Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


r-tftpd is a tftp server with RFC 7440 "windowsize" support and it can relay tftp requests to http servers.

It allows RRQ (read) requests; WRQ support is incomplete and exists only for testing purposes.

Implemented standards


Usage: r-tftpd [OPTIONS]

  -s, --systemd                use systemd fd propagation
  -p, --port <PORT>            port to listen on [default: 69]
  -l, --listen <IP>            ip address to listen on [default: ::]
  -m, --max-connections <NUM>  maximum number of connections [default: 64]
  -t, --timeout <TIMEOUT>      timeout in seconds during tftp transfers [default: 3]
  -f, --fallback <URI>         fallback uri
  -L, --log-format <FMT>       log format [default: default] [possible values: default, compact, full, json]
  -C, --cache-dir <DIR>        directory used for cache files
      --no-rfc2347             disable RFC 2347 (OACK) support; only useful for testing some clients
      --wrq-devnull            accept WRQ but throw it away; only useful for testing some clients
      --disable-proxy          disable proxy support
  -h, --help                   Print help information
  -V, --version                Print version information


cargo build

see r-tftp.spec for ways how to customize it by using makefile variables.


cd /var/lib/tftpboot && r-tftpd --port 1234

Listening on privileged ports (e.g. the standard 69 one) requires the CAP_NET_BIND_SERVICE capability (see man 7 capabilities).

systemd socket activation

see contrib/

Proxy mode

"r-tftpd" supports relaying of tftp requests to other servers. It allows pseudo virtual hosting by creating (dead) symlinks pointing to an url.

supported uris

  • http:// + https://

Schemes accept the following, "plus" sign separated modifiers:

  • nocache: downloaded resources will not be cached; by default usual http caching mechanisms (Cache-Control, Etag, ...) are applied and resources are kept locally. They are not accessible on disk but created by O_TMPFILE.

    The cache is cleared periodically

  • nocompress: resources are requested with identity encoding; by default, compression is enabled. When compression is enabled, the whole file must be downloaded when starting the transaction because its size can not be determined else.

Without compression, Content-Length information are used and tftp upload and http download happen in parallel, This helps to avoid tftp timeouts


$ tree
├── domain1 -> http+nocache://
├── domain2 -> http+nocompress://
├── existing
├── remote-file -> http+nocompress+nocache://
└── subdir
    └── file

$ r-tftp --fallback
requested path returned resource flags
existing local existing file
subdir/file local subdir/file
domain1/foo remote without caching
domain2/bar remote without http compression
remote-file remote without http compression nor caching
not-here remote


GPL-3.0 or later