7-103
Before using TFTP, the administrator needs to configure IP addresses for the TFTP client and server,
and make sure that there is a reachable route between the TFTP client and server.
When the device serves as the TFTP client, you need to perform the following configuration:
Table 7-1
Configuration when the device serves as the TFTP client
Device
Configuration
Remarks
Device (TFTP client)
z
Configure the IP address and routing function, and
ensure that the route between the device and the
TFTP server is available.
z
Use the
tftp
command to establish a connection to
the remote TFTP server to upload/download files
to/from the TFTP server
—
PC (TFTP server)
Enable TFTP server on the PC, and configure the TFTP
working directory.
—
Configuring the TFTP Client
When a device acts as a TFTP client, you can upload a file on the device to a TFTP server and
download a file from the TFTP server to the local device. You can use either of the following ways to
download a file:
z
Normal download: The device writes the obtained file to the storage medium directly. In this way, if
you download a remote file using a filename
destination-filename
that exists in the directory, the
device deletes the original file and then saves the new one. If file download fails due to network
disconnection or other reasons, the original system file will never recover because it has been
deleted.
z
Secure download: The device saves the obtained file to its memory and does not write it to the
storage medium until the whole file is obtained. In this way, if you download a remote file using a
filename
destination-filename
that exists in the directory, the original file is not overwritten. If file
download fails due to network disconnection or other reasons, the original file still exists. This mode
is more secure but consumes more memory.
You are recommended to use the secure mode or, if you use the normal mode, specify a filename not
existing in the current directory as the target filename when downloading the boot file or the startup
configuration file.
Source address binding means to configure an IP address on a stable interface such as a loopback
interface or Dialer interface, and then use this IP address as the source IP address of a TFTP
connection. The source address binding function simplifies the configuration of ACL rules and security
policies. You just need to specify the source or destination address argument in an ACL rule as this
address to filter inbound and outbound packets on the device, ignoring the difference between interface
IP addresses as well as the affect of interface statuses. You can configure the source address by
configuring the source interface or source IP address. The primary IP address configured on the source
interface is the source address of the transmitted packets. The source address of the transmitted
packets is selected following these rules:
z
If no source address of the TFTP client is specified, a device uses the IP address of the interface
determined by the matched route as the source IP address to communicate with a TFTP server.
Summary of Contents for SR6600 SPE-FWM
Page 112: ...6 101...