Bug 1468905 - Satellite 6.2.10 TFTP FAILURE - PORT NOT LISTED AS REQUIRED IN DOC
Satellite 6.2.10 TFTP FAILURE - PORT NOT LISTED AS REQUIRED IN DOC
Status: CLOSED NOTABUG
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Docs Install Guide (Show other bugs)
6.2.10
Unspecified Unspecified
unspecified Severity unspecified (vote)
: Unspecified
: --
Assigned To: Stephen Wadeley
Russell Dickenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-09 12:45 EDT by Shadd
Modified: 2017-07-10 08:25 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-07-10 08:25:17 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Shadd 2017-07-09 12:45:50 EDT
Document URL: 
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/installation_guide/preparing_your_environment_for_installation#ports_prerequisites

Section Number and Name: 
2.5. Ports and Firewalls Requirements

Describe the issue: 
Satellite set up as tftp server 
FIREWALL SETUP
TFTP fails 

Suggestions for improvement: 
firewall-cmd --zone=public --add-port=69/udp
firewall-cmd --zone=public --add-port=69/tcp

Additional information: 

After running:
firewall-cmd --permanent --add-service=tftp
firewall-cmd --permanent --add-service=RH-Satellite-6

rebooted satellite, rebooted node  failure persists
Stop firewalld and system works

Look up ports that should be open for TFTP to verify
https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=tftp
tftp     69     tcp     Trivial File Transfer     [David_Clark]     [David_Clark]                        
tftp     69     udp     Trivial File Transfer     [David_Clark]     [David_Clark]

Try to open:
firewall-cmd --permanent --add-port=UDP/69
Error: INVALID_PORT: UDP
firewall-cmd --permanent --add-port=TCP/69
Error: INVALID_PORT: TCP

Fix:
firewall-cmd --zone=public --add-port=69/udp
firewall-cmd --zone=public --add-port=69/tcp
Comment 1 Stephen Wadeley 2017-07-10 02:42:55 EDT
Hello Shadd

In the section "Ports and Firewalls Requirements" you mention in comment 0, there is a table  "Optional Network Ports" which lists the port for TFTP:

 69 UDP TFTP
Clients downloading PXE boot image files from a Capsule for provisioning

In the section "Enabling Connections from a Client to Satellite Server" there are commands to open port 69 for UDP traffic.


In the section "Enabling Connections from Satellite Server and Clients to a Capsule Server" there are commands to open port 69 for UDP traffic.

Note that TCP is not required. The public zone is the default zone so the commands do not need to include that.


Please confirm if you followed the procedures in the guide.


Thank you
Comment 2 Shadd 2017-07-10 08:25:17 EDT
found and fixed thanks!

Note You need to log in before you can comment on or make changes to this bug.