Trivial File Transfer Protocol
Last updated
Last updated
TFTP was first standardized in 1981.
Named 'Trivial' because it is simple and has only basic features compared to FTP.
Only allows a client to copy a file to or from a server.
Was released after FTP, but is not a replacement for FTP. It is another tool to use when lightweight simplicity is more important that functionality.
No authentication (username/password), so servers will respond to all TFTP requests.
No encryption, so all data is sent in plain text.
Best used in a controlled environment to transfer small files quickly.
TFTP servers list on UDP port 69.
UDP is connectionless and doesn't provide reliability with retransmissions.
However, TFTP has smilar features within the protocol itself.
Every TFTP data message is acknowledged.
If the client is transferring a file to the server, the server will send ACK messages.
If the server is transferring a file to the client, the client will send Ack messages.
Timers are used, and if an expected message isn't received in time, the waiting device will resend its previous message.
TFTP uses 'lock-step' communication. The client and server alternately send a message and then wait for a reply. (+retransmissions are sent as needed)
TFTP file transfer have three phases:
Connection: TFTP client sends a request to the server, and the server responds back, initializing the connection.
Data Transfer: The client and server exchange TFTP messages. One sends data and the other sends acknowledgements.
Connection Termination: After the last data message has been sent, a final acknowledgment is sent to terminate the connections.
When the client sends the first message to the server, the destination port is UDP 69 and the source is a random ephemeral port.
This random port is called a 'Transfer Identifier' (TID) and identifies the data transfer.
The server then also selects a random TID to use as the source port when it replies, not 69.
When the client sends the next message, the destination port will be the server's TID, not 69
