421 Could not create socket
Moderator: Project members
-
- 504 Command not implemented
- Posts: 8
- Joined: 2018-09-24 15:37
- First name: Robert
- Last name: Chapie
421 Could not create socket
Hello,
We are experiencing occasional 421 Could not create socket notices. This is causing some of our ftp jobs to fail and need to be resent. We are a low volume user, around 40 logins daily transferring 5 files. The files vary in size from 500K to 15-20 meg. The connections are spaced out through the day so they don't all hit at once. We are using the current version 0.9.60.2. We are using passive mode without specifying a port range since everything is internal, no external connections to the internet, everything is open. Here is a sample of what we are seeing. I have changed the login and ip address. When the PASV command is issued is the could not create socket coming from my FTP server or the client? Should I define a port range for Filezilla to use?
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 230 Logged on
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> CWD \
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 250 CWD successful. "/" is current directory.
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> TYPE I
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 200 Type set to I
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> PASV
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 421 Could not create socket.
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> QUIT
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 221 Goodbye
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> disconnected.
Thanks
Rob
We are experiencing occasional 421 Could not create socket notices. This is causing some of our ftp jobs to fail and need to be resent. We are a low volume user, around 40 logins daily transferring 5 files. The files vary in size from 500K to 15-20 meg. The connections are spaced out through the day so they don't all hit at once. We are using the current version 0.9.60.2. We are using passive mode without specifying a port range since everything is internal, no external connections to the internet, everything is open. Here is a sample of what we are seeing. I have changed the login and ip address. When the PASV command is issued is the could not create socket coming from my FTP server or the client? Should I define a port range for Filezilla to use?
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 230 Logged on
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> CWD \
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 250 CWD successful. "/" is current directory.
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> TYPE I
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 200 Type set to I
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> PASV
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 421 Could not create socket.
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> QUIT
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> 221 Goodbye
(004272) 9/21/2018 8:45:21 AM - anyftp (11.200.10.245)> disconnected.
Thanks
Rob
Re: 421 Could not create socket
Consider limiting the Passive range to 49152-65535, even if it is internal. The reason is that only the mentioned range is most probably unused (meant for temporary, ephemeral usage). All lower ports might at least be occupied partially by other services. When FileZilla tries to create a passive socket on such an occupied or blocked port, the result is the error 421 as you experienced.We are using passive mode without specifying a port range since everything is internal, no external connections to the internet, everything is open.
Things to consider:
- Antivirus programs or other security software can block sockets. Sockets can also be occupied by other services.
- The error shown starts with a "4", thus it is of temporary nature. In such situations, your scripts should simply retry the transfer. Aborting the scrips is only correct in case of errors starting with "5" (permanent error).
Lines starting with a response code always come from the server.When the PASV command is issued is the could not create socket coming from my FTP server or the client?
Btw. you don't need to obfuscate internal IP addresses (starting with 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). These are not unique in any way and cannot be used for identification.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
Re: 421 Could not create socket
That's no longer necessary since version 0.9.51, since then if no range has been manually been configured, 49152 through 65535 is used.Consider limiting the Passive range to 49152-65535, even if it is internal. The reason is that only the mentioned range is most probably unused (meant for temporary, ephemeral usage). All lower ports might at least be occupied partially by other services. When FileZilla tries to create a passive socket on such an occupied or blocked port, the result is the error 421 as you experienced.
FileZilla Server allocates ports in a manner that automatically prevents reuse of ports within the mandatory TIME_WAIT interval (see TCP RFCs). In case a port is selected that is already used by a program other than FileZilla Server, it retries up to 15 times to find an alternative before giving up.
Re: 421 Could not create socket
In that case, AV interfering.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 504 Command not implemented
- Posts: 8
- Joined: 2018-09-24 15:37
- First name: Robert
- Last name: Chapie
Re: 421 Could not create socket
Thanks for the replies. We are using Symantec Endpoint Protection. Can I put in an exclusion for ports 49152 through 65535?
Re: 421 Could not create socket
Worth a try.
-
- 504 Command not implemented
- Posts: 8
- Joined: 2018-09-24 15:37
- First name: Robert
- Last name: Chapie
Re: 421 Could not create socket
I was able to get Symantec turned off and I am still getting random 421 Could not create socket errors. Next thing to try is putting in a custom port range of 52,000 to 53,000. My other thought is to go to a slightly older release. Any other suggestions?
Thanks
Rob
Thanks
Rob
Re: 421 Could not create socket
Older releases are not supported, so, we cannot recommend nor help with that.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 504 Command not implemented
- Posts: 8
- Joined: 2018-09-24 15:37
- First name: Robert
- Last name: Chapie
Re: 421 Could not create socket
Hi,
I'm going to close the loop on this issue. I disabled Symantec and I still received the 421 socket error. I then set the passive range to 52,000 -- 53,000. No 421 socket errors for almost 2 weeks.
Rob
I'm going to close the loop on this issue. I disabled Symantec and I still received the 421 socket error. I then set the passive range to 52,000 -- 53,000. No 421 socket errors for almost 2 weeks.
Rob