Difference between revisions of "Troubleshoot TFTP"

From FOG Project
Jump to: navigation, search
m
m (Troubleshooting TFTP)
Line 110: Line 110:
  
 
== Troubleshooting TFTP ==
 
== Troubleshooting TFTP ==
 
+
{{:Windows_TFTP}}
To test from windows, TFTP Client must be installed and the Firewall must allow TFTP Traffic.
 
 
 
Control Panel -> Programs and Features -> Turn Windows Features on or off -> TFTP Client
 
 
 
[[File:TFTP Client in Windows.png]]
 
  
  

Revision as of 13:04, 29 April 2015

It has been suggested that this article or section be merged with Unable_to_connect_to_TFTP. (Discuss)

Testing TFTP

Try to get a file with Linux:

tftp -v x.x.x.x -c get undionly.kpxe
Connected to x.x.x.x (x.x.x.x), port 69
getting from 10.2.1.11:undionly.kpxe to undionly.kpxe [netascii]
Received 89509 bytes in 0.0 seconds [84047115 bit/s]

Try to get a file with Windows:

tftp x.x.x.x get undionly.kpxe

TFTP Service

Fedora 20/21

status/enable/restart

systemctl status xinetd.service
systemctl enable xinetd.service
systemctl restart xinetd.service

Ubuntu

newer systems:

status/enable/restart

service tftpd-hpa status
service tftpd-hpa restart
service tftpd-hpa enable

older systems:

status/enable/restart

sudo /etc/init.d/xinetd status
sudo /etc/init.d/xinetd restart
sudo /etc/init.d/xinetd enable

TFTP Settings file

Fedora:

Location:

/etc/xinetd.d/tftp

To display /etc/xinetd.d/tftp:

cat /etc/xinetd.d/tftp

It should look a whole lot like this:

# default: off
# description: The tftp server serves files using the trivial file transfer #   protocol.  
#The tftp protocol is often used to boot diskless workstations, download configuration files to network-aware printers, 
# and to start the installation process for some operating systems.
service tftp
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /tftpboot
        disable                 = no
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4
}

To edit /etc/xinetd.d/tftp:

sudo vi /etc/xinetd.d/tftp


Explanation of settings for /etc/xinetd.d/tftp:

man xinetd.conf


Ubuntu:

Location:

/etc/default/tftpd-hpa

To display /etc/default/tftpd-hpa:

cat /etc/default/tftpd-hpa

It should look a whole lot like this:

# /etc/default/tftpd-hpa
# FOG Modified version
TFTP_USERNAME="root"
TFTP_DIRECTORY="/tfptboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="-s"

To edit /etc/default/tftpd-hpa:

sudo vi /etc/default/tftpd-hpa

Explanation of settings for /etc/default/tftpd-hpa:

man tftpd-hpa



Instructions on using Vi: Vi



Troubleshooting TFTP

To test from windows, TFTP Client must be installed and the Firewall must allow TFTP Traffic. The best way to guarantee that your windows firewall isn't blocking TFTP is to turn it off during your troubleshooting.


Using Windows 7 Pro:

Control Panel -> Programs and Features -> Turn Windows Features on or off -> TFTP Client

TFTP Client in Windows.png




Disable/verify Firewall

Disable & Stop Firewall in Fedora 20/21

systemctl disable firewalld.service
systemctl stop firewalld.service

Can be undone with "start" and "enable".

Check Firewall in Fedora 20/21

systemctl status firewalld.service

Fedora 16

Add /bin/bash to /etc/shells as the vsftpd yum install does not do it correctly causing tftp timeout message


Check Firewall in Debian/Ubuntu

sudo iptables -L

If disabled, the output should look like this:

Chain INPUT (policy ACCEPT)
target prot opt source destination 

Chain FORWARD (policy ACCEPT)
target prot opt source destination 

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Disable Ubuntu Firewall

sudo ufw disable

Disable Debian Firewall

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

Temporarily disable Windows firewall

TFTP Windows Firewall.png


Permissions

Check permissions on /tftpboot directory by using:

ls -ld /tftpboot

Check permissions on files in /tftpboot directory by using:

ls -ld /tftpboot/*.*

Set permissions to allow everyone full access to /tftpboot and all contents:

chmod -R 777 /tftpboot

See example permissions below:

TFTP Permissions.png


Check Network Switch settings

See IPXE for network switch settings concerning STP/portfast/etc.

Check DHCP Option 67

DHCP Settings

  • It is important to know that versions 0.32 and below use pxelinux.0 for option 67 in DHCP
  • For all versions 0.33 to current(1.3.0beta) use undionly.kpxe is generally recommended for option 67.
    • Other files that can be used are listed in your directory "/tftpboot"

Linux Based (ISC-DHCP)

Articles related to ISC-DHCP

BIOS and UEFI Co-Existence

ProxyDHCP with dnsmasq

FOG on a MAC

Fedora 21 Server#Verify Fedora DHCP config (if_using_DHCP)

Start/stop/enable/disable

Configure DHCP

FOG dnsmasq (ProxyDHCP)

  • You would use ProxyDHCP if you do not have access to your DHCP server, or are using a device that isn't capable of specifying option 066 and 067 (next server and file name). The most popular ProxyDHCP method with fog is dnsmasq. This article will walk you through that:
  • Not required unless you have an unmodifiable DHCP server/

Using_FOG_with_an_unmodifiable_DHCP_server/_Using_FOG_with_no_DHCP_server

Non-Linux DHCP

If you do not use FOG to provide DHCP services, the following sections will give some indication of settings for DHCP servers on various platforms.

Windows Server DHCP

  • Option 66
    • Windows 66.png
  • Option 67
    • Windows 67.png


Novell (Linux) Server DHCP

  • DHCP Overview from DNS/DHCP Console (Netware 6.5)
    • Novelldhcp.gif
  • Option 66
    • Novelloption66.gif
  • Option 67
    • Novelloption67.gif

Here is a link from Novell's website on how to setup their DHCP server: http://www.novell.com/coolsolutions/feature/17719.html

MAC Server DHCP

Use OS X Server app to install and utilize DHCP.

Use DHCP Option Code Utility to generate the code necessary.
https://docs.google.com/uc?id=0BwD4il5Z1G6fTmFFYU91bDNuRmc&export=download

One MUST generate the codes in order for PXE booting to work!
bootpd.plist is located in /etc/bootpd.plist

  • Option 66
    • MACOption66.png
  • Option 67
    • MACOption67.png


  • Sample bootpd.plist
    • This is a sample file DO NOT USE THIS IN YOUR ENVIRONMENT!!!! OS X Server app will generate most of this code for you, this example file is to show you the place where the generated code needs to be placed.
    • For Reference, your generated code should be placed between "dhcp_domain_search" and "dhcp_router"


  • Completed Bootpd.plist
    • MACbootpd.png

Other DHCP Configurations

Other DHCP Configurations