Problem with TFTP proxy in a PXE scenario

  • Hi everybody
    I checked about 90 entries about tftp on this board an couldn't find a solution so I risk to open a new entry.

    What I have to provide for a customer:

    • Windows Server Deployment
          - Client is in
          - Deployment Server is in

    How I try to solve this:

    • DHCP Relay on interface of forwarding to Deployment Server (, Append circuit ID active (although that should have no influence in my situation)
    • TFTP Proxy on interface of

    What the problem is:

    • The TFTP Proxy seems to respond only to a part of the requests. The deployment does not work. It stops after a few transmitted files.

    Troubleshooting so far:
    1. Checking deployment in general. For this check I moved the client to It worked right away. Deployment seems to be OK.
    2. Since a few files were transmitted, I assume DHCP and PXE to be OK. This has also been verified by a check with tcpdump.
    2. Dumping the traffic on both sides and taking a closer look at the tftp transmissions. Here I find the following issue:

    On the client side:
    15:32:44.772640 IP >  53 RRQ "smsboot\x64\pxeboot.n12" octet blksize 1432 tsize 0
    15:32:45.078866 IP >  53 RRQ "smsboot\x64\pxeboot.n12" octet blksize 1432 tsize 0
    15:32:45.778912 IP >  53 RRQ "smsboot\x64\pxeboot.n12" octet blksize 1432 tsize 0
    15:32:46.414791 IP > UDP, length 27

    These are three requests for the file pxeboot.n12. The last line is the answer where length of the file and transmission size are transmitted.

    On the server side:
    15:32:46.413284 IP >  53 RRQ "smsboot\x64\pxeboot.n12" octet blksize 1432 tsize 0
    15:32:46.414733 IP > UDP, length 27
    15:32:48.432937 IP >  53 RRQ "smsboot\x64\pxeboot.n12" octet blksize 1432 tsize 0
    15:32:50.446170 IP >  53 RRQ "smsboot\x64\pxeboot.n12" octet blksize 1432 tsize 0

    Why is this an issue:
    The dump for both interfaces is from the same pfsense box, so the time values are accurate. Here, a request seems to spend about 2 to 4 seconds inside the firewall until it's transmitted. That behaver gets worse over time. Next in my dump are 5 requests with about 8 seconds, then 14 requests with up to 16 seconds and so on. The whole transmissions stalls after four successfully but delayed file transactions. That's where the client aborts, with about 5 open file requests.
    If I do not deploy over the firewall, every request is answered right away, no second request is necessary.

    Why should this be a TFTP Proxy problem:
    The firewall log is listing several blocks during these transactions. Here is a screenshot (not aligned with the tcpdump). is the firewalls interface on the server side. It seems like the deployment server tries to communicate to some parts directly with the client and but then as well via the firewalls interface ( I'm not sure how the TFTP Proxy actually works but this behaver seems a bit strange to me.

    Version: 2.1.2 (amd64)
    I have more log and dump material, but I don't want to flood this post. So feel free to ask if you need more detail. 
    Thank you for your time and help

    I opened a ticket in professional Support now. I will post the solution here if there is any
    ![Screenshot from 2014-12-05 11:22:47.png](/public/imported_attachments/1/Screenshot from 2014-12-05 11:22:47.png)
    ![Screenshot from 2014-12-05 11:22:47.png_thumb](/public/imported_attachments/1/Screenshot from 2014-12-05 11:22:47.png_thumb)

Log in to reply