RE: LENOVO L13 : IPXE initialising Devices

@Ced58 I use this model. It’s best to get either the official Lenovo usb c ethernet adapter or the proprietary Lenovo adapter for the special ethernet port on these. Also in the bios there’s a Mac pass through option that you want to set to internal or second Mac address. With the latest version of fog and kernel it should see that internal mac even if you share an adapter for imaging multiple of that device.

@alterak If you know how to program linux bash scripts this is possible. You will need to edit a script called fog.man.reg that is in FOS Linux (the OS that runs on the target computer to capture/deploy images). I have a tutorial on modifying that program to set a default hostname. But the concepts you need to do what you ware are listed here: https://forums.fogproject.org/topic/14278/creating-custom-hostname-default-for-fog-man-reg

@Faurel ok good that looks like a clean dhcp process. It would be helpful to have the pcap file in my hand, but you want to expand the OFFER packet. The OFFER packet you can tell from the Info column.

In the packet you may need to expand the dhcp section. You should see the image similar to below. What is important is the next server IP address should point to IP address of your fog server. and boot file name should be ipxe.efi. You see in this example that the boot file name was not given, this is the error with this packet. The next server and boot file are in the ethernet header. This is the legacy bootp pxe section.

The next place you need to check is the dhcp options below. You should see dhcp options 66 which should be the IP address of the fog server and dhcp 67 should be the boot file name of ipxe.efi. In this picture this packet is also in error since the dhcp server is not sending out all of the pxe booting info. So if your offer packet looks like this you have a problem.

@alterak said in FOG operation in different network segments:

is there a possibility of automatic separation of locations,

I’m not sure I fully understand the question, but if you are asking can it automatically pick which location to select based on the IP address of the computer being registered. The quick answer is no, FOG doesn’t currently have that capabilities.

The bit longer answer is it could if you can be a little creative and can do a little linux bash script programming. In a nutshell, you can customize the bash script that is setup for full registration of computers. The basics of what needs to be done is covered in this tutorial: https://forums.fogproject.org/topic/14278/creating-custom-hostname-default-for-fog-man-reg

The IP address bit can come from this script: https://forums.fogproject.org/post/69725 This post is for getting the IP address to be used in a FOG postdownload script. But the concept will be the same for the fog.man.reg script.

@Faurel said in PXE over IPv4:

My DHCP server is a VM running Nutanix.

What is your dhcp server? Is it MS Windows based or something else.

Do you know how to run wireshark? I think we need to get a witness computer (a third computer not part of pxe booting). Place the wireshark computer on the same subnet as the pxe booting computer. Use the capture filter of port 67 or port 68 This capture filter will only collect pxe booting information.

What I want to focus on is the one or more DHCP OFFER packets.

1. Is there more than 1 OFFER packet?
2. Is the OFFER packet from the correct DHCP server?
3. Looking into the OFFER packet, in the packet header there are two fields one called {next-server} and {boot-file} are these fields populated?
4. Look at the dhcp options do you see options 66 and 67? Do they point to the correct values?

If you are unsure of what you are looking at, upload the file to a file share site and post the link here and I will take a look for the common issues.

@alterak Typically in your situation you would install a full fog server at the main site. Then install a FOG Storage node at the second site. Technically they perform the same roles except the full fog server has the database and the web interface. One additional caveat is that the Full fog server (or called master node) is the only FOG server that can capture images. The images created at the master node will replicate to the storage node. This is how it works by design.

One other thing that will help you is to install a FOG “Location” plugin. This way you assign fog servers and target computers to locations so the target computers will know what FOG server to get the images from.

@Faurel There are several things here.

The no valid offer received, indicates it either did not receive a dhcp packet without the next server and boot file listed or what it was given didn’t satisfy the request.

Let start with something that jumped out at me first. The pxe booting computer is being issued an 192.168.10.72 IP address (this is good so we know its receiving a reply). And your FOG server is on 192.168.3.93. That tells me they are on different subnets or you have a pretty wide network mask. Are these two devices on the same subnet?

If they are on different subnets, what is the dhcp server the workstation subnet? Is it possible you don’t have the pxe booting values set in the scope for the workstations? Or there is another dhcp server in play here?

Also make sure you don’t have white spaces around your dhcp option values I’ve seen a trailing white space on a parameter mess up dhcp too.

Lastly what device manufacturer and model is your dhcp server? Some SoHo routers will point dhcp option 66 to them even if there is a valid dhcp option 66 activated, but I don’t think that is the case here because the client is complaining about not getting any valid offers. Also on your dhcp sever make sure it issues both bootp (older) and dhcp (current) pxe booting values. These are kept in two different places in the dhcp server’s response packet.

@AxeMeAQuestion22 I see a slight contradiction, maybe in the way I read it. You have some lenovos that work and some that don’t.

It almost sounds like a usb controller issue (just a wild guess at the moment).

I just want to say this is an issue with the ipxe binaries since ipxe manages the FOG iPXE menu. This has nothing to do with FOS (yet) that would be bzImage and init.xz which haven’t been sent to the target computer at this point.

When on the ipxe menu does it accept the enter key where the arrow keys are not working?

Is this a US english keyboard? If no what language.

Just to confirm that you recompiled iPXE using the instructions you pointed to? Verify the files in tftp directory have the current date that you recompiled them.

What model/make does not work vs what make/model does work?

@Datsys On the technical side, I would install the largest ssd or nvme drive you can afford and keep everything internal. As I mentioned with the OEM image capture this is only one image and will deploy to any computer and should activate properly using the method I described. So once the image has been deployed most applications can be installed in the unattended mode, typically with command line switches. You can deploy these applications post image deployment with FOG’s snap-in system. This would still be in compliance with M$'s EULA. Basically you would adjust the computer after deployment You could even create a batch/ps file deployed by a snap-in to connect the target system to AD or make other alterations to the system, just as you might do by hand post image deployment. The extend of these post deployment activities are up to you.

I think once october hits you will have plenty of no longer useful systems hit the market so you could go to the next step of setting up local deployment servers at each customer.

@Datsys You have both a technical and legal question in your post that will require a fire dance to navigate well.

On the technical side, it is possible to configure FOG in a mobile deployment server mode. Whereas you can have FOG loaded on a portable computer and take it from site to site to deploy images. Its best if you use onboard storage for the images but it would be possible to use a portable usb drive but your downloading performance would be not good because of the bandwidth. If you used a high speed usb-c attached drive then performance would compare to onboard storage. One issue I see is that to properly network boot target computer for imaging you will need certain network infrastructure changes to make it work. This is modifying your dhcp server to send out the boot server (FOG server) ip address and boot file to load. While the fog server is on site this will work perfectly, if the fog server is at a different site not so much. You can mask this issue by installing dnsmasq on the mobile deployment server so that only the pxe boot information is sent out while the fog server is on site. This can also be problematic, but it is a workable solution.

The MS Windows/legal issue is a bit more complicated. For OEM licensed computers you are not allowed to create a golden image (customized image with additional software loaded) and then capture and deploy it to multiple computer. The EULA requires a volume license key for this. You can deploy images only in the OEM format and then after that is deployed add on custom software on top. To be able to deploy an OEM image (legally) You can either use FOG to share the ISO image to the target computer, or what I’ve done in the past is take a development machine and install Windows 11 on it, but only to the point of the first reboot. You MUST stop the system from booting on that first reboot. That first reboot is the transition from WinPE environment to the Windows Setup/OOBE process. Now capture that image at the first reboot and deploy with FOG. This is still inline with the OEM EULA because you are not altering the image only cloning it during the middle of installation. When you deploy the image to computer #2 WinSetup/OOBE will continue to run. Now at the end use FOG to install custom applications and your done.

I can tell you getting a VLK key and image is a much simpler solution. I don’t know what M$ current licensing is, but it use to be you only need to purchase 1 VLK key for all of the company’s computers to use the VLK key. You needed 5 licenses to reach the minimum order so for small companies that had a windows server and windows workstations we would purchase 1 VLK key and 4 widows servers client connection licenses, cause you can always use server connection licenses. Just let me repeat I don’t know what MS current licensing model is so this may be old information.

Just to wrap up:
Can you create a mobile FOG deployment server? Yes. You will need to be really familiar with Linux to do this though.
Can you repurpose all of these unused windows 10 computers as FOG servers and leave then connected to the customer’s network, Yes (a bit better idea).
Can you deploy Windows 11 with FOG, yes (until MS break this too).