[Dnsmasq-discuss] Single-port mode for TFTP

Simon Kelley simon at thekelleys.org.uk
Sun Jan 5 22:17:18 GMT 2020


On 30/12/2019 11:51, kvaps wrote:
> Hi Simon,
> 
> We're happy to use dnsmasq for organize network booting in Kubernetes,
> it have everything need: DNS-, DHCP- and TFTP-servers.
> 
> The only problem is that TFTP protocol in its reference implementation
> is not working behind the NAT, because always sends reply packets from
> random port.
> 
> Note that Kubernetes uses NAT for external services, so it's not
> possible to run TFTP-server for external clients there. There is one
> proposed solution for that, it suggests moving away from the RFC and
> implement --single-port option for always reply from the same port which
> was requested by the client.
> 
> In this way, the TFTP-packets can be simple NAT'ed back to the client side.
> 
> Take a look on unique features for go-tftp implementation:
> https://github.com/vcabbage/go-tftp#unique-features
> 
> And its command line client:
> https://github.com/kvaps/trivialt/
> 
> Best regards
> - kvaps
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 


Patch done. --tftp-single-port is an option. I tested with all the
tftp-clients easily available and it worked fine.



http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=66f62650c353e901264a4cf0729d35dbc0ae284d


Simon.




More information about the Dnsmasq-discuss mailing list