Tftp wants to bind to all interfaces....this is bad!

[Shadyr]

...and this is a problem because I only want to allow it to start on one (something else will be holding that port on the primary system interface).

I am trying to work with the yum installed package tftp-server.

Still pretty new to Centos 7, so I am probably missing an important "how to do this" somewhere. I tried turning it on through xinetd and setting options there. It seems to ignore changes made there, so I (I know, not recommended) edited the tftp.service file directly. Some changes there are reflected when I start tftp, but it does not seem to be honoring "--bind-address x.x.x.x" if added to the ExecStart statement. Is there a nice "single interface how to" for tftp, or does anyone have a working single interface setup that they would not mind sharing conf or service files for?

Thanks!

[TrevorH]

man in.tftpd says you can pass --address

Code: Select all

       --address [address][:port], -a [address][:port]
              Specify a specific address and port to listen to when called with the --listen or --foreground option.
              The default is to listen to the tftp port specified in /etc/services on all local addresses.

If you're going to amend service files you should really copy them to /etc/systemd/system and make your changes there. You can make those as an entire overriding file or you can set it up to override only single items.

[Shadyr]

Thank you for that. It did not work for me, but it did get me started down the path that led to partial success. After another day of tinkering, I found the magic pairing.

I ended up having to 'systemctl edit --full tftp.socket' and change the default [Socket] section to this:

Code: Select all

[Socket]
ListenDatagram=1.2.3.4:69 (using my secondary IP that I want to listen on here)

I also had to 'systemctl edit --full tftp.service' and change a few things like so:

Code: Select all

[Unit]
Description=Tftp Server
Requires=tftp.socket
After=tftp.socket
Documentation=man:in.tftpd

[Service]
ExecStart=/usr/sbin/in.tftpd -s /tftpboot
StandardInput=socket

[Install]
WantedBy=multi-user.target

A systemctl daemon-reload later, everything seems more or less happy. It still fails to start automatically even though I enabled both socket and service, but it is at least running now.

[srvivn21]

For anyone who finds this post (like I did) very helpful, but was frustrated by TFPd not starting on boot:

systemctl edit tftp.socket

Code: Select all

[Unit]
BindsTo=network-online.target
After=network-online.target

[Socket]
ListenDatagram=
ListenDatagram=192.168.45.254:69

systemctl enable NetworkManager-wait-online.service

The "ListenDatagram=" is required to override the default (ListenDatagram=69). The directive is additive (it will bind ::69 and then try to also bind 192.168.45.254:69, which will fail causing the whole process to exit). Without at least the "After=network-online.target" TFPd will try to start before the IPaddress is available (and fail). network-online.target is not honored by default in CentOS 7 (as of 7.7.1908) (https://bugzilla.redhat.com/show_bug.cgi?id=1455704) and requires enabling the NetworkManager-wait-online.service.