When working with passive mode, if we set pasv_max_port to 10100 and pasv_min_port to 10090. Does it mean the VSFTP server can only service 10 clients concurrently?
Can we set a same port number to both pasv_max_port and pasv_min_port? If it is possible, how many clients can the VSFTP server handle at the same time? Only one?
Best Answer
To simplify, i would say yes, and that is how you should consider it (in my opinion).
Limiting port range will limit simultaneous clients connections according to the number of ports you have between min and max. This way you will avoid weird behaviours.
But, in the fact that is not true and has to be moderated :-)
Going deeper and to be more precise : limiting ports affects concurent use of data channel.
Note that a new connexion request needs an available data channel.
I am not aware about all FTP commands that use data channel, but basically upload
(STOR)
, download(RETR)
, list(LIST)
commands need data channel.To illustrate this i've just made a test in lab (that you can reproduce) with my vsftpd server and these settings :
1. First test :
Why ?
2. Second test :
Why ?
3. Third test :
Why ?
Now you can understand why i was talking about "weird" behaviours at the beginning.
Hope it will help !