how to tftp through neutron VM => real machine

asked 2014-04-07 07:57:36 -0600

ornoone gravatar image

HI, all I want is to starts my VM using an already existing pxe server running well in my LAN.

the probleme is that all my tftp request made inside my VM to my server is «NATED» by the router, and then all response is made to the router, who of cours reject the response.

my setup :

  • . the VM who do : curl tftp://
  • . the server with a running tftp server (named devlinux.di).
  • . the virtual router created via neutron.

my tests :

  • I can ssh into the VM
  • the VM can curl
  • the VM can ping
  • all port on tcp/udp is allowed in the security group.

  • i can curl tftp:// from another real PC in the network of

  • i can't curl tftp:// from the VM.

syslog on say :

Apr 7 14:43:42 devlinux in.tftpd[1614]: RRQ from filename pxelinux.0

Apr 7 14:43:42 devlinux in.tftpd[1614]: tftpd: read: Connection refused

where I expected RRQ from

tcp dump on the vm say :

12:43:40.335400 IP > 49 RRQ "pxelinux.0" octet tsize 0 blksize 512 timeout 6

tcpdump on the server say :

14:43:42.196493 IP > devlinux.di.tftp: 49 RRQ "pxelinux.0" octet tsize 0 blksize 512 timeout 6

so I think neutron or whatever is nating my upd request, and then tftpd-hpa is wrong on the real ip of the request...

edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted

answered 2014-04-07 08:07:27 -0600

ornoone gravatar image

I don't know why thes requestes is being nated, but if i enable conntrack for tftp, it run all good.

I just ran thes cmd on my neutron-server node :

# modprobe ip_nat_tftp
# modprobe ip_conntrack_tftp

and all work nice. I continue to see the request comming from the virtual router, but the response go through and finish on the VM.

edit flag offensive delete link more


Are you able to PXE boot an OS? My instance is able to download the pxelinux.0 file from the PXE server (located on the public lan), but then instead of looking at the pxelinux.cfg/default located on the PXE server, instead it appears to be searching on the local lan side. Can you please help?

niteshadw gravatar imageniteshadw ( 2014-05-06 21:05:44 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-04-07 07:57:36 -0600

Seen: 729 times

Last updated: Apr 07 '14