<div dir="ltr"><div>Simon,</div><div><br></div><div></div><div>You're amazing, thank you so much!</div><div><br></div><div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">- kvaps<br></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Jan 6, 2020 at 12:06 AM Simon Kelley <<a href="mailto:simon@thekelleys.org.uk">simon@thekelleys.org.uk</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 30/12/2019 11:51, kvaps wrote:<br>
> Hi Simon,<br>
> <br>
> We're happy to use dnsmasq for organize network booting in Kubernetes,<br>
> it have everything need: DNS-, DHCP- and TFTP-servers.<br>
> <br>
> The only problem is that TFTP protocol in its reference implementation<br>
> is not working behind the NAT, because always sends reply packets from<br>
> random port.<br>
> <br>
> Note that Kubernetes uses NAT for external services, so it's not<br>
> possible to run TFTP-server for external clients there. There is one<br>
> proposed solution for that, it suggests moving away from the RFC and<br>
> implement --single-port option for always reply from the same port which<br>
> was requested by the client.<br>
> <br>
> In this way, the TFTP-packets can be simple NAT'ed back to the client side.<br>
> <br>
> Take a look on unique features for go-tftp implementation:<br>
> <a href="https://github.com/vcabbage/go-tftp#unique-features" rel="noreferrer" target="_blank">https://github.com/vcabbage/go-tftp#unique-features</a><br>
> <br>
> And its command line client:<br>
> <a href="https://github.com/kvaps/trivialt/" rel="noreferrer" target="_blank">https://github.com/kvaps/trivialt/</a><br>
> <br>
> Best regards<br>
> - kvaps<br>
> <br>
> _______________________________________________<br>
> Dnsmasq-discuss mailing list<br>
> <a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk" target="_blank">Dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
> <a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" rel="noreferrer" target="_blank">http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</a><br>
> <br>
<br>
<br>
Patch done. --tftp-single-port is an option. I tested with all the<br>
tftp-clients easily available and it worked fine.<br>
<br>
<br>
<br>
<a href="http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=66f62650c353e901264a4cf0729d35dbc0ae284d" rel="noreferrer" target="_blank">http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=66f62650c353e901264a4cf0729d35dbc0ae284d</a><br>
<br>
<br>
Simon.<br>
<br>
<br>
_______________________________________________<br>
Dnsmasq-discuss mailing list<br>
<a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk" target="_blank">Dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
<a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" rel="noreferrer" target="_blank">http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</a><br>
</blockquote></div>