The Trivial File Transfer Protocol allows client computers to work with files
stored on remote servers. A computer running a TFTP client
application sends UDP request packets to the server computer. These packets contain the
name of the file to read or to store, and the transfer mode.
For a file read operation, the server computer replies with a UDP packet with a block of file data.
If the file is larger than one block, then the client computer sends an ACK (acknowledgment) packet,
and the server computer sends the next block of file data in response.
For a file write operation, the server computer replies with an ACK UDP packet, the client
computer sends the first file data block, the server computer replies with an ACK packet, and the client computer sends the next data block.
The CommuniGate Pro TFTP module supports relevant Internet standards (RFCs).
Use the WebAdmin Interface to configure the TFTP module.
Open the Access pages in the Settings realm, and open the TFTP page:
- Log
- Use this setting to specify what kind of information the TFTP
module should put in the Server Log. Usually you should use the Major
(password modification reports) or Problems (non-fatal errors)
levels. But when you experience problems with the TFTP module, you may want
to set the Log Level setting to Low-Level or All Info:
in this case protocol-level or link-level details will be recorded in the
System Log as well.
The TFTP module records in the System Log are marked with the TFTP tag.
- listener
- Use this link to open the UDP Listener page and specify the port number and
local network address for the TFTP service, and access restrictions for
that port. When the port number is set to 0, the TFTP server is disabled.
By default TFTP clients send requests to the UDP port 69.
If your server computer is already running some TFTP server, you may want to specify
a non-standard port number here and reconfigure your TFTP client software to use that
port number.
- Default Storage
- Since the TFTP protocol does not authenticate clients, you need to specify the
File Storage to be used by default.
Specify a name of an existing Account in this field.
If that Account does not belong to the Main Domain, specify the full Account name as
accountName@domainName.
You can specify a subdirectory of the Account File Storage by adding the subdirectory name separated with
the slash (/) symbol: accountName/directoryName or accountName@domainName/directoryName
- Try IP-Address Directory
- If this option is enabled, the module adds the client IP address to the specified file name, thus allowing
different identically configured clients to work with different file sets (see below).
- Run Sessions on Controller
- This option is available in a Dynamic Cluster only.
When this option is enabled, the Server sends all TFTP requests to the Cluster Controller (unless this Server is the active Controller itself),
using the inter-cluster CLI protocol. It then relays the Controller responses to the client.
This feature is required when you use a Load Balancer that does not keep any "session" or "state" for UDP requests,
and subsequent requests within the same TFTP session can be directed to different Cluster members.
The file name specified in the TFTP read or write request packet is interpreted as the name of
a file in the Default Account File Storage.
If the specified file name starts with the slash (/) or Tilda (~) symbol,
the file name should contain at least one non-leading slash symbol. The string between the leading
special symbol and that slash symbol is interpreted as an Account name, and the string after that slash symbol -
as the name of the file to retrieve from the File Storage of the specified Account.
If the specified file name starts with the slash (/) symbol, but it does not contain any other slash symbols, the leading slash symbol is removed.
The TFTP module reads or writes the specified files on behalf of the tftpuser in the Main Domain. This makes it
possible to retrieve files from any Account File Storage directory outside the private directories.
To allow TFTP clients to access private directories or to allow TFTP clients to store files,
modify the target directory File Access Rights, granting the tftpuser the Read and/or Write rights.
Examples:
TFTP filename parameter | Addressed file |
file1.dat | file1.dat in the Default File Storage |
/file1.dat | file1.dat in the Default File Storage |
dirA/file1.dat | file1.dat in the dirA subdirectory of the Default File Storage |
/john/file1.dat ~john/file1.dat | file1.dat in the Account john File Storage |
/john/dirB/file1.dat ~john/dirB/file1.dat | file1.dat in the dirB subdirectory of the Account john File Storage |
/john@domain1.dom/dirB/file1.dat ~john@domain1.dom/dirB/file1.dat | file1.dat in the dirB subdirectory of the Account john@domain1.dom File Storage |
If the Try IP-Address Directory option is enabled, and the specified file name does not start with the slash or Tilda symbol,
the module appends the text presentation of the client IP address in front of the file name.
For a file read operation, if a file with this name is not found, the inserted prefix is removed, and the module re-tries to retrieve a file.
This feature allows you to create subdirectories inside the Default Storage directory, named with certain client IP addresses.
Examples:
TFTP filename parameter | Client IP address | Addressed file |
file1.dat | 10.0.1.0 | 10.0.1.0/file1.dat (if absent when reading, use file1.dat) in the Default File Storage |
/file1.dat | 10.0.1.0 | 10.0.1.0/file1.dat (if absent when reading, use file1.dat) in the Default File Storage |
dirA/file1.dat | 10.0.1.0 | 10.0.1.0/dirA/file1.dat (if absent when reading, use dirA/file1.dat) in the Default File Storage |
/john/file1.dat ~john/file1.dat | 10.0.1.0 | file1.dat in the Account john File Storage |
|