TFTP via VRF

As you can see from my article list, I’m going through some VRF configuration in the last few weeks 🙂

I ran into this today and it sounded interesting enough to share it with you. The issue with TFTP IOS image copy to flash when having all interfaces in specific VRF and no interface in Global Routing Table.

Long story short, you kick in this command for normal IOS download to the router:

R1#copy tftp://10.10.10.11/c890-universalk9-mz.154-3.M5.bin flash:
Destination filename [c890-universalk9-mz.154-3.M5.bin]? 
Accessing tftp://10.10.10.11/c890-universalk9-mz.154-3.M5.bin...
%Error opening tftp://10.10.10.11/c890-universalk9-mz.154-3.M5.bin (Timed out)

…and it isn’t working of course.

The issue is in having all interfaces member of some VRF, and no interface in Global Routing Table. In my example, TFTP server was connected to the router FastEthernet 0/0. You can see that this interface is part of VRF1.

R1#sh runn int fastEthernet 0/0

interface FastEthernet0/0
ip vrf forwarding VRF1
ip address 10.10.10.10 255.255.255.0
speed auto
duplex auto
end

With that kind of configuration, TFTP copy with the command above will start from global routing table and packets will never get to TFTP server. Sure, because there are no interfaces out which the router could send the request. Furthermore, there is no command switch for source interface when typing copy tftp. 

Using the following command, router will force TFTP communication to start from specific VRF interface and it will enable it to get to TFTP server and download the IOS image.

ip tftp source-interface FastEthernet 0/0

 

Leave a Reply

%d bloggers like this: