Categories

  • Get help with your FOG system.
    FOG Problems Hardware Compatibility Windows Problems Linux Problems Mac Problems General Problems
    12k Topics
    114k Posts
    T

    Greetings and thanks for the help.

    My current setup seems to allow our PXE boot to partially work, but ultimately fails. It appears that our proxyDHCP via dnsmasq is working and our main DHCP server is handing out IPs while our fog server is directing devices to itself for PXE services, but the overall process fails once tftp should be serving the .efi file. We’ve tried using a different computer when attempting to PXE to try and eliminate model specific quirks. I’ve also tried changing the file dnsmasq should serve (snponly.efi or ipxe.efi) with no change. tftp via locahost works as expected, tftp over LAN fails. There are NO tftp requests seen from tcpdump during PXE boot, but I can’t provide that data until my tech returns on-site next week.

    I have setup our fog server by installing a fresh version of Ubuntu and pulling the latest stable version from github then running the install.sh. This is in a small office with Ubiquiti switching. DHCP snooping is off, VLANs are not in use. BIOS settings include: Secure boot is off, UEFI network stack is enabled using ipv4. I can provide more details but didn’t want to overload the first posting.

    Details OS and kernel

    Linux STL-FOGBUNTU 6.14.0-37-generic #37~24.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Nov 20 10:25:38 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
    Distributor ID: Ubuntu
    Description: Ubuntu 24.04.3 LTS
    Release: 24.04
    Codename: noble

    Fog version

    1.5.10.1734

    Services

    systemctl status dnsmasq --no-pager -l
    ● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
    Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; preset: enabled)
    Active: active (running) since Fri 2026-01-23 15:58:19 CST; 1min 11s ago
    Process: 3886 ExecStartPre=/usr/share/dnsmasq/systemd-helper checkconfig (code=exited, status=0/SUCCESS)
    Process: 3891 ExecStart=/usr/share/dnsmasq/systemd-helper exec (code=exited, status=0/SUCCESS)
    Process: 3898 ExecStartPost=/usr/share/dnsmasq/systemd-helper start-resolvconf (code=exited, status=0/SUCCESS)
    Main PID: 3897 (dnsmasq)
    Tasks: 1 (limit: 18571)
    Memory: 904.0K (peak: 3.9M)
    CPU: 72ms
    CGroup: /system.slice/dnsmasq.service
    └─3897 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D --trust-anchor=.,38696,8,2,683D2D0ACB8C9B712A1948B27F741219298D0A450D612C483AF444A4C0FB2B16

    Jan 23 15:58:19 STL-FOGBUNTU dnsmasq[3897]: started, version 2.90 DNS disabled
    Jan 23 15:58:19 STL-FOGBUNTU dnsmasq[3897]: compile time options: IPv6 GNU-getopt DBus no-UBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset nftset auth cryptohash DNSSEC loop-detect inotify dumpfile
    Jan 23 15:58:19 STL-FOGBUNTU dnsmasq-dhcp[3897]: DHCP, proxy on subnet 192.168.2.0
    Jan 23 15:58:19 STL-FOGBUNTU dnsmasq-dhcp[3897]: DHCP, proxy on subnet 192.168.2.0
    Jan 23 15:58:19 STL-FOGBUNTU dnsmasq-dhcp[3897]: DHCP, sockets bound exclusively to interface enp0s31f6
    Jan 23 15:58:19 STL-FOGBUNTU resolvconf[3908]: Dropped protocol specifier ‘.dnsmasq’ from ‘lo.dnsmasq’. Using ‘lo’ (ifindex=1).
    Jan 23 15:58:19 STL-FOGBUNTU resolvconf[3908]: Failed to set DNS configuration: Unit dbus-org.freedesktop.network1.service not found.
    Jan 23 15:58:19 STL-FOGBUNTU systemd[1]: Started dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server.
    Jan 23 15:59:22 STL-FOGBUNTU dnsmasq-dhcp[3897]: 4276486162 available DHCP subnet: 192.168.2.0/255.255.255.0
    Jan 23 15:59:22 STL-FOGBUNTU dnsmasq-dhcp[3897]: 4276486162 available DHCP subnet: 192.168.2.0/255.255.255.0

    systemctl status tftpd-hpa -l --no-pager
    ● tftpd-hpa.service - LSB: HPA’s tftp server
    Loaded: loaded (/etc/init.d/tftpd-hpa; generated)
    Active: active (running) since Fri 2026-01-23 15:51:28 CST; 10min ago
    Docs: man:systemd-sysv-generator(8)
    Process: 2669 ExecStart=/etc/init.d/tftpd-hpa start (code=exited, status=0/SUCCESS)
    Tasks: 1 (limit: 18571)
    Memory: 724.0K (peak: 1.9M)
    CPU: 19ms
    CGroup: /system.slice/tftpd-hpa.service
    └─2698 /usr/sbin/in.tftpd --listen --user tftp --address 0.0.0.0:69 --secure --ipv4 --create --permissive -vv --umask 027 /var/lib/tftpboot

    Jan 23 15:51:28 STL-FOGBUNTU systemd[1]: Starting tftpd-hpa.service - LSB: HPA’s tftp server…
    Jan 23 15:51:28 STL-FOGBUNTU tftpd-hpa[2669]: * Starting HPA’s tftpd in.tftpd
    Jan 23 15:51:28 STL-FOGBUNTU tftpd-hpa[2669]: …done.
    Jan 23 15:51:28 STL-FOGBUNTU systemd[1]: Started tftpd-hpa.service - LSB: HPA’s tftp server.

    Listening ports

    ss -lunp | egrep ‘:(67|69|4011)\b’
    UNCONN 0 0 0.0.0.0%enp0s31f6:67 0.0.0.0:* users:((“dnsmasq”,pid=3897,fd=4))
    UNCONN 0 0 0.0.0.0:69 0.0.0.0:* users:((“in.tftpd”,pid=2698,fd=4))
    UNCONN 0 0 0.0.0.0%enp0s31f6:4011 0.0.0.0:* users:((“dnsmasq”,pid=3897,fd=5))

    tftp config

    tftp daemon config
    cat /etc/default/tftpd-hpa
    # /etc/default/tftpd-hpa
    # FOG Modified version
    TFTP_USERNAME=“tftp”
    TFTP_DIRECTORY=“/var/lib/tftpboot”
    TFTP_ADDRESS=“0.0.0.0:69”
    TFTP_OPTIONS=“–secure --ipv4 --create --permissive -vv --umask 027”

    Permissions

    ls -ld /tftpboot
    drwxrwxr-x 5 tftp tftp 4096 Jan 14 11:44 /tftpboot

    tftp testing

    tftp test via localhost - SUCCESS
    root@STL-FOGBUNTU:/test# ls
    root@STL-FOGBUNTU:/test# tftp localhost
    tftp> get snponly.efi
    tftp> quit
    root@STL-FOGBUNTU:/test# ls
    snponly.efi

    No traffic is seen via tcpdump

    tftp test via Windows host over LAN - FAIL
    PS C:\temp> tftp 192.168.2.231 get snponly.efi
    Connect request failed

    tcpdump during failed test
    tcpdump -ni enp0s31f6 udp port 69
    tcpdump: verbose output suppressed, use -v[v]… for full protocol decode
    listening on enp0s31f6, link-type EN10MB (Ethernet), snapshot length 262144 bytes
    16:10:23.293038 IP 192.168.2.226.49370 > 192.168.2.231.69: TFTP, length 23, RRQ “snponly.efi” netascii
    16:10:24.298517 IP 192.168.2.226.49370 > 192.168.2.231.69: TFTP, length 23, RRQ “snponly.efi” netascii
    16:10:26.311059 IP 192.168.2.226.49370 > 192.168.2.231.69: TFTP, length 23, RRQ “snponly.efi” netascii
    16:10:30.320719 IP 192.168.2.226.49370 > 192.168.2.231.69: TFTP, length 23, RRQ “snponly.efi” netascii
    16:10:38.333886 IP 192.168.2.226.49370 > 192.168.2.231.69: TFTP, length 23, RRQ “snponly.efi” netascii
    16:10:46.343141 IP 192.168.2.226.49370 > 192.168.2.231.69: TFTP, length 23, RRQ “snponly.efi” netascii
    16:10:54.346973 IP 192.168.2.226.49370 > 192.168.2.231.69: TFTP, length 23, RRQ “snponly.efi” netascii
    16:11:02.355580 IP 192.168.2.226.49370 > 192.168.2.231.69: TFTP, length 23, RRQ “snponly.efi” netascii
    16:11:10.374724 IP 192.168.2.226.49370 > 192.168.2.231.69: TFTP, length 23, ERROR EUNDEF “timeout on receive”

  • Get the latest news on what's happening.
    Security Advisories
    184 Topics
    825 Posts
    A

    @Tom-Elliott I really appreciate that you are putting effort into providing more frequent releases, which makes it easier for everyone to deploy new security fixes in time. Keep up the good work!

  • View tutorials or talk about FOG in general.
    General Tutorials
    2k Topics
    19k Posts
    J

    I am very interested in doing this. I have a working FOG server which is working in my home network with no mods to my router which is a Firewalla gold if it matters. I have several FOG menu items that work but I am finding it increasingly harder to keep them up to date, for example parted image, which I can’t get to work with the latest versions despite reading alot of stuff in the forums. I also created a ventoy USB which also seems to work with what I have added to it so far with a few exceptions but having it all be in PXE would be even better since it is centrally located. The problem I have run into with FOG booting ISOs almost always comes down to the size of ISO though. Does iventoy via PXE solve that by any chance? I can also pull apart the ISOs but then I am micromanaging and spending hours getting it all to work which I am trying to minimize. I like the nerdyness of it all but I have enough other nerdy projects for now. lol. Dropping ISOs into iVentoy PXE would be super simple. If anyone else has done this, could you post your configs for FOG please? I really prefer to not make changes to my Firewalla if possible. FWIW, I have wired ethernet throughout the entire house which made PXE booting pretty easy.

  • Report bugs, request features, or get the latest progress.
    General Feature Request Bug Reports
    2k Topics
    21k Posts
    Tom ElliottT

    @Clebboii Following up if you’d be willing to let us know?

    Thank you!

84

Online

12.5k

Users

17.5k

Topics

156.2k

Posts