RE: UEFI PXE not booting

@jack_darnellits said in UEFI PXE not booting:

Running tcpdump on Ubuntu, I can see that the server is receiving requests from the client machine - but I suppose nothing is being sent back?

If your fog server and dhcp server are on the same subnet then tcpdump on your fog server should see the offer packet from the dhcp server. Inspect the offer packet to make sure in the ethernet header both next-server and boot-file values are being set correctly, also look in the dhcp options and make sure that dhcp options 66 and 67 are set correctly. I’ve seen some soho routers always point to them selves as the boot server even if your configuration says something ekse.

Additionally, i’ve used TFTP on a windows 11 vm to attempt to get the ipxe.efi file - which times out. Wireshark showed that it was receiving data packets back from the server, but would eventually time out after 8 or so attempts.

for tftp to work from a windows computer, you need to temporarily disable the windows firewall then it should work. tftp is similar to ftp where there is a command channel and a data channel. The windows firewall will block one of the channels (can’t remember which ATM).

I can get some screenshots come monday, but any suggestions would be greatly appreciated. If some more details are needed, please do let me know.

I also have a tutorial on how to start debugging this: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue you can view the pcap in wireshark to make it easier to review than just a straight tcpdump.

@olivier-bonnici If you have time to test, I have an idea what maybe causing this. I just saw a video on hacking a chromebox (seemingly unrelated), and they had a similar issue with downloads being unnaturally slow but uploads were OK.

It came down to the energy efficient ethernet built into the realtek nic.

What I want you to do this this:

1. schedule another deployment to this hardware, before you hit the schedule task button tick the debug checkbox then schedule the task.
2. PXE boot the target computer, it should go right into imaging, well it should drop you to a linux command prompt after several screens of text.
3. At the linux command prompt, we need to find the name of the ethernet adapter device. Issue the following command ip a s . Look in the list for the network device that has an IP address. Write down that name for the next stel.
4. Use the linux tool ethtool to disable ‘eee’ on the network adapter, in this case the ethernet adapter name is eno0 yours might be different, fix accordingly ethtool --set-eee eno0 eee off
5. On success of setting green ethernet to off lets start the imaging process. Key in fog and press enter. This will place you in single step mode. You will need to press enter at each breakpoint in the code but you will be able to see the partclone screen to see if the speed has improved.

I don’t know specifically if this is your issue but its worth a shot. If it does work we can do a few things to make this a forever change, but first we need to find out if it works or not.

@stokehall From the error it appears that FOS linux is not loading correctly.

So I would have to ask:

1. What version of FOG are you using
2. What version of FOS Linux (a.k.a The Kernel) are you using? Understand this is not the kernel version of the FOG server but FOS Linu FOG Settings->Kernel update.
3. Potentially the version of iPXE because it hands off booting from the FOG iPXE menu and starts FOS Linux (bzImage/init.xz)

What I would do to try to fix this is:

1. Make sure you have the latest FOS Linux kernel installed.
2. Recompile iPXE to ensure you have the latest version, there may be a compatibility issue with older iPXE versions and the Dell bios / firmware. ref:: https://forums.fogproject.org/topic/15826/updating-compiling-the-latest-version-of-ipxe
3. Make sure FOG is at the latest release.

@Ced58 I use this model. It’s best to get either the official Lenovo usb c ethernet adapter or the proprietary Lenovo adapter for the special ethernet port on these. Also in the bios there’s a Mac pass through option that you want to set to internal or second Mac address. With the latest version of fog and kernel it should see that internal mac even if you share an adapter for imaging multiple of that device.

@alterak If you know how to program linux bash scripts this is possible. You will need to edit a script called fog.man.reg that is in FOS Linux (the OS that runs on the target computer to capture/deploy images). I have a tutorial on modifying that program to set a default hostname. But the concepts you need to do what you ware are listed here: https://forums.fogproject.org/topic/14278/creating-custom-hostname-default-for-fog-man-reg

@Faurel ok good that looks like a clean dhcp process. It would be helpful to have the pcap file in my hand, but you want to expand the OFFER packet. The OFFER packet you can tell from the Info column.

In the packet you may need to expand the dhcp section. You should see the image similar to below. What is important is the next server IP address should point to IP address of your fog server. and boot file name should be ipxe.efi. You see in this example that the boot file name was not given, this is the error with this packet. The next server and boot file are in the ethernet header. This is the legacy bootp pxe section.

The next place you need to check is the dhcp options below. You should see dhcp options 66 which should be the IP address of the fog server and dhcp 67 should be the boot file name of ipxe.efi. In this picture this packet is also in error since the dhcp server is not sending out all of the pxe booting info. So if your offer packet looks like this you have a problem.

@alterak said in FOG operation in different network segments:

is there a possibility of automatic separation of locations,

I’m not sure I fully understand the question, but if you are asking can it automatically pick which location to select based on the IP address of the computer being registered. The quick answer is no, FOG doesn’t currently have that capabilities.

The bit longer answer is it could if you can be a little creative and can do a little linux bash script programming. In a nutshell, you can customize the bash script that is setup for full registration of computers. The basics of what needs to be done is covered in this tutorial: https://forums.fogproject.org/topic/14278/creating-custom-hostname-default-for-fog-man-reg

The IP address bit can come from this script: https://forums.fogproject.org/post/69725 This post is for getting the IP address to be used in a FOG postdownload script. But the concept will be the same for the fog.man.reg script.

@Faurel said in PXE over IPv4:

My DHCP server is a VM running Nutanix.

What is your dhcp server? Is it MS Windows based or something else.

Do you know how to run wireshark? I think we need to get a witness computer (a third computer not part of pxe booting). Place the wireshark computer on the same subnet as the pxe booting computer. Use the capture filter of port 67 or port 68 This capture filter will only collect pxe booting information.

What I want to focus on is the one or more DHCP OFFER packets.

1. Is there more than 1 OFFER packet?
2. Is the OFFER packet from the correct DHCP server?
3. Looking into the OFFER packet, in the packet header there are two fields one called {next-server} and {boot-file} are these fields populated?
4. Look at the dhcp options do you see options 66 and 67? Do they point to the correct values?

If you are unsure of what you are looking at, upload the file to a file share site and post the link here and I will take a look for the common issues.

@alterak Typically in your situation you would install a full fog server at the main site. Then install a FOG Storage node at the second site. Technically they perform the same roles except the full fog server has the database and the web interface. One additional caveat is that the Full fog server (or called master node) is the only FOG server that can capture images. The images created at the master node will replicate to the storage node. This is how it works by design.

One other thing that will help you is to install a FOG “Location” plugin. This way you assign fog servers and target computers to locations so the target computers will know what FOG server to get the images from.

@Faurel There are several things here.

The no valid offer received, indicates it either did not receive a dhcp packet without the next server and boot file listed or what it was given didn’t satisfy the request.

Let start with something that jumped out at me first. The pxe booting computer is being issued an 192.168.10.72 IP address (this is good so we know its receiving a reply). And your FOG server is on 192.168.3.93. That tells me they are on different subnets or you have a pretty wide network mask. Are these two devices on the same subnet?

If they are on different subnets, what is the dhcp server the workstation subnet? Is it possible you don’t have the pxe booting values set in the scope for the workstations? Or there is another dhcp server in play here?

Also make sure you don’t have white spaces around your dhcp option values I’ve seen a trailing white space on a parameter mess up dhcp too.

Lastly what device manufacturer and model is your dhcp server? Some SoHo routers will point dhcp option 66 to them even if there is a valid dhcp option 66 activated, but I don’t think that is the case here because the client is complaining about not getting any valid offers. Also on your dhcp sever make sure it issues both bootp (older) and dhcp (current) pxe booting values. These are kept in two different places in the dhcp server’s response packet.