Problem:
I have the latest release 2.21 of Foreman running on CentOS 7.9 inside a libvirt VM (the host is Cent 8.2). Everything works except tftp. I can run tftp on the host machine and can access it from the VM on the command line e.g.
[root@foreman ~]# tftp -4 -v 192.168.0.150 -c get
Connected to 192.168.0.150 (192.168.0.150), port 69
(files) pxelinux.0
getting from 192.168.0.150:pxelinux.0 to pxelinux.0 [netascii]
Received 43347 bytes in 0.1 seconds [2582678 bit/s]
The client libvirt VMs all get created by Foreman and everything works, and the last stage is to run TFTP on the Foreman server but no matter what I try the TFTP from the host to the VM I see this:
tcpdump -i eth0 -vv port 69
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
11:29:51.532577 IP (tos 0x0, ttl 64, id 30935, offset 0, flags [DF], proto UDP (17), length 50)
vhost.test.local.50628 > foreman.test.local.tftp: [bad udp cksum 0x8279 -> 0x40a2!] 22 RRQ “pxelinux.0” netascii
11:29:56.532645 IP (tos 0x0, ttl 64, id 31303, offset 0, flags [DF], proto UDP (17), length 50)
vhost.test.local.50628 > foreman.test.local.tftp: [bad udp cksum 0x8279 -> 0x40a2!] 22 RRQ “pxelinux.0” netascii
…
I want to install as little as possible on the vhost system and where possible have everything in containers or VMs. Is there any way around this?
Expected outcome:
The file is transferred so the new VM boots
Foreman and Proxy versions:
- ansible-collection-theforeman-foreman-1.4.0-1.el8.noarch
- ansiblerole-foreman_scap_client-0.0.6-1.el7.noarch
- candlepin-3.1.22-1.el7.noarch
- candlepin-selinux-3.1.22-1.el7.noarch
- foreman-2.2.1-1.el7.noarch
- foreman-bootloaders-redhat-202005201200-1.el7.noarch
- foreman-bootloaders-redhat-tftpboot-202005201200-1.el7.noarch
- foreman-cli-2.2.1-1.el7.noarch
- foreman-console-2.2.1-1.el7.noarch
- foreman-debug-2.2.1-1.el7.noarch
- foreman-discovery-image-service-1.0.0-3.el7.x86_64
- foreman-dynflow-sidekiq-2.2.1-1.el7.noarch
- foreman-ec2-2.2.1-1.el7.noarch
- foreman-installer-2.2.1-1.el7.noarch
- foreman-installer-katello-2.2.1-1.el7.noarch
- foreman-libvirt-2.2.1-1.el7.noarch
- foreman-postgresql-2.2.1-1.el7.noarch
- foreman-proxy-2.2.1-1.el7.noarch
- foreman-release-2.2.1-1.el7.noarch
- foreman-selinux-2.2.1-1.el7.noarch
- foreman-service-2.2.1-1.el7.noarch
- foreman.persephone.biz-apache-1.0-1.noarch
- foreman.persephone.biz-foreman-client-1.0-1.noarch
- foreman.persephone.biz-foreman-proxy-1.0-1.noarch
- foreman.persephone.biz-foreman-proxy-client-1.0-1.noarch
- foreman.persephone.biz-puppet-client-1.0-1.noarch
- foreman.persephone.biz-qpid-broker-1.0-1.noarch
- foreman.persephone.biz-qpid-client-cert-1.0-1.noarch
- foreman.persephone.biz-qpid-router-client-1.0-1.noarch
- foreman.persephone.biz-qpid-router-server-1.0-1.noarch
- katello-3.17.0-1.el7.noarch
- katello-certs-tools-2.7.1-2.el7.noarch
- katello-client-bootstrap-1.7.5-1.el7.noarch
- katello-common-3.17.0-1.el7.noarch
- katello-debug-3.17.0-1.el7.noarch
- katello-default-ca-1.0-1.noarch
- katello-repos-3.17.0-1.el7.noarch
- katello-selinux-3.4.0-1.el7.noarch
- katello-server-ca-1.0-1.noarch
- pulp-admin-client-2.21.4-2.el7.noarch
- pulp-client-1.0-1.noarch
- pulp-consumer-client-2.21.4-2.el7.noarch
- pulp-deb-plugins-1.10.2-1.el7.noarch
- pulp-docker-plugins-3.2.8-1.el7.noarch
- pulp-katello-1.0.3-1.el7.noarch
- pulp-puppet-plugins-2.21.4-1.el7.noarch
- pulp-puppet-tools-2.21.4-1.el7.noarch
- pulp-rpm-admin-extensions-2.21.4-1.el7.noarch
- pulp-rpm-consumer-extensions-2.21.4-1.el7.noarch
- pulp-rpm-handlers-2.21.4-1.el7.noarch
- pulp-rpm-plugins-2.21.4-1.el7.noarch
- pulp-rpm-yumplugins-2.21.4-1.el7.noarch
- pulp-selinux-2.21.4-2.el7.noarch
- pulp-server-2.21.4-2.el7.noarch
- pulpcore-selinux-1.0.0-2.el7.x86_64
- puppet-foreman_scap_client-0.4.0-1.el7.noarch
- python-gofer-qpid-2.12.5-3.el7.noarch
- python-pulp-agent-lib-2.21.4-2.el7.noarch
- python-pulp-bindings-2.21.4-2.el7.noarch
- python-pulp-client-lib-2.21.4-2.el7.noarch
- python-pulp-common-2.21.4-2.el7.noarch
- python-pulp-deb-common-1.10.2-1.el7.noarch
- python-pulp-docker-common-3.2.8-1.el7.noarch
- python-pulp-oid_validation-2.21.4-2.el7.noarch
- python-pulp-puppet-common-2.21.4-1.el7.noarch
- python-pulp-repoauth-2.21.4-2.el7.noarch
- python-pulp-rpm-common-2.21.4-1.el7.noarch
- python-pulp-streamer-2.21.4-2.el7.noarch
- python2-qpid-1.37.0-4.el7.noarch
- python2-qpid-proton-0.32.0-2.el7.x86_64
- python2-qpid-qmf-1.39.0-1.el7.x86_64
- python3-pulp-2to3-migration-0.5.0-1.el7.noarch
- python3-pulp-certguard-1.0.2-1.el7.noarch
- python3-pulp-container-2.0.1-1.el7.noarch
- python3-pulp-file-1.2.0-1.el7.noarch
- python3-pulp-rpm-3.6.2-1.el7.noarch
- python3-pulpcore-3.6.3-2.el7.noarch
- qpid-cpp-client-1.39.0-1.el7.x86_64
- qpid-cpp-client-devel-1.39.0-1.el7.x86_64
- qpid-cpp-server-1.39.0-1.el7.x86_64
- qpid-cpp-server-linearstore-1.39.0-1.el7.x86_64
- qpid-dispatch-router-1.14.0-1.el7.x86_64
- qpid-proton-c-0.32.0-2.el7.x86_64
- qpid-qmf-1.39.0-1.el7.x86_64
- qpid-tools-1.39.0-1.el7.noarch
- rubygem-foreman_maintain-0.6.13-1.el7.noarch
- rubygem-foreman_scap_client-0.4.0-1.el7.noarch
- tfm-rubygem-actioncable-6.0.3.1-1.el7.noarch
- tfm-rubygem-actionmailbox-6.0.3.1-1.el7.noarch
- tfm-rubygem-actionmailer-6.0.3.1-1.el7.noarch
- tfm-rubygem-actionpack-6.0.3.1-1.el7.noarch
- tfm-rubygem-actiontext-6.0.3.1-1.el7.noarch
- tfm-rubygem-actionview-6.0.3.1-1.el7.noarch
- tfm-rubygem-activejob-6.0.3.1-1.el7.noarch
- tfm-rubygem-activemodel-6.0.3.1-1.el7.noarch
- tfm-rubygem-activerecord-6.0.3.1-1.el7.noarch
- tfm-rubygem-activerecord-import-1.0.0-2.el7.noarch
- tfm-rubygem-activerecord-session_store-1.1.1-4.el7.noarch
- tfm-rubygem-activestorage-6.0.3.1-1.el7.noarch
- tfm-rubygem-activesupport-6.0.3.1-1.el7.noarch
- tfm-rubygem-addressable-2.6.0-2.el7.noarch
- tfm-rubygem-algebrick-0.7.3-7.el7.noarch
- tfm-rubygem-amazing_print-1.1.0-1.el7.noarch
- tfm-rubygem-ancestry-3.0.7-1.el7.noarch
- tfm-rubygem-anemone-0.7.2-17.el7.noarch
- tfm-rubygem-angular-rails-templates-1.1.0-1.el7.noarch
- tfm-rubygem-ansi-1.5.0-2.el7.noarch
- tfm-rubygem-apipie-bindings-0.4.0-1.el7.noarch
- tfm-rubygem-apipie-dsl-2.2.9-1.el7.noarch
- tfm-rubygem-apipie-params-0.0.5-4.el7.noarch
- tfm-rubygem-apipie-rails-0.5.17-3.el7.noarch
- tfm-rubygem-audited-4.9.0-3.el7.noarch
- tfm-rubygem-bcrypt-3.1.12-3.el7.x86_64
- tfm-rubygem-builder-3.2.4-1.el7.noarch
- tfm-rubygem-bundler_ext-0.4.1-5.el7.noarch
- tfm-rubygem-clamp-1.1.2-6.el7.noarch
- tfm-rubygem-concurrent-ruby-1.1.6-2.el7.noarch
- tfm-rubygem-concurrent-ruby-edge-0.6.0-2.fm2_1.el7.noarch
- tfm-rubygem-connection_pool-2.2.2-2.el7.noarch
- tfm-rubygem-crass-1.0.6-1.el7.noarch
- tfm-rubygem-css_parser-1.4.7-4.el7.noarch
- tfm-rubygem-daemons-1.2.3-6.el7.noarch
- tfm-rubygem-deacon-1.0.0-4.el7.noarch
- tfm-rubygem-deep_cloneable-3.0.0-3.el7.noarch
- tfm-rubygem-deface-1.5.3-2.el7.noarch
- tfm-rubygem-domain_name-0.5.20160310-4.el7.noarch
- tfm-rubygem-dynflow-1.4.7-1.fm2_2.el7.noarch
- tfm-rubygem-erubi-1.9.0-1.el7.noarch
- tfm-rubygem-excon-0.76.0-1.el7.noarch
- tfm-rubygem-facter-2.4.0-7.el7.x86_64
- tfm-rubygem-faraday-0.15.4-2.el7.noarch
- tfm-rubygem-fast_gettext-1.4.1-4.el7.noarch
- tfm-rubygem-ffi-1.12.2-1.el7.x86_64
- tfm-rubygem-fog-aws-3.6.5-1.el7.noarch
- tfm-rubygem-fog-core-2.1.0-3.el7.noarch
- tfm-rubygem-fog-json-1.2.0-3.el7.noarch
- tfm-rubygem-fog-libvirt-0.7.0-2.el7.noarch
- tfm-rubygem-fog-xml-0.1.2-8.el7.noarch
- tfm-rubygem-foreman-tasks-3.0.1-1.fm2_2.el7.noarch
- tfm-rubygem-foreman-tasks-core-0.3.4-1.fm2_1.el7.noarch
- tfm-rubygem-foreman_ansible-6.0.0-1.fm2_2.el7.noarch
- tfm-rubygem-foreman_ansible_core-3.0.4-1.fm2_2.el7.noarch
- tfm-rubygem-foreman_bootdisk-17.0.2-2.fm2_2.el7.noarch
- tfm-rubygem-foreman_dhcp_browser-0.0.8-4.fm2_1.el7.noarch
- tfm-rubygem-foreman_discovery-16.2.0-1.fm2_2.el7.noarch
- tfm-rubygem-foreman_openscap-4.0.4-1.fm2_2.el7.noarch
- tfm-rubygem-foreman_remote_execution-4.1.0-1.fm2_2.el7.noarch
- tfm-rubygem-foreman_remote_execution-cockpit-4.1.0-1.fm2_2.el7.noarch
- tfm-rubygem-foreman_remote_execution_core-1.3.1-1.el7.noarch
- tfm-rubygem-foreman_snapshot_management-1.7.1-1.fm2_1.el7.noarch
- tfm-rubygem-formatador-0.2.1-12.el7.noarch
- tfm-rubygem-friendly_id-5.3.0-1.el7.noarch
- tfm-rubygem-fx-0.5.0-1.el7.noarch
- tfm-rubygem-get_process_mem-0.2.1-4.el7.noarch
- tfm-rubygem-gettext_i18n_rails-1.8.0-2.el7.noarch
- tfm-rubygem-gitlab-sidekiq-fetcher-0.6.0-1.el7.noarch
- tfm-rubygem-globalid-0.4.2-1.el7.noarch
- tfm-rubygem-graphql-1.8.14-2.el7.noarch
- tfm-rubygem-graphql-batch-0.3.10-2.el7.noarch
- tfm-rubygem-gssapi-1.2.0-7.el7.noarch
- tfm-rubygem-hammer_cli-2.2.1-1.el7.noarch
- tfm-rubygem-hammer_cli_foreman-2.2.0-1.el7.noarch
- tfm-rubygem-hammer_cli_foreman_ansible-0.3.2-1.fm2_1.el7.noarch
- tfm-rubygem-hammer_cli_foreman_bootdisk-0.3.0-1.el7.noarch
- tfm-rubygem-hammer_cli_foreman_docker-0.0.7-1.el7.noarch
- tfm-rubygem-hammer_cli_foreman_openscap-0.1.11-1.fm2_2.el7.noarch
- tfm-rubygem-hammer_cli_foreman_remote_execution-0.1.2-1.fm2_2.el7.noarch
- tfm-rubygem-hammer_cli_foreman_tasks-0.0.15-1.fm2_2.el7.noarch
- tfm-rubygem-hammer_cli_katello-0.23.2-1.el7.noarch
- tfm-rubygem-hashie-3.6.0-2.el7.noarch
- tfm-rubygem-highline-1.7.8-5.el7.noarch
- tfm-rubygem-http-cookie-1.0.2-4.el7.noarch
- tfm-rubygem-i18n-1.8.2-1.el7.noarch
- tfm-rubygem-ipaddress-0.8.0-12.el7.noarch
- tfm-rubygem-jwt-2.2.1-2.el7.noarch
- tfm-rubygem-kafo-5.0.1-1.el7.noarch
- tfm-rubygem-kafo_parsers-1.1.0-3.el7.noarch
- tfm-rubygem-kafo_wizards-0.0.1-4.el7.noarch
- tfm-rubygem-katello-3.17.0-1.el7.noarch
- tfm-rubygem-ldap_fluff-0.4.7-5.el7.noarch
- tfm-rubygem-little-plugger-1.1.4-2.el7.noarch
- tfm-rubygem-locale-2.0.9-14.el7.noarch
- tfm-rubygem-logging-2.2.2-5.el7.noarch
- tfm-rubygem-loofah-2.4.0-1.el7.noarch
- tfm-rubygem-mail-2.7.1-1.el7.noarch
- tfm-rubygem-marcel-0.3.3-1.el7.noarch
- tfm-rubygem-method_source-0.9.2-1.el7.noarch
- tfm-rubygem-mime-types-3.2.2-4.el7.noarch
- tfm-rubygem-mime-types-data-3.2018.0812-4.el7.noarch
- tfm-rubygem-mimemagic-0.3.5-1.el7.noarch
- tfm-rubygem-mini_mime-1.0.2-1.el7.noarch
- tfm-rubygem-mini_portile2-2.4.0-1.el7.noarch
- tfm-rubygem-multi_json-1.14.1-2.el7.noarch
- tfm-rubygem-multipart-post-2.0.0-2.el7.noarch
- tfm-rubygem-mustermann-1.0.2-4.el7.noarch
- tfm-rubygem-net-ldap-0.16.1-2.el7.noarch
- tfm-rubygem-net-ping-2.0.1-4.el7.noarch
- tfm-rubygem-net-scp-1.2.1-4.el7.noarch
- tfm-rubygem-net-ssh-4.2.0-2.el7.noarch
- tfm-rubygem-netrc-0.11.0-5.el7.noarch
- tfm-rubygem-nio4r-2.5.2-1.el7.x86_64
- tfm-rubygem-nokogiri-1.10.9-1.el7.x86_64
- tfm-rubygem-oauth-0.5.4-4.el7.noarch
- tfm-rubygem-openscap-0.4.9-3.el7.noarch
- tfm-rubygem-paint-0.8.7-9.el7.noarch
- tfm-rubygem-parse-cron-0.1.4-4.fm2_1.el7.noarch
- tfm-rubygem-pg-1.1.4-3.el7.x86_64
- tfm-rubygem-polyglot-0.3.5-2.el7.noarch
- tfm-rubygem-powerbar-2.0.1-2.el7.noarch
- tfm-rubygem-promise.rb-0.7.4-2.el7.noarch
- tfm-rubygem-public_suffix-3.0.3-2.el7.noarch
- tfm-rubygem-pulp_2to3_migration_client-0.5.0-1.el7.noarch
- tfm-rubygem-pulp_ansible_client-0.3.0-1.el7.noarch
- tfm-rubygem-pulp_certguard_client-1.0.2-1.el7.noarch
- tfm-rubygem-pulp_container_client-2.0.0-1.el7.noarch
- tfm-rubygem-pulp_file_client-1.2.0-1.el7.noarch
- tfm-rubygem-pulp_rpm_client-3.6.2-1.el7.noarch
- tfm-rubygem-pulpcore_client-3.6.0-1.el7.noarch
- tfm-rubygem-puma-4.3.3-4.el7.x86_64
- tfm-rubygem-rabl-0.14.3-1.el7.noarch
- tfm-rubygem-rack-2.2.3-1.el7.noarch
- tfm-rubygem-rack-cors-1.0.2-2.el7.noarch
- tfm-rubygem-rack-jsonp-1.3.1-9.el7.noarch
- tfm-rubygem-rack-protection-2.0.3-4.el7.noarch
- tfm-rubygem-rack-test-1.1.0-4.el7.noarch
- tfm-rubygem-rails-6.0.3.1-1.el7.noarch
- tfm-rubygem-rails-dom-testing-2.0.3-6.el7.noarch
- tfm-rubygem-rails-html-sanitizer-1.3.0-1.el7.noarch
- tfm-rubygem-rails-i18n-6.0.0-2.el7.noarch
- tfm-rubygem-railties-6.0.3.1-1.el7.noarch
- tfm-rubygem-rainbow-2.2.1-3.el7.noarch
- tfm-rubygem-rb-inotify-0.9.7-5.el7.noarch
- tfm-rubygem-record_tag_helper-1.0.1-3.el7.noarch
- tfm-rubygem-redis-4.1.2-2.el7.noarch
- tfm-rubygem-responders-3.0.0-3.el7.noarch
- tfm-rubygem-rest-client-2.0.2-3.el7.noarch
- tfm-rubygem-rkerberos-0.1.5-18.el7.x86_64
- tfm-rubygem-roadie-3.4.0-3.el7.noarch
- tfm-rubygem-roadie-rails-2.1.1-2.el7.noarch
- tfm-rubygem-robotex-1.0.0-21.el7.noarch
- tfm-rubygem-rsec-0.4.3-4.el7.noarch
- tfm-rubygem-ruby-libvirt-0.7.1-1.el7.x86_64
- tfm-rubygem-ruby2ruby-2.4.2-3.el7.noarch
- tfm-rubygem-ruby_parser-3.10.1-3.el7.noarch
- tfm-rubygem-rubyipmi-0.10.0-6.el7.noarch
- tfm-rubygem-runcible-2.13.1-1.el7.noarch
- tfm-rubygem-safemode-1.3.5-3.el7.noarch
- tfm-rubygem-scoped_search-4.1.9-1.el7.noarch
- tfm-rubygem-secure_headers-6.3.0-2.el7.noarch
- tfm-rubygem-sequel-5.7.1-3.el7.noarch
- tfm-rubygem-sexp_processor-4.10.0-6.el7.noarch
- tfm-rubygem-sidekiq-5.2.7-3.el7.noarch
- tfm-rubygem-sinatra-2.0.3-4.el7.noarch
- tfm-rubygem-smart_proxy_ansible-3.0.1-6.fm2_2.el7.noarch
- tfm-rubygem-smart_proxy_discovery-1.0.5-6.fm2_2.el7.noarch
- tfm-rubygem-smart_proxy_discovery_image-1.2.1-1.fm2_2.el7.noarch
- tfm-rubygem-smart_proxy_dynflow-0.2.4-6.fm2_2.el7.noarch
- tfm-rubygem-smart_proxy_dynflow_core-0.2.6-1.fm2_2.el7.noarch
- tfm-rubygem-smart_proxy_openscap-0.7.4-1.fm2_2.el7.noarch
- tfm-rubygem-smart_proxy_pulp-2.1.0-3.fm2_2.el7.noarch
- tfm-rubygem-smart_proxy_remote_execution_ssh-0.3.0-4.fm2_2.el7.noarch
- tfm-rubygem-sprockets-4.0.2-1.el7.noarch
- tfm-rubygem-sprockets-rails-3.2.1-6.el7.noarch
- tfm-rubygem-sqlite3-1.3.13-6.el7.x86_64
- tfm-rubygem-sshkey-1.9.0-4.el7.noarch
- tfm-rubygem-statsd-instrument-2.1.4-3.el7.noarch
- tfm-rubygem-stomp-1.4.9-1.el7.noarch
- tfm-rubygem-thor-1.0.1-2.el7.noarch
- tfm-rubygem-thread_safe-0.3.6-5.el7.noarch
- tfm-rubygem-tilt-2.0.8-4.el7.noarch
- tfm-rubygem-tzinfo-1.2.6-1.el7.noarch
- tfm-rubygem-unf-0.1.3-8.el7.noarch
- tfm-rubygem-unf_ext-0.0.7.2-3.el7.x86_64
- tfm-rubygem-unicode-0.4.4.4-3.el7.x86_64
- tfm-rubygem-unicode-display_width-1.0.5-4.el7.noarch
- tfm-rubygem-validates_lengths_from_database-0.5.0-7.el7.noarch
- tfm-rubygem-webpack-rails-0.9.8-5.el7.noarch
- tfm-rubygem-websocket-driver-0.7.1-1.el7.x86_64
- tfm-rubygem-websocket-extensions-0.1.5-1.el7.noarch
- tfm-rubygem-will_paginate-3.1.7-3.el7.noarch
- tfm-rubygem-wirb-1.0.3-6.el7.noarch
- tfm-rubygem-x-editable-rails-1.5.5-5.el7.noarch
- tfm-rubygem-xmlrpc-0.3.0-2.el7.noarch
- tfm-rubygem-zeitwerk-2.2.2-1.el7.noarch
- tfm-runtime-6.1-3.el7.x86_64
Foreman and Proxy plugin versions:
Distribution and version:
CentOS Linux release 7.9.2009
Other relevant data:
I am running the OS standard TFTP.socket on both machines:
]# systemctl status tftp.socket
● tftp.socket - Tftp Server Activation Socket
Loaded: loaded (/usr/lib/systemd/system/tftp.socket; enabled; vendor preset:>
Active: active (listening) since Fri 2020-11-20 10:47:21 CET; 50min ago
Listen: [::]:69 (Datagram)
Tasks: 0 (limit: 822644)
Memory: 0B
CGroup: /system.slice/tftp.socket
I was also wondering if it were possible to somehow configure the host as some kind of tftp-proxy so Foreman could dynamically update the boot files?