Hi there,
I'm new to the list, but I think this might be the best place to send a
small patch to in.tftpd. It makes the server work over aliased interfaces,
which is usually necessary for high availability servers.
For example, when using two machines to serve tftp, controlled by
heartbeat, you have a "service" IP that heartbeat configures as an alias to
the real interface. So here I have the machine ha1, eth0 is 10.0.17.27, and
eth0:0 is 10.0.17.26, which is the "service" ip. The hostname ha translates
to the service IP.
What happens is that a client tries to download a kernel image from ha, but
since tftpd binds to inaddr_any, it ends up replying as 10.0.17.27, which
is not what the client expects. tcpdump shows requests going to 10.0.17.26,
and answers coming from 10.0.17.27. Obviously it does not work, since the
server keeps sending the same block, and the client keeps acking the block
it received. They don't really see each other...
If the server binds to 10.0.17.26, everything works ok. Since tftp uses
udp, we can't obtain (AFAIK, pleased to be proved wrong on this) the IP
that the client used to reach us and bind to that, so that things would
work fine without any odd changes. What I did to solve this is a small
patch that adds a "-b <ip>" option to in.tftpd, so that you can specify the
IP it should bind to. Marginal error handling is done and logged.
With this patch, setting up a highly available tftp server needs only a
small addition to the inetd line with the "-b <ip>" option. Whenever the
primary server goes down, heartbeat restarts the service (in this case
inetd) on the backup, which assumes the service IP. in.tftpd now binds to
that address when run, so clients don't see any change.
Anybody has comments or critics? I'm eager to hear them...
Regards
Fábio
--
( Fábio Olivé Leite -- Conectiva HA Team -- olive@xxxxxxxxxxxxxxxx )
( PPGC/UFRGS MSc candidate -- Advisor: Taisy Silva Weber )
( Linux - Distributed Systems - Fault Tolerance - Security - Pizza )
tftp_ha.patch
Description: Text document
|