Re: [Dnsmasq-discuss] Single-port mode for TFTP

2019-12-30 Thread kvaps
No, there is need to respond exact from the same port which get an request. There is no way to configure firewall and use tftp-helper in Kubernetes, it's environments is very dynamic and might use different backends, eg ipvs and iptables. Please read this issue for more information:

Re: [Dnsmasq-discuss] Single-port mode for TFTP

2019-12-30 Thread john doe
On 12/30/2019 6:34 PM, kvaps wrote: > On Mon, Dec 30, 2019 at 2:42 PM john doe wrote: > >> Isn't the below flag what you want from (1): >> >> "--tftp-port-range=, >> A TFTP server listens on a well-known port (69) for connection >> initiation, but it also uses a dynamically-allocated port for

[Dnsmasq-discuss] [PATCH] Check for SERV_NO_REBIND on unqualified domains

2019-12-30 Thread Sung Pae
Hello, My home network has a DNS search domain of home.arpa and my machine's dnsmasq instance is configured with: server=/home.arpa/192.168.0.1 server=//192.168.0.1 stop-dns-rebind rebind-domain-ok=home.arpa rebind-domain-ok=// # Match unqualified domains

Re: [Dnsmasq-discuss] Single-port mode for TFTP

2019-12-30 Thread kvaps
> dnsmasq -d --enable-tftp --tftp-port-range=1069,1069 No way, because in this case it should also listen on 1069 port. - kvaps On Mon, Dec 30, 2019 at 9:11 PM Geert Stappers wrote: > On Mon, Dec 30, 2019 at 06:36:49PM +0100, kvaps wrote: > > On Mon, Dec 30, 2019 at 2:42 PM john doe wrote:

Re: [Dnsmasq-discuss] Single-port mode for TFTP

2019-12-30 Thread Geert Stappers
On Mon, Dec 30, 2019 at 06:36:49PM +0100, kvaps wrote: > On Mon, Dec 30, 2019 at 2:42 PM john doe wrote: > > Dec 30 2019, kvaps wrote: > > > ... > > Isn't the below flag what you want from (1): > > > > "--tftp-port-range=, > > A TFTP server listens on a well-known port (69) for connection > >

Re: [Dnsmasq-discuss] Single-port mode for TFTP

2019-12-30 Thread kvaps
On Mon, Dec 30, 2019 at 2:42 PM john doe wrote: > Isn't the below flag what you want from (1): > > "--tftp-port-range=, > A TFTP server listens on a well-known port (69) for connection > initiation, but it also uses a dynamically-allocated port for each > connection. Normally these are allocated

Re: [Dnsmasq-discuss] Single-port mode for TFTP

2019-12-30 Thread john doe
On 12/30/2019 12:51 PM, kvaps wrote: > Hi Simon, > > We're happy to use dnsmasq for organize network booting in Kubernetes, it > have everything need: DNS-, DHCP- and TFTP-servers. > > The only problem is that TFTP protocol in its reference implementation is > not working behind the NAT, because

[Dnsmasq-discuss] Single-port mode for TFTP

2019-12-30 Thread kvaps
Hi Simon, We're happy to use dnsmasq for organize network booting in Kubernetes, it have everything need: DNS-, DHCP- and TFTP-servers. The only problem is that TFTP protocol in its reference implementation is not working behind the NAT, because always sends reply packets from random port. Note