Advanced TFTP Load Balancing
Problem this snippet solves: TFTP works in similar fashion to active FTP, using a callback from a random high port for the data stream: 1. The initiating host A sends a request packet to host B at Well Known Port 69. 2. B replies with a packet sent from an ephemeral port, which should be used for the remainder of the request for all data packets between Host A and host B. How to use this snippet: To support the callback connection, you would: 1. Configure the UDP virtual server on port 69 to accept the control connection and apply the clientSideTftp 2. Configure & apply a SNAT enabled at least on the server-side VLAN 3. Configure the UDP virtual server on :any 4. Apply the serverSideTftp to reestablish the auto last hop context 5. Build a data-group for all possible vlans the clients can connect to similar to vlanMapping Code : rule clientSideTftp { when CLIENT_ACCEPTED { set LAST_HOP_MAC [LINK::lasthop] set CLIENT_VLAN [LINK::vlan_id] set CLIENT_IP [IP::client_addr] set VIRTUAL_IP [IP::local_addr] } when SERVER_CONNECTED { table set "[LINK::vlan_id][IP::remote_addr][IP::local_addr][UDP::local_port]" "$LAST_HOP_MAC $VIRTUAL_IP $CLIENT_IP $CLIENT_VLAN" indefinite 3600 } } rule serverSideTftp { when CLIENT_ACCEPTED { set entry [table lookup "[LINK::vlan_id][IP::remote_addr][IP::local_addr][UDP::local_port]"] if { $entry ne "" } { nexthop [class search -value vlanMapping equal [lindex $entry 3]] [lindex $entry 0] snat [lindex $entry 1] node [lindex $entry 2] } } } data-group vlanMapping { external-file-name /config/vlanMapping.dat records { 1100 { data peering } 1101 { data external } } type string } Tested this on version: 10.2812Views0likes4Comments