cancel
Showing results for 
Search instead for 
Did you mean: 

TFTP virtual server - why not just a VIP listening on all ports with port translation disabled?

I'm looking to establish a virtual server for TFTP (for boot file retrievai via DHCP option 66/67).  The examples given all depict an iRule that sets up a separate listening port for the "meet me" port that is returned after the initial exchange on port 69.

My question is - why is that necessary?  Why can't you just create a virtual server that listens on any port, without doing port translation (and with persistence based on e.g. source IP)?  Wouldn't the following exchange be handled cleanly by that?

    Client UDP -> VIP:69 -> ServerA:69 (returns "meet me on port 50000")

    Client UDP -> VIP:50000 -> ServerA:50000

Is the concern that two servers might pick the same meet-me port?  If so, would it work with priority group activation set such that only 1 server was accessed?  (that wouldn't provide for load balancing, but would handle redundancy requirements).

1 REPLY 1

Ahh ... read the RFC, and the scales fell from my eyes.  The initial request specifies the port the ephemeral port the client will expect replies to - and even the initial reply does not come back to the initial sending port. Never mind!