Filename not properly interpreted by TFTP

[BloodBlight]

Describe the bug This is related to this discussion from a while back: https://github.com/netbootxyz/netboot.xyz/discussions/1133

I have an older client is sending a file name to the TFTP server, but is not being properly decoded into Unicode. I am not sure if the TFTP server is from another project (and this should be posted there), so please feel free to re-direct me and I will post it there.

What I see in the logs: 2022-07-08 15:28:56 notice in.tftpd[88]: RRQ from 192.168.10.206 filename netboot.xyz.kpxe�����

The last characters (�) is (U+FFFD), a Unicode character for "Replacement Character". As it is at the end of the string, there could be a few causes, but without knowing the code...

To Reproduce Attempt to boot from PXE.

Expected behavior Should download the file and start booting.

Additional context This is an old board, but a good one (kinda like a raspberry Pi, years before they were a thing. I can't find the exact model, but it is basically a Jetway J7F4K1G5DS-LF, just a bit slower (1.2GHz).

[MartinLoeper]

I am noticing the same for a Lenovo T460 laptop. I am getting the following hex dump on the wire: 6e 65 74 62 6f 6f 74 2e 78 79 7a 2e 65 66 69 ff 00. The ff byte before the nullbyte should not be there. Is this a bug in the uefi firmware or am I missing something?

[antonym]

Not really sure if there's anything on my side I can do about it, using Proxmox VMs to my docker container running tftp it seems to pull up without issues:

2023-10-18 03:54:57 notice in.tftpd[85]: RRQ from 10.0.100.155 filename netboot.xyz.efi

Wonder if whatever is serving up the filename for DHCP is putting some characters on the file name? Where are you setting next-server and setting the filename from? Is there a common router that may be appending some characters to the filename?

I think I've seen some other scenarios where people have had extra characters added to their filename, it could be a bug in a common router you might be using as well:

https://www.reddit.com/r/linuxquestions/comments/4rwesw/tftpboot_invalid_character_in_requested_filename/

[BloodBlight]

I can have two computers sitting next to each other, one works, the other doesn't. Same target. I will verify that though (might not be today) to make sure I am not full of it. So I am fairly sure it is something about the way the client is making the request.

DHCP Is being handled by a UniFi USG 3. Fairly basic config: https://imgur.com/a/ZnOfpZw

No idea why Imgur is tagging it as mature... Ignore.

[megapearl]

Having the same problem here.

Client:

Intel UNDI, PXE-2.1 (build 082) Copyright (C) 1997-2000 Intel Corporation

This Product is covered by one or more of the following patents: US5,307,459, US5,434,872, US5,732,094, US6,570,884, US6,115,776 and US6,327,625

Realtek PCI Express Gigabit Ethernet Controller Series v2.26 (090219)

CLIENT MAC ADDR: 90 FB A6 41 09 ED CUID: C996DEBD-1DF6-1E31-E57C-90FBA64109ED CLIENT IP: 10.0.0.100 MASK: 255.255.255.0 DHCP IP: 10.0.0.1 CATEWAY IP: 10.0.0.1

TFTP . PXE-T01: File not found PXE-E3B: TFTP Error - File Not found PSE-MOF: Exiting PXE ROM. Reboot and Select proper Boot device or Insert Boot Media in selected Boot device and press a key

Server:

[BloodBlight]

I am tempted to do a packet capture...

I have had multiple older systems have this issue now...

[rudiservo]

The issue is in the DHCP server passing the information to old nics In my case if you have this option

option bootfile-name "netboot.xyz.kpxe";

the old nic will put some special chars on the end of it.

if you have the config has specified in the docs

you have something like this in the dhcp server

 if exists user-class and ( option user-class = "iPXE" ) {
    filename "http://boot.netboot.xyz/menu.ipxe";
  } elsif option arch = encode-int ( 16, 16 ) {
    filename "http://boot.netboot.xyz/ipxe/netboot.xyz.efi";
    option vendor-class-identifier "HTTPClient";
  } elsif option arch = 00:07 {
    filename "netboot.xyz.efi";
  } else {
    filename "netboot.xyz.kpxe";
  }

so try to remove option boot-filename if you NIC is to old.

[antonym]

Let me know if dropping the option helps and we can get the knowledge base updated.

[BloodBlight]

I will test later tonight and let you know.

On Wed, Feb 28, 2024, 10:17 AM Antony Messerli @.***> wrote:

Let me know if dropping the option helps and we can get the knowledge base updated.

— Reply to this email directly, view it on GitHub https://github.com/netbootxyz/netboot.xyz/issues/1198#issuecomment-1969572381, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA6FDTXBM3L4Y22R3G2NCG3YV5YEXAVCNFSM6AAAAAAUR5ZCFSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNRZGU3TEMZYGE . You are receiving this because you authored the thread.Message ID: @.***>

[BloodBlight]

So, I didn't fully read through the instructions at work the other day... I am using a UniFi device for my DHCP and can't deploy a config like that. I only get the option to include a host and a file name: https://imgur.com/a/aYicWfO

Suggestions other than a rip and replace?

[rudiservo]

@BloodBlight does it work without TFTP server? Unifi are great, except when you need to dig deep. Can you ssh into the router?

[BloodBlight]

Yeeeeesss... :) But I am not really comfortable editing their their config without the GUI's consent. That has a bad tendency to break things.

If they don't have the options, then they don't and I can work around that. Maybe have a "deployment" network that has it's own server.

I can test that with these boxes, but it will take a bit more time. Too many plates and not enough spoons to handle that one right away.

[rudiservo]

I feel your pain. Yes test it with the boxes because if it does you can put a support request for unifi and hopefully they will add more options to fix it in the router GUI.

[megapearl]

The issue is in the DHCP server passing the information to old nics In my case if you have this option

option bootfile-name "netboot.xyz.kpxe";

the old nic will put some special chars on the end of it.

if you have the config has specified in the docs

you have something like this in the dhcp server

if exists user-class and ( option user-class = "iPXE" ) {
   filename "http://boot.netboot.xyz/menu.ipxe";
 } elsif option arch = encode-int ( 16, 16 ) {
   filename "http://boot.netboot.xyz/ipxe/netboot.xyz.efi";
   option vendor-class-identifier "HTTPClient";
 } elsif option arch = 00:07 {
   filename "netboot.xyz.efi";
 } else {
   filename "netboot.xyz.kpxe";
 }

so try to remove option boot-filename if you NIC is to old.

Tried to remove the boot-filename parameter, but then the iPXE client cannot find a bootfile and is not booting at all. I got it working by replacing the DHCP server in pfSense 2.7.2-RELEASE from the new Kea one to the old isc-dhcp deprecated one.

Now booting old bios clients and new uefi clients.

[rudiservo]

@megapearl I have OpnSense so the way PfSense and OpnSense generate the config file may be different, best way to check this is by going strait into ssh and cat the config file to check if the option is there.

Anyway it's good to know that at least in Kea generated file that issue is sort of mitigated.

IMO advisory should be added to docs about this issue and that it may differ from router firmware or software.

[eladiogalvez]

Same issue with pfsense and old nic. Fixed using deprecated dhcp server as @megapearl commented.