# inetd/tftp inside jail with vnet/



## sko (Apr 28, 2016)

Hello,

I'm trying to set up a PXE bootserver inside a jail on 10.3-RELEASE but having some Problems getting tftp (fully) working.

Jails are managed with iocage, vnet is enabled. The kernel was built based on GENERIC with VIMAGE support and disabled bpf to prevent panics on vnet-teardown. Basically I followed the iocage documentation for networking for this setup.

I can ping hosts on the network from inside the jail, so raw socket access is working (?), but when starting inetd the following is logged to messages:

```
inetd[15266]: madvise() failed: Operation not permitted
```

sockstat is showing inetd listening on port 69, I can connect from local or remote hosts, but attempts to "get" a file are failing with "didn't receive answer from remote.".

Same 'configuration' (well, its just uncommenting one line... ) works fine on the host system, so i'm assuming the problem is caused by running inetd/tftpd on a vnet interface.


Is it even possible to run tftp inside a jail and i'm just missing some configuration for the jail(s)?


----------



## SirDice (Apr 28, 2016)

sko said:


> sockstat is showing inetd listening on port 69,


TCP or UDP?



> I can connect from local or remote hosts, but attempts to "get" a file are failing with "didn't receive answer from remote.".



You never really "connect" with TFTP. There's no session like you would have with FTP for example.


----------



## sko (Apr 29, 2016)

UDP, and yes - "connecting" was the wrong term. I meant I can "interact" with the tftp server, e.g. "status" returns plausible values (or are they client-specific?). I also have several logentries in xferlog():

```
Apr 28 15:37:06 vhost1 tftpd[15352]: Filename: 'test'
Apr 28 15:37:06 vhost1 tftpd[15352]: Mode: 'netascii'
Apr 28 15:37:06 vhost1 tftpd[15352]: 10.188.89.201: read request for //test: success
```

But the client always times out with "didn't receive answer from remote".

Also forgot: This is with 10.3-RELEASE. There have been lots of changes to VNET/Vimage in CURRENT, so I might give it a try...


----------



## SirDice (Apr 29, 2016)

Instead of jumping straight to an unstable development version you might want to try 10-STABLE first.


----------

