[Asterisk-Users] TFTP - Good or Bad?

Sherwood McGowan madprofzero at yahoo.com
Thu Aug 4 11:01:00 MST 2005 

Just an additional FYI:
My company uses TFTP for end-users of our telephone service for
configuration of their Linksys ATAs. We have had very little issues with our
customers (home and business end-users over the internet). Of course, we
have our ATAs only pulling configs every once in a while, not upon boot
every time, as the Sipura-SPA might (although Linksys's ATAs have sipura-spa
backends, AFAIK, let me know if I'm wrong). 

I do agree though, with the point of multiple traversals of segements and
firewalls, and even the point of US to Japan being a possible problem.

My $0.02
Sherwood McGowan



->-----Original Message-----
->From: asterisk-users-bounces at lists.digium.com 
->[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of 
->Gary Guthary
->Sent: Thursday, August 04, 2005 1:29 PM
->To: asterisk-users at lists.digium.com
->Subject: [Asterisk-Users] TFTP - Good or Bad?
->
->Hi Guys/Gals -
->
->I don't post here often but I read with interest all the 
->postings. - I've been on a lot of mailing lists, but this one 
->is by far the most interesting.
->
->I've been doing a lot of work with 'tftp' loading Cisco 79xx 
->phones with firmware, configs. for asterisk, etc.
->
->And I see where a lot of folks have trouble with 'tftp', use 
->alternate port numbers (probably to get around firewall 
->issues), etc. - And I've even seen where some folks complain 
->that 'tftp' is one of the 'worst' protocols on the Internet.
->
->At the end of this posting, I've included a little tid-bit on 
->'primary/alternate' 'tftp' servers for the Cisco 79xx phone setup.
->
->This next part is mainly for 'newbies' who are new to 
->asterisk & haven't got a clue as to what 'tftp' is. - 
->Advanced users, geeks, etc., please disregard the next part 
->if you want.
->
->Apologize in advance if this is boring.
->
->Going back to 'Networking 101', just exactly what is 'tftp'? 
->- Is there any reason WHY it came into being in the first place?
->
->'tftp' stands for 'Trivial File Transfer Protocol'. - Unlike 
->the more popular 'ftp' protocol, 'tftp' is considered 
->'non-secure'. - Meaning that no login name/password challenge 
->is require. - The 'device' (computer, phone,
->whatever) sends a request to the 'tftp' server for the file & 
->the server sends it. - Plain and simple.
->
->'tftp' also uses the 'UDP' (User Datagram Protocol). - The 
->main difference between 'UDP' and 'TCP' is that 'UDP' uses NO 
->ERROR CORRECTION. - No 'acks'
->& 'naks' to make sure all the packets arrive okay at the 
->receiving end. - It's up the receiving end to make sure 
->everything was received okay.
->
->Why tftp? - Back in the 'olden' days....  When hard disk 
->drives were expensive, the Unix folks (i.e. the folks at Sun 
->Microsystems) came up with the idea of 'diskless 
->workstations'. - But for a 'diskless workstation' to boot up 
->& load an operating system, enter 'tftp'.
->
->When you fired up your diskless work station, it would start 
->up, DHCP it's network stuff then go out to the 'tftp' server 
->for it's O/S. - The 'tftp'
->server would send the 'boot image' and your workstation would 
->be up and running. - Simple as that.
->
->Well, not really that simple. - Here's a couple of 'Hows?' 
->and 'What ifs?'.
->
->How did the workstation lean the IP address of the 'tftp' 
->server when it booted?
->
->When the workstation DHCP'd it's IP address, netmask, 
->gateway, etc., it ALSO got the "PRIMARY TFTP SERVER ADDRESS". 
->- This part is STILL part of the DHCP protocol but a lot of 
->folks don't know it. - Also, for historical purposes, in the 
->olden days we didn't call it DHCP. - It was called 'bootp' - 
->or 'bootpset'.
->
->What if the 'boot image' got mangled when the workstation loaded it?
->
->Good question. - When the workstation received the 'boot 
->image', the 'boot image' also included a 'checksum' (much 
->similar to our present day md5-checksum). - This checksum was 
->verified. - If it didn't match, the workstation simply asked 
->for the 'boot image' file again.
->
->In those days, 'tftp' usually worked very well. - Mainly 
->because all the 'devices' were on the same segment of Ethernet.
->
->For newbies.- We asterisk/IP-Phone folks use 'tftp' to let 
->our phones/devices download their configs. when logging into 
->asterisk. - I'm not going into detail here how it works. - 
->There's plenty of docs., readmes, & man pages covering this.
->
->Today, when we start doing 'tftp' transfers over several 
->hundred/thousand miles of 'Internet', things can get 
->complicated. - I have a 'Broadvoice'
->account and hit it with a Sipura ATA. - This means that I 
->'tftp' whenever I fire up my Sipura. - But I live in JAPAN. - 
->And that's not a short-haul from me to the 'Broadvoice' 
->'tftp' server. - But most of the times, I boot up just fine.
->
->If your phones/devices are on the same local Ethernet 
->segment, you should be okay. - But if you have long distances 
->or firewalls between your devices and the 'tftp' server, you 
->might encounter some difficulties.
->
->If you have 'tftp' problems, take a good hard look at your 
->network.  But don't blame your problems on the protocol itself.
->
->Cisco 79xx phones & 'tftp' server addresses.
->
->When configuring a Cisco 79xx phone, you'll probably see 
->configs. for 'primary' and 'alternate' 'tftp' server. - 
->Especially if the phone is configured for DHCP. - You'll also 
->notice that you CANNOT make any changes to the 'primary tftp' 
->server but you can define an 'alternate tftp' server.
->
->Reason - If the Cisco phone DHCP's a 'tftp' server address, 
->it will become the phone's 'primary tftp' server. - In most 
->cases, it probably won't (but that's up to your network 
->admin). - If you wish to manually define a 'tftp'
->server, you have to set it up as an 'alternate tftp' server. 
->- If this is the case, the phone will let the 'alternate 
->tftp' server's address OVERRIDE the 'primary tftp' server's 
->address (if you DHCP'd one or not).
->
->Bottom line. - If you want to force your Cisco 79xx phone to 
->go to a specific 'tftp' server, set that server's address as 
->the 'alternate tftp'
->server.
->
->Gary Guthary
->gguthary at jtech.net
->
->
->
->_______________________________________________
->Asterisk-Users mailing list
->Asterisk-Users at lists.digium.com
->http://lists.digium.com/mailman/listinfo/asterisk-users
->To UNSUBSCRIBE or update options visit:
->   http://lists.digium.com/mailman/listinfo/asterisk-users
->

More information about the asterisk-users mailing list