CommuniGate Pro
Version 6.4
 

TFTP Module

The CommuniGate Pro TFTP module implements a TFTP server for UDP/IP networks.

The TFTP protocol allows a TFTP client application to retrieve files from the Server computer and to store files on the Server computer. The CommuniGate Pro TFTP clients can read and write Account File Storage files.



Trivial File Transfer Protocol

The Trivial File Transfer Protocol allows client computers to work with files stored on remote servers. A computer running a TFTP client application sends UDP request packets to the server computer. These packets contain the name of the file to read or to store, and the transfer mode.
For a file read operation, the server computer replies with a UDP packet with a block of file data. If the file is larger than one block, then the client computer sends an ACK (acknowledgment) packet, and the server computer sends the next block of file data in response.
For a file write operation, the server computer replies with an ACK UDP packet, the client computer sends the first file data block, the server computer replies with an ACK packet, and the client computer sends the next data block.

The CommuniGate Pro TFTP module supports relevant Internet standards (RFCs).


Configuring the TFTP module

Use the WebAdmin Interface to configure the TFTP module. Open the Access pages in the Settings realm, and open the TFTP page:

Processing
Log Level: Listener
Default Storage: Try IP-Address Directory
Run Sessions on Controller
Log
Use this setting to specify what kind of information the TFTP module should put in the Server Log. Usually you should use the Major (password modification reports) or Problems (non-fatal errors) levels. But when you experience problems with the TFTP module, you may want to set the Log Level setting to Low-Level or All Info: in this case protocol-level or link-level details will be recorded in the System Log as well.
The TFTP module records in the System Log are marked with the TFTP tag.
listener
Use this link to open the UDP Listener page and specify the port number and local network address for the TFTP service, and access restrictions for that port. When the port number is set to 0, the TFTP server is disabled.
By default TFTP clients send requests to the UDP port 69.
If your server computer is already running some TFTP server, you may want to specify a non-standard port number here and reconfigure your TFTP client software to use that port number.
Default Storage
Since the TFTP protocol does not authenticate clients, you need to specify the File Storage to be used by default.
Specify a name of an existing Account in this field.
If that Account does not belong to the Main Domain, specify the full Account name as accountName@domainName.
You can specify a subdirectory of the Account File Storage by adding the subdirectory name separated with the slash (/) symbol: accountName/directoryName or accountName@domainName/directoryName
Try IP-Address Directory
If this option is enabled, the module adds the client IP address to the specified file name, thus allowing different identically configured clients to work with different file sets (see below).
Run Sessions on Controller
This option is available in a Dynamic Cluster only.
When this option is enabled, the Server sends all TFTP requests to the Cluster Controller (unless this Server is the active Controller itself), using the inter-cluster CLI protocol. It then relays the Controller responses to the client.
This feature is required when you use a Load Balancer that does not keep any "session" or "state" for UDP requests, and subsequent requests within the same TFTP session can be directed to different Cluster members.

Access to Account File Storage

The file name specified in the TFTP read or write request packet is interpreted as the name of a file in the Default Account File Storage.

If the specified file name starts with the slash (/) or Tilda (~) symbol, the file name should contain at least one non-leading slash symbol. The string between the leading special symbol and that slash symbol is interpreted as an Account name, and the string after that slash symbol - as the name of the file to retrieve from the File Storage of the specified Account.

If the specified file name starts with the slash (/) symbol, but it does not contain any other slash symbols, the leading slash symbol is removed.

The TFTP module reads or writes the specified files on behalf of the tftpuser in the Main Domain. This makes it possible to retrieve files from any Account File Storage directory outside the private directories.
To allow TFTP clients to access private directories or to allow TFTP clients to store files, modify the target directory File Access Rights, granting the tftpuser the Read and/or Write rights.

Examples:

TFTP filename parameterAddressed file
file1.datfile1.dat in the Default File Storage
/file1.datfile1.dat in the Default File Storage
dirA/file1.datfile1.dat in the dirA subdirectory of the Default File Storage
/john/file1.dat
~john/file1.dat
file1.dat in the Account john File Storage
/john/dirB/file1.dat
~john/dirB/file1.dat
file1.dat in the dirB subdirectory of the Account john File Storage
/john@domain1.dom/dirB/file1.dat
~john@domain1.dom/dirB/file1.dat
file1.dat in the dirB subdirectory of the Account john@domain1.dom File Storage

If the Try IP-Address Directory option is enabled, and the specified file name does not start with the slash or Tilda symbol, the module appends the text presentation of the client IP address in front of the file name. For a file read operation, if a file with this name is not found, the inserted prefix is removed, and the module re-tries to retrieve a file.
This feature allows you to create subdirectories inside the Default Storage directory, named with certain client IP addresses.

Examples:

TFTP filename parameterClient IP addressAddressed file
file1.dat10.0.1.010.0.1.0/file1.dat (if absent when reading, use file1.dat) in the Default File Storage
/file1.dat10.0.1.010.0.1.0/file1.dat (if absent when reading, use file1.dat) in the Default File Storage
dirA/file1.dat10.0.1.010.0.1.0/dirA/file1.dat (if absent when reading, use dirA/file1.dat) in the Default File Storage
/john/file1.dat
~john/file1.dat
10.0.1.0file1.dat in the Account john File Storage

CommuniGate Pro Guide. Copyright © 2020-2023, AO StalkerSoft