FTP 227 Passive Mode vs 229 Extended Passive Mode
FTP 227 (PASV) and 229 (EPSV) both establish passive data connections, but 229 is the modern IPv6-compatible replacement. FTP 227 encodes the IP address and port in its response, while 229 only provides a port number, using the same IP as the control connection.
Descrição
Entering Passive Mode. The server provides an IP address and port number for the client to connect to for data transfer, formatted as (h1,h2,h3,h4,p1,p2).
Quando você o vê
After issuing the PASV command. The server switches to passive mode and tells the client where to connect for data transfer.
Como corrigir
No fix needed — parse the IP and port from the response to establish the data connection. If connections fail, check NAT/firewall rules on the passive port range.
Descrição
Entering Extended Passive Mode. The server provides only a port number for the data connection, using the same IP as the control connection. Works with both IPv4 and IPv6.
Quando você o vê
After issuing the EPSV command. The server responds with a port number in the format (|||port|) for the client to connect to.
Como corrigir
No fix needed — connect to the server's control IP on the provided port. If it fails, try falling back to PASV (227) or check firewall rules.
Diferenças principais
227 (PASV) is the original passive mode, encoding the server's IPv4 address and port in the response.
229 (EPSV) is Extended Passive Mode (RFC 2428), providing only a port number — compatible with both IPv4 and IPv6.
227 can cause NAT issues because the embedded IP may not match the public IP after address translation.
229 avoids NAT problems by reusing the control connection's IP address.
229 is required for IPv6 FTP connections; 227 only works with IPv4.
Quando usar qual
Use PASV (227) for legacy IPv4-only FTP servers and clients that do not support EPSV. Use EPSV (229) for modern FTP implementations, IPv6 environments, and connections through NAT/firewalls. FTP clients should attempt EPSV first and fall back to PASV if the server returns an error.