FTP Server With UPnP Supported

In this article we design a FTP server with UPnP supported.It fixes the problem that FTP service would be un-available whenthe server is behind a NAT device.FTP service is a famous service on Internet. It makesdownloading and uploading files much easier than before. Lotsof companies setup FTP service to update clients' software.In recent years, Internet grows rapidly. But IPv4 address islimited. There are only 32 bits binary in IPv4 address. So at mostwe could assign 232 IPv4 address. This is not enough at all. Forsome historical reason IPv4 address shortage is a big problem insome Asia countries.To fix this IPv4 address shortage problem, experts develop anew technology called Network Address Translation (NAT). WithNAT, hosts inside the network could use private IP address, suchas 172.16.0.0/16. On the Internet gateway router of this network,we could enable NAT to translate all private IP address to one orsome public Internet IPv4 addresses. In this way, we could share1 public Internet IPv4 address among hundreds of hosts. Itdramatically saves the IPv4 address resource.Another technology, IPv6 fix this problem completely byextent the IP address to 128 bits. That means we could assign IPaddresses up to 2128 hosts, almost every sands on the earthcould get an IP address. However it is a long-time job to deployIPv6 around the world. We need to update almost everything,including routers, operating systems and all applications. It willtake a long time to update these systems to support IPv6. So atpresent, NAT is the most popular solution for IPv4 addressshortage.However with the deployment of NAT, new problem comesout. Lots of applications and services assume that any hosts onInternet can communicate with them, if the connection socketsare listened successfully. But if there is a NAT device on theoutgoing port of the network, this suppose will not be correct. Asthe NAT device will refuse the connecting request which areinitialized from the Internet. To solve this issue, we could setupthe port-mapping on NAT device. By setup the port-mapping, wecould tell the NAT device in advance where the traffic should beforwarded when the connecting request arrived from Internet.But it could only suit the services which only use one single portto communicate, like SMTP/POP3/TELNET/SNMP/HTTP, etc.For FTP service, the service will not only listen 21 port for controlsession, but also other ports are needed for the data session.Although FTP server will active connect to the clients instead oflistening ports in PORT model, the connection could not beestablished successfully at most time. Because the NAT deviceon client sides will also refuse the connecting request from theserver. And the ports number for data sessions are randomlygenerated when the data connections are needed. So for FTPservice we could not setup the port-mapping first before theservice started, as we do not know which ports will be used fordata sessions. That's why most FTP service in the privatenetwork will only be accessible in the inside network, butun-available for Internet.Now we are trying to fix this problem which is generated byusing NAT device.A new technology called Universal Plug and Play (UPnP)helps us. The UPnP architecture offers pervasive peer-to-peernetwork connectivity of PCs of all form factors, intelligentappliances, and wireless devices. The UPnP architecture is adistributed, open networking architecture that leverages TCP/IPand the Web to enable seamless proximity networking inaddition to control and data transfer among networked devices inthe home, office, and everywhere in between. By UPnP, wecould control NAT device in our program. We could addport-mapping when needed and delete it when we want. So wecould add the port-mapping on NAT device after FTP servicesuccessfully established its socket and delete it when FTPdestroyed the socket.To implement our design, we first need to register ourprogram as a control point. Then our program will receive thenotify message from the NAT device, which is multicast from239.255.255.250:1900. After getting the device self descriptiondocument which is in XML encapsulation, we could find out andsubscribe our interesting service. Now we could not only receivethe notify message, but also control the device by sending SOAPmessage. In this experiment only two kinds of messages areneed, one is add port-mapping message, and another is deleteport-mapping message. Also sometimes the port-mappingchecking message is need to make sure if the port-mappingentry has been added or deleted successfully.Until now, we could control the device by our own program,so next we should find when is the best time to add/deleteport-mapping on the device.By checking against the FTP RFC and sniffer most FTPclient softwares, we found, each time, when the FTP client needa passive (PASV) session, it would send 'PASV' command to theFTP server. When the FTP server receives 'PASV' command,first it will select a random port number, then make networksocket of this port and listen this socket. If the socket is listenedsuccessfully, FTP server will send the port number to client viacontrol session. So the best time we send add port-mappingmessage to the NAT device is after the socket is listenedsuccessfully. If the port-mapping entry for the port is setupsuccessfully, client from Internet will establish connections to ourinside FTP server successfully and transparently.Also we need to find a proper time to delete theport-mapping.In this experiment, we successfully make the FTP server inthe private network be accessible from Internet. Actually this is abetter solution in some companies. As our technology is themost cost-effective.