[c-nsp] IPSEC + TFTP don't work

Robert E. Seastrom rs at seastrom.com
Thu Apr 5 21:51:06 EDT 2012


Victor Sudakov <vas at mpeks.tomsk.su> writes:

> I feel that the issue may be in IP fragmentation of some sort which the
> dumb PXE TCP/IP stack cannot handle, but a google search did not help.
> At least neither an Intel NIC, nor a Realtek NIC nor a GPXE emulation
> work.

I'm pretty sure you're on the right track.

Try setting the MTU on the ethernet on the TFTP server to 1400 or so
rather than 1500.  That oughta fix the problem, assuming that the tftp
server software is sanely written.  If it were TCP (tftpboot is of
course udp) that would DTRT.

-r




More information about the cisco-nsp mailing list