Tftp wants to bind to all interfaces....this is bad!

General support questions
Post Reply
Shadyr
Posts: 2
Joined: 2014/02/20 18:09:29
Location: Atlanta, GA

Tftp wants to bind to all interfaces....this is bad!

Post by Shadyr » 2017/03/09 14:14:35

...and this is a problem because I only want to allow it to start on one (something else will be holding that port on the primary system interface).

I am trying to work with the yum installed package tftp-server.

Still pretty new to Centos 7, so I am probably missing an important "how to do this" somewhere. I tried turning it on through xinetd and setting options there. It seems to ignore changes made there, so I (I know, not recommended) edited the tftp.service file directly. Some changes there are reflected when I start tftp, but it does not seem to be honoring "--bind-address x.x.x.x" if added to the ExecStart statement. Is there a nice "single interface how to" for tftp, or does anyone have a working single interface setup that they would not mind sharing conf or service files for?

Thanks!

User avatar
TrevorH
Forum Moderator
Posts: 26955
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Tftp wants to bind to all interfaces....this is bad!

Post by TrevorH » 2017/03/09 15:10:31

man in.tftpd says you can pass --address

Code: Select all

       --address [address][:port], -a [address][:port]
              Specify a specific address and port to listen to when called with the --listen or --foreground option.
              The default is to listen to the tftp port specified in /etc/services on all local addresses.
If you're going to amend service files you should really copy them to /etc/systemd/system and make your changes there. You can make those as an entire overriding file or you can set it up to override only single items.
CentOS 5 died in March 2017 - migrate NOW!
CentOS 6 goes EOL sooner rather than later, get upgrading!
Full time Geek, part time moderator. Use the FAQ Luke

Shadyr
Posts: 2
Joined: 2014/02/20 18:09:29
Location: Atlanta, GA

Re: Tftp wants to bind to all interfaces....this is bad!

Post by Shadyr » 2017/03/09 22:29:11

Thank you for that. It did not work for me, but it did get me started down the path that led to partial success. After another day of tinkering, I found the magic pairing.

I ended up having to 'systemctl edit --full tftp.socket' and change the default [Socket] section to this:

Code: Select all

[Socket]
ListenDatagram=1.2.3.4:69 (using my secondary IP that I want to listen on here)
I also had to 'systemctl edit --full tftp.service' and change a few things like so:

Code: Select all

[Unit]
Description=Tftp Server
Requires=tftp.socket
After=tftp.socket
Documentation=man:in.tftpd

[Service]
ExecStart=/usr/sbin/in.tftpd -s /tftpboot
StandardInput=socket

[Install]
WantedBy=multi-user.target
A systemctl daemon-reload later, everything seems more or less happy. It still fails to start automatically even though I enabled both socket and service, but it is at least running now.

srvivn21
Posts: 1
Joined: 2019/11/06 20:32:04

Re: Tftp wants to bind to all interfaces....this is bad!

Post by srvivn21 » 2019/11/06 20:51:44

For anyone who finds this post (like I did) very helpful, but was frustrated by TFPd not starting on boot:

systemctl edit tftp.socket

Code: Select all

[Unit]
BindsTo=network-online.target
After=network-online.target

[Socket]
ListenDatagram=
ListenDatagram=192.168.45.254:69
systemctl enable NetworkManager-wait-online.service

The "ListenDatagram=" is required to override the default (ListenDatagram=69). The directive is additive (it will bind ::69 and then try to also bind 192.168.45.254:69, which will fail causing the whole process to exit). Without at least the "After=network-online.target" TFPd will try to start before the IPaddress is available (and fail). network-online.target is not honored by default in CentOS 7 (as of 7.7.1908) (https://bugzilla.redhat.com/show_bug.cgi?id=1455704) and requires enabling the NetworkManager-wait-online.service.

Post Reply

Return to “CentOS 7 - General Support”