TFTP Timeout
-
Hey Everyone!
My new job uses SSDs with images on it in order to image machines, however it often gets VERY busy and we are limited by how many machines we can image at once, and which SSD has the newest image on it etc etc.
I spoke with my boss and we have decided that it would be easier for us to build an imaging server. I have decided to load Ubuntu Desktop LTS in a VM on one of our standard W10 images. I have finished the install all the way through and had our network admin change the DHCP settings so port 66 points to the servers static IP and 67 is undionly.kpxe. When I go to PXE boot with a test machine I get the TFTP timeout error. I have turned on TFTP in the Windows settings and turned off the firewall on the VM but it still errors out when I try to boot. Does anyone have any ideas?
-
@quinnby95 What does the network setup of that VM look like? What kind of VM is it by the way?
-
This post is deleted! -
It is a bridged NAT, the Windows itself has a static IP of 192.168.1.71 and the VM has a static IP of 192.168.1.72.
It is Ubuntu 18.0.4.2 LTS, using VirtualBox
-
@quinnby95 said in TFTP Timeout:
bridged NAT
Lets get a little clarity on this one. Is it bridged or NAT? They have different implications.
Is the computer you are trying to pxe boot on the same VM Hypervisor host or it is physically on the network somewhere?
If it is physically on the network somewhere, from a third computer on the same subnet as your pxe booting computer, can you ping the FOG server’s IP address?
-
My apologies, it is a BRIDGED adaptor. I am trying to boot it physically on the network. I have tried pinging the servers IP address from a 3rd PC and it does receive a response, so other computers can find it on the network
-
@quinnby95 OK then lets get started,
What do you have (exactly) for dhcp options 66 and 67?
If you install the tftp client windows feature can you use (from windows command line) use the tftp -get command to pull undionly.kpxe from the fog server to this third computer? -
DHCP option 66 points to the VM with the server installed (192.168.1.72) and option 67 points to undionly.kpxe.
When I try to pull the undionly from the 3rd computer it times out.
-
@quinnby95 OK excellent on the checks, now we have a path forward.
I want you to key in the following command on your FOG server linux console.
sudo netstat -an|grep :69
You may get a few lines depending on how busy your fog server is but the key line I’m looking for is this:udp 0 0 0.0.0.0:69 0.0.0.0:*
This tells us that the tftp server is listening for connections.
Also I have to ask did you perform the prerequisites before installing FOG?
- Set selinux to permissive
- Disable the firewall on the FOG server?
-
That is what shows up when I run the requested command
Yes when I installed FOG server I had SELINUX turned off as well as the firewall
-
@quinnby95 Ping works from an external machine but TFTP doesn’t? Do I get this right? Guess it is a firewall issue. Maybe Windows firewall and as well check the firewall in your VM:
sudo iptables -L -n -v
-
@Sebastian-Roth That is correct, I can ping the machine but no TFTP. I thought maybe a firewall issue too so I tried disabling the Windows firewall entirely as well and got the same result.
That is the response from the IP Tables
-
@quinnby95 Run this command to see if the firewall is enabled.
sudo ufw status
If its running then issue this command to stop it.
sudo ufw disable
Since you are using a Desktop OS, I’m suspecting its enabled by default.
Once you stop the firewall, test again to download the file using a windows client.
-
@george1421 The status is currently inactive, I turned off the firewall for both the Windows machine and Ubuntu and got the same results. I truly am at an impasse for why this is happening I spent the last week looking at other posts trying everything
-
@quinnby95 This is an interesting one…
We’ve hit on the simple ones, now lets look a bit deeper.
- Is selinux disabled:
sudo getenforce
Hopefully this returns Permissive - is there anything in the tftp directory?
ls -la /tftpboot
ensure that undionly.kpxe exists in that directory as well as a bunch of other files. - Are you using the proper tftp get command on the windows test system?
tftp <fog_server_ip> GET undionly.kpxe .
? - In /var/logs there may be a tftp log file it may be called in.tftp. See if there are any helpful messages in that log file. If you can’t find which log file to look into use this command
sudo grep -r tftp /var/log/*
to find the name of the log file as well as display any entries with tftp in the name
Other infrastructure questions. Is the FOG server and the target computer on the same subnet?
- Is selinux disabled:
-
Hello,
maybe i will dig up this topic because i am facing the same problem after 3 years of the last post here.I have very similar environment:
subnet: 10.6.22.0/24
FOG Server: 10.6.22.10 (1.5.9 stable)
HOST Windows 10: 10.6.22.11
virtualbox guest Windows 10: 10.6.22.107 (bridged adapter, IP obtained from fog DHCP)Tried with and without firewall enabled on windows PC.
Physical workstations from this subnet connect to FOG and tftp without problems. Problem occurs only with virtual machine Windows. I am trying to prepare my syspreped image in virtualbox and then capture it with FOG so this is the purpose i want it to work correctlyWhen i boot the virtual Windows from virtualbox i have:
and the answers for your questions are:
- Is selinux disabled: sudo getenforce Hopefully this returns Permissive
- is there anything in the tftp directory? ls -la /tftpboot ensure that undionly.kpxe exists in that directory as well as a bunch of other files.
- Are you using the proper tftp get command on the windows test system? tftp <fog_server_ip> GET undionly.kpxe .?
*- I tried run this command from host Windows PC and also from guest Windows PC in Virtualbox - the same result - “connect request failed”, so there is not problem with VirtualBox software - I read on the other forums, where people was suggesting that VitrtualBox software is blocking someway the tftp.- In /var/logs there may be a tftp log file it may be called in.tftp. See if there are any helpful messages in that log file. If you can’t find which log file to look into use this command sudo grep -r tftp /var/log/* to find the name of the log file as well as display any entries with tftp in the name
Nothing special… some old logs… Only fresh logs:
/var/log/daemon.log:Oct 3 08:29:11 fog in.tftpd[23091]: tftp: client does not accept options
/var/log/daemon.log:Oct 3 09:56:53 fog in.tftpd[28424]: tftp: client does not accept options
/var/log/daemon.log:Oct 3 10:00:51 fog in.tftpd[28622]: tftp: client does not accept options
/var/log/daemon.log:Oct 4 13:34:30 fog dhcpd[32034]: option tftp-server-name 10.
/var/log/daemon.log:Oct 4 13:34:30 fog isc-dhcp-server[32025]: option tftp-server-name 10.
/var/log/daemon.log:Oct 4 13:34:30 fog dhcpd[32035]: option tftp-server-name 10.
/var/log/daemon.log:Oct 4 13:35:33 fog dhcpd[32122]: option tftp-server-name 10.
/var/log/daemon.log:Oct 4 13:35:33 fog dhcpd[32123]: option tftp-server-name 10.
/var/log/daemon.log:Oct 4 13:35:33 fog isc-dhcp-server[32113]: option tftp-server-name 10.
/var/log/daemon.log:Oct 4 14:03:06 fog in.tftpd[1721]: tftp: client does not accept optionsbut i was trying to connect to tftp from this Windows PC with and without firewall so these logs aren’t very helpful.
I also tried to add some options to /etc/dhcp/dhcpd.conf:
but it didn’t help.
Do you have some other suggetsions what should I check?
-
@daarnalthe Have you tried sending ping (ICMP) packets from the Windows 10 VM to your FOG Server and back?
Firewall on the FOG server is disabled or enabled?
-
@Sebastian-Roth
I don’t have active any firewall on the FOG server and i can PING it from the VM Windows. -
@Sebastian-Roth
Hmm… Maybe “some other forums” has right… Maybe somehow Virtualbox software blocks the tftp processes while PXE booting…I change VM software to Windows Hyper-V and i don’t have problem with tftp timeout anymore…