Intermittent TFTP Failure

  • Hi All,
    I am currently struggling with my FOG server.
    Last week up updated from .32 to 1.1.2. I am running my FOG server on Ubuntu 11.10.
    Prior to the upgrade FOG had been working flawlessly for almost 2 years.
    Now I am having intermittent issues with TFTP. It goes like this:
    Upload an image, deploy an image. All works as it should. Then, randomly, I start getting TFTP open timeout errors on clients that are trying to boot to the network.
    I follow the instructions here… to check tftp from both windows and the fog server. Pre-TFTP open timeout error, I get the responses, just like I should. Post I get no response from either.
    I restart the tftp service, and everything starts working again.
    It typically keeps working for the rest of the day, and then fails sometime after I leave for work.
    I checked the system logs and I found what I suspect is the issue.
    I see:

    Jul 14 09:47:58 CLS-FOG kernel: : (CRON) error (grandchild #7213 failed with exit status 1)

    along with a bunch of
    Jul 14 15:08:39 CLS-FOG in.tftpd[7749]: tftp: client does not accept options, but this, I gather, is normal.

    I am not particularly familiar with ubuntu beyond the basic stuff, and am not sure where to look from here. Can anyone point me in the right direction?


  • Testers

    One thing I just noticed, the timestamp on your tftpd entries in syslog are all really weird, I’m not sure why, and I don’t see how it could cause a problem, but it is odd.

  • Testers

    I’m not sure at the moment. I’ll take a look at your syslog later, it certainly still looks like a memory leak in some process to me (my guess would be gnome somewhere - if you don’t need a desktop on your fog server just uninstall it).

    If you don’t want to uninstall gnome just yet make sure you apt-get update && apt-get upgrade the system. It’s possible whatever program is leaking has been fixed already.

    If you want to try the system without a desktop for a while you could try

      $ sudo service lightdm stop

    You should end up at a black console with white text. Run your upload/download tests and see if the problem is fixed.

  • Alright, here is the latest:
    It appears that the failures are somehow related to Image uploads to Fog. After 2 days without failure, I started an image upload, went to a meeting, and two hours later, when I got back, tftp was broken. The failure doesn’t seem to happen immediately, since I’ve seen clients continue to connect to Fog immediately after an image upload.

    The info you requested is here:


  • Testers

    No problem. I hope it works for you :-)

  • Good morning,
    I haven’t forgotten about your reply. I was just waiting for tftp to fail so that the logs and responses I give you are actually useful. Its been two days, and I haven’t had to restart once.
    The only thing I’ve done differently is not uploaded a new image. I have one that is almost ready for upload, so I’ll do that and see if I can get it to fail again. If that works, I should have the requested info soon.
    Thanks again for your help.

  • Testers

    OK, the network sounds clear and those error messages you were getting from tftp.hpa are very suspicious.

    I don’t have an ubuntu system to test with, but on CentOS systems tftpd is started by inetd, if ubuntu is the same then when a client makes an incoming connection to the fog server for tftp, inetd spawns an instance of in.tftpd to handle the connection. It looks like, in your case, when that happens your system can’t allocate memory for tftpd so it never gets spawned, that is why your tftp sessions fail. The difficult part is figuring out why there is no memory for tftpd.

    As I mentioned above, I don’t think it is a physical problem, 4GB seems like plenty of RAM - I get by with much less. It is possible that some runnaway process is eating up all of your ram, but if your system was genuinely memory starved I would expect more problems than just a failing tftpd server.

    Could you attach a copy of your /var/log/messages or /var/log/syslog file? We might be able to spot the root cause in there.

    Also could you periodically have a look for any tftp processes

      $ ps -ef | grep tftp
        root      5007  1138  0 12:38 ?        00:00:00 in.tftpd -s /tftpboot
        root      5010  4980  0 12:38 pts/0    00:00:00 grep tftp

    It would be interesting to see if it is running and if more than one process is spawned.

    Finally after your machine has been running for a while you can get a list of the most memory hungry processes by running ps, e.g.

      $ ps -eo pid,rss,vsz,comm= | sort -n -k 3 | tail -n 20
    5461  688 100944 tail
    5459  996 108124 ps
    1192  1540 108168 mysqld_safe
    4980  1924 108308 bash
    1406  1360 117300 crond
    5460  868  155432 sort
     955  1560 249084 rsyslogd
    1413 11140 250640 FOGTaskSchedule
    1427 10944 250640 FOGImageReplica
    1420 11212 250896 FOGMulticastMan
    1398  9544 271660 httpd
    1462 10548 370800 httpd
    1460 10576 370808 httpd
    1458 10480 371024 httpd
    1461 10764 371024 httpd
    1457 10724 371040 httpd
    1463 18528 378748 httpd
    1459 18280 378752 httpd
    1456 19196 379668 httpd
    1294 27708 640800 mysqld

    If you could do this around the time that tftp dies we might have a chance of catching the reason why.

  • Results of iptables -nL looked exactly like yours.
    Running sestatus gives me "The program ‘sestatus’ is currently not installed’. I assume that this means SELinux is not installed also?
    hosts.allow and hosts.deny both had only comments in them.

    Thanks for your help. I appreciate the inclusion of the commands I need to find the info out. Saves me a lot of digging.:)

  • Testers

    I think you should be OK for memory, 4GB seems like plenty. As I said, my setup is only using 1GB and I’m not seeing the problems, before you dig too deep looking for answers, you should check that the problem isn’t firewalling.

    If 0.32 was working and there have been no network changes since then there probably isn’t a network firewall, but you should double/triple check that the fog server doesn’t have one. On Ubuntu 11.10 you should check

      $ sudo iptables -nL
        Chain INPUT (policy ACCEPT)
        target    prot opt source              destination       
        Chain FORWARD (policy ACCEPT)
        target    prot opt source              destination       
        Chain OUTPUT (policy ACCEPT)
        target    prot opt source              destination   
      $ sestatus

    You should also check SELINUX, make sure it is either disabled or in permissive mode

      $ sestatus
        SELinux status:                enabled
        SELinuxfs mount:                /selinux
        Current mode:                  permissive
        Mode from config file:          permissive
        Policy version:                24
        Policy from config file:        targeted

    And you might want to just double check that you are NOT using tcp_wrappers: just check that /etc/hosts.allow and /etc/hosts.deny are empty or only have comments in them. Once you have confirmed those things we can start tracking down the problem without going in circles :)

  • FOGMemory.jpg

  • Testers

    Hi Lindsay,

    The “Cannot allocate memory” messages look a bit worrying to me. Does the machine have enough RAM? Could you try running “free -m” in a command window? e.g. here is my fog server

                 total       used       free     shared    buffers     cached
    Mem:           996        565        431          0         11        382
    -/+ buffers/cache:        172        824
    Swap:         2043          0       2043

    My fog server is a virtual machine with 1GB of ram, from the numbers above I have 431Mb free and around 400Mb in cache.

Log in to reply





Looks like your connection to FOG Project was lost, please wait while we try to reconnect.