On Mon, Dec 30, 2019 at 12:51:30PM +0100, kvaps wrote:
>
> Note that Kubernetes uses NAT for external services, so it's not possible
> to run TFTP-server for external clients there. There is one proposed
> solution for that, it suggests moving away from the RFC and implement
> --single-port option for always reply from the same port which was
> requested by the client.
That approach is dangerously broken. The transfer IDs and the ports are
supposed to match; ramming everything over a single port is going to
break down when you have a lot of transfers happening simultaneously.
If you need this kind of functionality in Kubernetes you're much better
off using a different CNI plugin to manage your networking. There's no
inherent NAT requirement imposed by Kubernetes itself.
khm
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
