TFTP virtual server - why not just a VIP listening on all ports with port translation disabled?

Question

I'm looking to establish a virtual server for TFTP (for boot file retrievai via DHCP option 66/67). The examples given all depict an iRule that sets up a separate listening port for the "meet me" port that is returned after the initial exchange on port 69.

My question is - why is that necessary? Why can't you just create a virtual server that listens on any port, without doing port translation (and with persistence based on e.g. source IP)? Wouldn't the following exchange be handled cleanly by that?

Client UDP -> VIP:69 -> ServerA:69 (returns "meet me on port 50000")

Client UDP -> VIP:50000 -> ServerA:50000

Is the concern that two servers might pick the same meet-me port? If so, would it work with priority group activation set such that only 1 server was accessed? (that wouldn't provide for load balancing, but would handle redundancy requirements).

daboochmeister · Answer

Ahh ... read the RFC, and the scales fell from my eyes.&nbsp; The initial request specifies the port the ephemeral port the client will expect replies to - and even the initial reply does not come back to the initial sending port. Never mind!

Forum Discussion

TFTP virtual server - why not just a VIP listening on all ports with port translation disabled?

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

F5 Distributed Cloud - Listener Logic

Disable vip that is listening on different ports

How to listen to the DevCentral Podcasts

Radware config translation

UDP DNS listener doesn't resolve DNS query but TCP DNS listener can

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS