP Protocols – RFCs n RFC 1350 – The TFTP Protocol (Revision 2) n RFC 906 – Bootstrap loading using TFTP n RFC 1785 – TFTP Option Negotiation Analysis n RFC 1986 – Experiments with a Simple File Transfer Protocol
for Radio Links using Enhanced Trivial File Transfer Protocol (ETFTP)
n RFC 2090 – TFTP Multicast Option n RFC 2347 – TFTP Option Extension n RFC 2348 – TFTP Blocksize Option n RFC 2349 – TFTP Timeout Interval and Transfer Size Options n RFC 3617 – Uniform Resource Identifier (URI) Scheme and
Applicability Statement for the Trivial File Transfer Protocol (TFTP)
9
TFTP Protocols – Packet Format (1)
n Order of headers
Ethernet Frame Header IP Header UDP Header TFTP
Header
TFTP header consists of a 2 byte opcode field indicating the packet's type: 1 Read request (RRQ) 2 Write request (WRQ) 3 Data (DATA) 4 Acknowledgment (ACK) 5 Error (ERROR)
TFTP Data
TFTP Packet
10
TFTP Protocols – Packet Format (2)
n Read request (RRQ)
01 filename 0 mode 0
2 byte opcode in network byte order
null terminated ASCII string
containing name of file
null terminated ASCII string containing
transfer mode
Variable length fields
11
TFTP Protocols – Packet Format (3)
n Write request (WRQ)
02 filename 0 mode 0
2 byte opcode in network byte order
null terminated ASCII string
containing name of file
null terminated ASCII string
containing transfer mode
Variable length fields
12
TFTP Protocols – Packet Format (4)
n Data (DATA)
03 block# Data 0 to 512 bytes
2 byte opcode in network byte order
2 byte block number in network
byte order
all data packets have 512 bytes
except the last one (often indicating the
end of the data)
13
TFTP Protocols – Packet Format (5)
n Acknowledgment (ACK)
04 block#
2 byte opcode in network byte order
2 byte block number in network
byte order
14
TFTP Protocols – Packet Format (6) n Error (ERROR)
05 errcode errorstring
2 byte opcode in network byte order
2 byte error code in network byte order
null terminated ASCII error string
0 - not defined 1 - File not found 2 - Access violation 3 - Disk full 4 - Illegal TFTP operation 5 - Unknown transfer ID 6 - File already exists 7 - no such user
0
15
TFTP Operations – Transfer Mode
n Netascii - for transferring text files n all lines end with \r\n n provides standard format for transferring
text files n both ends responsible for converting to/
from netascii format
n Octet - for transferring binary files n no translation done
16
TFTP Operations – Retransmission n Symmetric
n Both machines involved in a transfer are considered senders and receivers.
n One sends data and receives acknowledgments n The other receives data and sends acknowledgments
n Each side implement the timeout and retransmission n If a data packet gets lost in the network, the data sender times out and
retransmits the last data packet n If an acknowledgment is lost, the acknowledgment sender retransmits the
last acknowledgment n The sender has to keep just one packet on hand for retransmission,
since the stop and wait mechanism guarantees that all older packets have been received
n Duplicate data packets must be recognized (ignored) and acknowledgment retransmitted
n This original protocol suffers from the sorcerer’s apprentice syndrome (SAS)
17
TFTP Operations – Sorcerer’s Apprentice Syndrome
Sender Receiver
Send DATA[n]
Receive DATA[n] Send ACK[n] timeout
Retransmit DATA[n]
Receive ACK[n]
Send DATA[n+1]
Receive DATA[n] (dup) Send ACK[n] (dup)
Receive ACK[n] (dup)
Send DATA[n+1] (dup)
Receive DATA[n+1] Send ACK[n+1]
Receive DATA[n+1] (dup) Send ACK[n+1] (dup)
and so on …
• Arising when an acknowledgment for a data packet is delayed, but not lost
• Leading to excessive retransmissions
• Once started, the cycle continues indefinitely with each data packet being transmitted exactly twice
18
TFTP Operations – How to fix SAS
n Principle: break the retransmission loop n Sender should not resend a data packet in
response to a duplicate ACK n If sender receives ACK[n] - don’t send DATA[n+1]
if the ACK was a duplicate
n See details in RFC 1123
19
TFTP Example
RRQ
file1 netascii DATA
Block1 512 bytes 1 ACK
1 DATA
Block2 512 bytes 2 Lost timeout resend
DATA Block2 512 bytes 2
ACK
2 DATA
Block3 512 bytes 3 ACK
3 Lost timeout resend
ACK
3 DATA
Block4 464 bytes 4 Damaged timeout resend
DATA Block4 464 bytes 4
ACK
4
client server
n Beginning with RRQ/WRQ
n Every good block is Acknowledged
n Both sides use timers n Simple stop and wait
mechanism provides reliable delivery and flow control
n A block of less than 512 bytes signals the end of the file
20
TFTP Summary n Used to move files between machines on different networks
implementing UDP, TFTP server waits for Read/Write request on port 69
n The protocol is very restrictive, in order to simplify implementation
n Used with BOOTP and DHCP Configuration applications (RFC 906, “Bootstrap loading using TFTP”)
n The fixed length blocks make allocation straight forward, and the stop and wait mechanism provides reliable delivery, flow control and eliminates the need to reorder incoming data packets
22
FTP
n FTP Features n FTP Protocols n FTP Operations n FTP Model n FTP Control Commands and Replies n FTP Example
23
FTP Features
n Used to transfer files between hosts n Used to manipulate files, for example:
n List directories n Delete files n Rename files
n Uses TCP for reliable transfers n Official Internet protocol
24
FTP Protocols n RFC 959 – File Transfer Protocol n RFC 5797 – FTP Command and Extension Registry n RFC 4823 – FTP Transport for Secure Peer-to-Peer Business
Data Interchange over the Internet n RFC 4217 – Securing FTP with TLS n RFC 3659 – Extensions to FTP n RFC 2577 – FTP Security Considerations n RFC 2428 – FTP Extensions for IPv6 and NATs n RFC 2389 – Feature negotiation mechanism for the File
Transfer Protocol n RFC 2228 – FTP Security Extensions n RFC 1635 – How to Use Anonymous FTP n RFC 1579 – Firewall-Friendly FTP n RFC 0913 – Simple File Transfer Protocol n ……
25
FTP Operation Sequences (user commands) n Open connection to remote host
n ftp hostname n open hostname
n Log into server (provide username and password) n user [username [password]]
n Set file transfer mode (such as ASCII or image) n type type-code n stru and mode commands used to alter transfer
n Transfer files (using get or put commands) n get remote-file [local-file] n put local-file [remote-file] n mget and mput commands used to transfer multiple files (such as * to
transfer all of a directory) n Perform other file operations
n delete, rename, mkdir, rmdir, ls, dir, ... n Exit client (quit) or close connection (close)
27
FTP Model (1)
File System
Server PI
Server DTP
Client PI
Client DTP
User Interface
File System
User
FTP server FTP client
Control Connection
Data Connection
28
FTP Model (2) n FTP Client
n Users interact with Client directly n Active open of control connection n Control connection uses ASCII plain-text n Sends commands (over control connection) n Receives replies (over control connection) n Data connection used to transfer file data
n FTP Server n System process n “Listens” for connection on well-known port 21 n Receives commands n Sends replies
29
FTP Model (3) n PI (Protocol Interpreter): The user and server sides of the
protocol have distinct roles implemented in a user-PI and a server-PI.
n DTP (Data Transfer Process): The data transfer process establishes and manages the data connection. The DTP can be passive or active.
n Control Connection: The communication path between the client-PI and server-PI for the exchange of commands and replies. This connection follows the Telnet Protocol.
n Data Connection: A full duplex connection over which data is transferred, in a specified mode and type. The data transferred may be a part of a file, an entire file or a number of files. The path may be between a server-DTP and a client-DTP, or between two server-DTPs.
33
FTP Control Connection & Data Connection
n Control connection n Remain alive as long as the user keeps the FTP session
active n Passing commands and replies n Used to coordinate the ports used for data connection and
establish data connection
n Data connection n Be created dynamically when needed n One data connection persists for one file transfer n Used for data transmission
34
FTP Control Commands n Usage
n Usually four (4) characters (such as RETR) n Arguments separated by spaces n Terminated by CR/LF sequence n Sent from client-PI to server-PI n The client program translates your requests into
the necessary commands and responses n Three command groups
n Access control n Transfer parameter n Service
35
FTP Control Commands: Access control group
n Specify user name: USER username n Specify password: PASS password n Specify account: ACCT account n Change directory: CWD directory
n CDUP: Change to parent directory n Reinitialize: REIN n Terminate session: QUIT
36
FTP Control Commands: Transfer parameter group(1) n Define data connection port:
n PORT h1,h2,h3,h4,p1,p2 --used in active mode, telling FTP server the port number
of client to accept data connection or
n PASV --used in passive mode, informs server that client will
contact to set up data connections
n Example of port number calculation n PORT 210,25,137,230,23,189
n IP: 210.25.137.230 n Port: 23*256+189=6077
37
FTP Control Commands: Transfer parameter group(2) n The 2 systems may use different ways to represent
text and data. n Command: TYPE type-code
n typical type-code can be: n A for ASCII (initial default), used for text files n I for image, used for binary files
38
FTP Control Commands: Transfer parameter group(3) n The 2 systems may store files in different directory
structures. n Define file structure: STRU structure-code
n F for file (contiguous bytes terminated by EOF, default) n R for record (terminated by EOR) n P for page (indexed pages)
n Define file mode: MODE mode-code n S for stream (default) n B for block n C for compressed
39
FTP Control Commands: Service group
n Retrieve (get) file: RETR file n Store (put) file: STOR file n Append to file: APPE file n Delete a file: DELE file n Create a directory: MKD directory n Delete a directory: RMD directory n Rename a file: RNFR file and RNTO file n List a directory: LIST spec and NLST spec n Others such as HELP, SITE, SYST, ...
40
FTP Control Replies (1)
n Every command must generate at least one reply n Sent from server-PI to client-PI n 3 digit code followed by delimiter and text
message n Delimiter is space if last line of text message n Delimiter is hyphen if not last line of text message
220-******Welcome to the Network Information Center******* 220-******Login with username *anonymous* and password *guest* 220 And more!
n Numeric code for client program, text for humans
41
FTP Control Replies (2) n Reply code meanings
Reply Code Meaning Reply Code Meaning
1nn Positive preliminary reply n0n Syntax
2nn Positive completion n1n Information
3nn Positive intermediate n2n Connection information
4nn Transient negative (try again)
n3n Authentication / accounting
5nn Permanent negative (no such file)
n5n File System
42
FTP Control Replies (3) n Reply code examples (see RFC959 for more details)
[shiyan@localhost ~]$ Connected to 192.168.1.253. 220 (vsFTPd 2.0.1) 530 Please login with USER and PASS. 530 Please login with USER and PASS. KERBEROS_V4 rejected as an authentication type Name (192.168.1.253:shiyan): 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> 257 "/home/shiyan" ftp> 250 Directory successfully changed.
ftp 192.168.1.253
shiyan
pwd
cdup
Service ready for new user Not logged in
User name ok, need password
User logged in, proceed
"PATHNAME" created
Requested file action okay, completed
43
FTP Control Connection & Data Connection (1)
Server 20
data 21
control
Client 2189
control 5001 data
Control connection is initiated by client and established
PORT (5001) 200
Request to establish the data connection
Acknowledgment to the request
data
Receive user command Acquire port 5001
Control command (RETR)
Reply (150)
Reply (226)
Active Mode: Server port
for data connection
=20
FTP Control Connection & Data Connection (2) n Typical data connection handling sequence (in active
mode) n Client sets up to “listen” on a unique port n Client uses local socket information to send PORT command to
server n Server responds with “200” reply to acknowledge the port number n Client sends RETR, STOR, or other transfer command n Server sends preliminary reply n Server does active open (“connect”) n File data sent over connection n Server sends “226” or other reply n Server/client closes data connection
n Another mode: passive mode n Client sends command PASV n server listens to a specific port and client should access that port
45
FTP Control Connection & Data Connection (3)
Server 6077 data
21 control
Client 2189
control 5001 data
Control connection is initiated by client and established
PASV 227 (6077)
Request to establish the data connection
Acknowledgment to the request
data
Receive user command Acquire port 5001
Control command (RETR)
Reply (150)
Reply (226)
Passive Mode: Server port for data connection
>1024
46
FTP Session Example n User command sequence
d:\temp> ftp 192.168.1.253 ftp> ls ftp> get a.tcl ftp> put file-for-upload.txt ftp> rename file-for-upload.txt mykey.txt ftp> ls ftp> delete mykey.txt ftp> binary ftp> ascii
48
Commands and replies used for ls
Commands and replies used for get
Commands and replies used for put
One data connection persists for one file transfer
IP Address (192.168.1.168)
Port number (5001)
Active mode is used for data connection
49
The procedure of get a.tcl • Data connection establishment • Data transmission • Data connection close
Between server port 20 and client port 5002, which is indicated in PORT command
51
Traditional FTP vs. Anonymous FTP
n Traditional FTP n Must log in to FTP server before transfers n You log into a specific account with a password
n i.e. your own user account n You can transfer to and from directories accessible to that
account
n Anonymous FTP n You log in with “anonymous” as the account name n Give your e-mail address as password n Host gives you access to public directories n Usually for downloading only n Not truly anonymous: your computer’s IP address is known
52
FTP via the Web
n Downloading Files n In the browser, type the URL: ftp://hostname
n Note that the URL begins with “ftp”, not “http” n This will log you into that host (anonymous FTP)
and show you a list of files and directories n Go down the directory path to the directory you
want n Click on the filename to start the downloading n Uses binary file transfer
53
FTP Archiving n Many FTP files are archived n Two-step process
n First, several files are combined into one archive to avoid having to make multiple downloads
n Second, the combined files are compressed to reduce download times
n Receiver must unarchive the files to read them
1. Combine (tar)
2. Compress (zip)
55
Brief Introduction To NFS
n The Network File System (NFS) is a client/server application that lets a computer user view and optionally store and update file on a remote computer as though they were on the user's own computer
n The user's system needs to have an NFS client and the other computer needs the NFS server
n Earlier versions of NFS use UDP
n NFS was developed by Sun Microsystems
56
Comparing FTP/NFS
FTP NFS
FTP just provides file transfer NFS provides transparent file access for clients to files and file-systems on a server
With FTP a complete copy of the file is made NFS accesses portions of a file
FTP uses TCP NFS usually uses UDP on port 2049
57
Secure FTP
n SSL-FTP (Secure Socket Layer FTP) n SFTP (Secure File Transfer Program) n SCP (Secure Copy)
59
Summary Of Key Points n TFTP
n TFTP packet format n TFTP transfer mode n Sorcerer’s Apprentice Syndrome n Typical communication procedure
n FTP n FTP model n FTP control commands and replies n Control connection vs. Data connection n Active FTP vs. Passive FTP n Traditional FTP vs. Anonymous FTP