[PLUG] FTP server question

Carlos Konstanski ckonstanski at pippiandcarlos.com
Wed Sep 19 13:52:50 UTC 2007 

Robert Kopp writes:
 > I'm not quite sure what I'm getting into. I'd like to serve files to a few friends, files that are too large to send as file attachments. So it seems to me that an FTP server might be the way to go:
 > 
 > >sudo apt-get install proftpd
 > 
 > But I'm not quite done yet. The host computer gets an IP address from a router (it's on a LAN), and the router gets its address by DHCP from the ISP. Leases can last a long time; but this probably complicates DNS resolution. Can someone give me advice on how to proceed? Do I need to change the TOPOLOGY?                
 >  
 > Robert "Tim" Kopp
 > http://analytic.tripod.com/

The topology needs to look like this, from the outside in:

- A publically-available interface.  This is your DSL or cable modem.
  I have found that most DSL modems do routing and NAT, while most
  cable modems simply pass through the connection un-routed and
  un-natted.  Whatever the case may be, public access to this device
  must be reliable.  Bill's suggstion of a dynamic dns service applies
  here.  There are internet services available for keeping your
  dynamic IP pinned to a hostname.  Try http://www.no-ip.com/ , or
  consider getting a static IP address - better.  The end result is
  that your DNS name must resolve to a valid IP address, evan if that
  IP address changes once in a while.  Or you could just hand out your
  IP address, but you're hating it if it changes.

- A router.  Since the machine running the FTP service is not directly
  connected to the internet, something has to forward the traffic from
  the external interface to the interface on the FTP machine.  Perhaps
  your DSL modem is also a router, or maybe you have a D-Link or
  Linksys router (or something similar), or maybe you are using a
  linux box with 2 NICs and iptables as your router.  Whatever your
  router may be, you have to configure it to pass TCP ports 20 and 21
  to the FTP machine.  Also, as a separate step, the router has to be
  told to allow WAN traffice from these ports.  It doesn't do any good
  to forward the packets if they are blocked at the front door.

- An FTP machine.  This machine needs to be easily locatable by your
  router, just as your external IP address needs to be easily
  locatable by the people who want to find your FTP server.  If you
  are using an appliance router (DSL modem/router, D-Link, Linksys,
  etc.), there is probably a feature allowing you to give your FTP
  machine a DHCP reservation.  This means that any time a DHCP lease
  request comes form a particular MAC address, it is given the same
  preconfigured IP address.

BTW, I would caution against using sudo for non-trivial root
commands.  sudo does not load root's environment.  You do not have
root's PATH, for example.  Get a real root shell instead.  sudo is
suitable for chown, chmod, and other single-action commands that do
not depend on the environment.
-- 
Carlos Konstanski

More information about the PLUG mailing list