Taking into consideration the number of concurrent connections, what should be the recommended port range for passive ftp?

Resolution

The recommended port range is 5 times the expected number of concurrent connections. This recommendation is based on the following reasons:

1. If the port range is too small or equal to the number of expected number of connections, the availability of a port to connect to is not guaranteed. The OS does not release a port immediately after a user disconnects and the port will not be immediately available for another connection. This would result in a failure when a new connection is attempted.

2. When most of the ports are used up, and when a new connection is attempted, the server does a port scan to find out the next available port. This is resource intensive and hence could affect the performance of the server. By keeping a large pool of ports, the chance of finding next available port is high and hence does not affect the performance.