CommuniGate Pro
Version 5.2
Access
 
 
TFTP

TFTP Module

The CommuniGate Pro TFTP module implements a TFTP server for UDP/IP networks.

The TFTP protocol allows a TFTP client application to retrieve files from the Server computer. The CommuniGate Pro TFTP clients can retrieve data stored in Account File Storage.

Trivial File Transfer Protocol

The Trivial File Transfer Protocol allows client computers to work with files stored on remote servers. A computer running a TFTP client application sends UDP request packets to the server computer. These packets contain the name of the file to retrieve and the transfer mode. In return, the Server computer sends a UDP packet with a block of file data. If the file is larger than one block, then the client computer sends an ACK (acknowledgement) packet, and the Server sends the next block of file data in response.

The CommuniGate Pro TFTP module supports relevant Internet standards (RFCs).

Configuring the TFTP module

Use the WebAdmin Interface to configure the TFTP module. Open the Access pages in the Settings realm, and open the TFTP page:

Processing
Log Level: Listener
Default Storage: Try IP-Address Directory
Run Sessions on Controller
Log
Use this setting to specify what kind of information the TFTP module should put in the Server Log. Usually you should use the Major (password modification reports) or Problems (non-fatal errors) levels. But when you experience problems with the TFTP module, you may want to set the Log Level setting to Low-Level or All Info: in this case protocol-level or link-level details will be recorded in the System Log as well.
The TFTP module records in the System Log are marked with the TFTP tag.
listener
Use this link to open the UDP Listener page and specify the port number and local network address for the TFTP service, and access restrictions for that port. When the port number is set to 0, the TFTP server is disabled.
By default TFTP clients send requests to the UDP port 69.
If your server computer is already running some TFTP server, you may want to specify a non-standard port number here and reconfigure your TFTP client software to use that port number.
Default Storage
Since the TFTP module does not provide user authentication, you need to specify the File Storage to be used by default.
Specify a name of an existing Account in this field.
If that Account does not belong to the Main Domain, specify the full Account name as accountName@domainName.
You can specify a subdirectory of the Account File Storage by adding the subdirectory name separated with the slash (/) symbol: accountName/directoryName or accountName@domainName/directoryName
Try IP-Address Directory
If this option is enabled, the module can add the client IP address to the specified file name, thus allowing different identically configured clients to download different files (see below).
Run Sessions on Controller
This option is available in a Dynamic Cluster only.
When this option is enabled, the Server sends all TFTP requests to the Cluster Controller (unless this Server is the active Controller itself), using the inter-cluster CLI protocol. It then relays the Controller responses to the client.
This feature is required when you use a Load Balancer that does not keep any "session" or "state" for UDP requests, and subsequent requests within the same TFTP session can be directed to different Cluster members.

Access to Account File Storage

The file name specified in the TFTP read request packet is interpreted as the name of a file in the Default Account File Storage.

If the specified file name starts with the slash (/) or tilda (~) symbol, the file name should contain at least one non-leading slash symbol. The string between the leading special symbol and that slash symbol is interpeted as an Account name, and the string after that slah symbol - as the name of the file to retrieve from the File Storage of the specified Account.

if the specified file name starts with the slash (/) symbol, but it does not contain any other slash symbols, the leading slash symbol is removed.

The TFTP module tries to retrieve the specified files on behalf of the tftpuser in the Main Domain. By default, this Account does not exist, so the TFTP clients cannot retrieve anything from the private File Storage subdirectories.
To allow TFTP clients to access these subdirectories, create the tftpuser Account, and grant it the Unlimited File Storage Access right.

The addressed Account must have the WebSite Service enabled to allow TFTP clients to retrieve files from its File Storage.

Examples:

TFTP filename parameterAddressed file
file1.datfile1.dat in the Default File Storage
/file1.datfile1.dat in the Default File Storage
dirA/file1.datfile1.dat in the dirA subdirectory of the Default File Storage
/john/file1.dat
~john/file1.dat		file1.dat in the Account john File Storage
/john/dirB/file1.dat
~john/dirB/file1.dat		file1.dat in the dirB subdirectory of the Account john File Storage
/john@domain1.dom/dirB/file1.dat
~john@domain1.dom/dirB/file1.dat		file1.dat in the dirB subdirectory of the Account john@domain1.dom File Storage

If the Try IP-Address Directory option is enabled, and the specified file name does not start with the slash or tilda symbol, the module appends the text presentation of the client IP address in front of the file name. If a file with this name is not found, the inserted prefix is removed, and the module re-tries to retrieve a file.
This feature allows you to create subdirectories inside the Default Storage directory, named with certain client IP addresses.

Examples:

TFTP filename parameterClient IP addressAddressed file
file1.dat10.0.1.010.0.1.0/file1.dat (if absent, file1.dat) in the Default File Storage
/file1.dat10.0.1.010.0.1.0/file1.dat (if absent, file1.dat) in the Default File Storage
dirA/file1.dat10.0.1.010.0.1.0/dirA/file1.dat (if absent, dirA/file1.dat) in the Default File Storage
/john/file1.dat
~john/file1.dat		10.0.1.0file1.dat in the Account john File Storage
CommuniGate® Pro Guide. Copyright © 1998-2009, Stalker Software, Inc.