http connection timed out

Pi0tR

Hi im trying to boot my host from PXE (fog 1.5.6)

TFTP works fine default.ipxe downloaded via tftp serwer but i have a problem with /fog/service/ipxe/boot.php file

Connection timed out when trying to get this file from serwer via http, when im get this file in Google Chrome all works fine, anybody know what am I doing wrong ?

Sebastian Roth

@Pi0tR The picture was not uploaded properly. Please upload again.

From what you wrote so far it seems like you are on the right track to debug this. Opening the boot.php URL in a browser is a good start to try and find out what’s wrong. Are those two computers in the same network subnet? Is the FOG in the same subnet as well? Just asking if there might be a firewall between the booting client and your FOG server.

As well, can you copy&paste the whole output you get in the browser when opening the URL? Just wanna make sure it returns the correct iPXE command codes.

Try opening the URL including the MAC address parameter as well: http://x.x.x.x/fog/service/ipxe/boot.php?mac=aa:bb:cc:dd:ee:ff (copy & paste the output of that here in the forum as well just to make sure this is correct too)

Pi0tR

image:

boot.php return

#!ipxe
set fog-ip 172.16.2.50
set fog-webroot fog
set boot-url http://${fog-ip}/${fog-webroot}
cpuid --ext 29 && set arch x86_64 || set arch i386
goto get_console
:console_set
colour --rgb 0x00567a 1 ||
colour --rgb 0x00567a 2 ||
colour --rgb 0x00567a 4 ||
cpair --foreground 7 --background 2 2 ||
goto MENU
:alt_console
cpair --background 0 1 ||
cpair --background 1 2 ||
goto MENU
:get_console
console --picture http://172.16.2.50/fog/service/ipxe/bg.png --left 100 --right 80 && goto console_set || goto alt_console
:MENU
menu
colour --rgb 0xff0000 0 ||
cpair --foreground 1 1 ||
cpair --foreground 0 3 ||
cpair --foreground 4 4 ||
item --gap Host is NOT registered!
item --gap -- -------------------------------------
item fog.local Boot from hard disk
item fog.memtest Run Memtest86+
item fog.reginput Perform Full Host Registration and Inventory
item fog.reg Quick Registration and Inventory
item fog.deployimage Deploy Image
item fog.multijoin Join Multicast Session
item fog.sysinfo Client System Information (Compatibility)
choose --default fog.local --timeout 3000 target && goto ${target}
:fog.local
chain -ar ${boot-url}/service/ipxe/grub.exe --config-file="rootnoverify (hd0);chainloader +1" || goto MENU
:fog.memtest
kernel memdisk initrd=memtest.bin iso raw
initrd memtest.bin
boot || goto MENU
:fog.reginput
kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=http://172.16.2.50/fog/ consoleblank=0 rootfstype=ext4 storage=172.16.2.50:/images/ storageip=172.16.2.50 loglevel=4 mode=manreg
imgfetch init_32.xz
boot || goto MENU
:fog.reg
kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=http://172.16.2.50/fog/ consoleblank=0 rootfstype=ext4 storage=172.16.2.50:/images/ storageip=172.16.2.50 loglevel=4 mode=autoreg
imgfetch init_32.xz
boot || goto MENU
:fog.deployimage
login
params
param mac0 ${net0/mac}
param arch ${arch}
param username ${username}
param password ${password}
param qihost 1
isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
param sysuuid ${uuid}
:fog.multijoin
login
params
param mac0 ${net0/mac}
param arch ${arch}
param username ${username}
param password ${password}
param sessionJoin 1
isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
param sysuuid ${uuid}
:fog.sysinfo
kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=http://172.16.2.50/fog/ consoleblank=0 rootfstype=ext4 storage=172.16.2.50:/images/ storageip=172.16.2.50 loglevel=4 mode=sysinfo
imgfetch init_32.xz
boot || goto MENU
:bootme
chain -ar http://172.16.2.50/fog/service/ipxe/boot.php##params ||
goto MENU
autoboot

im trying to connect to server from another VLAN (another subnet)
fog-srv IP 172.16.2.50/24
host IP 172.16.20.x/24 - dhcp is on a fog-srv

boot.php with MAC param return

#!ipxe
set fog-ip 172.16.2.50
set fog-webroot fog
set boot-url http://${fog-ip}/${fog-webroot}
cpuid --ext 29 && set arch x86_64 || set arch i386
goto get_console
:console_set
colour --rgb 0x00567a 1 ||
colour --rgb 0x00567a 2 ||
colour --rgb 0x00567a 4 ||
cpair --foreground 7 --background 2 2 ||
goto MENU
:alt_console
cpair --background 0 1 ||
cpair --background 1 2 ||
goto MENU
:get_console
console --picture http://172.16.2.50/fog/service/ipxe/bg.png --left 100 --right 80 && goto console_set || goto alt_console
:MENU
menu
colour --rgb 0xff0000 0 ||
cpair --foreground 1 1 ||
cpair --foreground 0 3 ||
cpair --foreground 4 4 ||
item --gap Host is NOT registered!
item --gap -- -------------------------------------
item fog.local Boot from hard disk
item fog.memtest Run Memtest86+
item fog.reginput Perform Full Host Registration and Inventory
item fog.reg Quick Registration and Inventory
item fog.deployimage Deploy Image
item fog.multijoin Join Multicast Session
item fog.sysinfo Client System Information (Compatibility)
choose --default fog.local --timeout 3000 target && goto ${target}
:fog.local
chain -ar ${boot-url}/service/ipxe/grub.exe --config-file="rootnoverify (hd0);chainloader +1" || goto MENU
:fog.memtest
kernel memdisk initrd=memtest.bin iso raw
initrd memtest.bin
boot || goto MENU
:fog.reginput
kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=http://172.16.2.50/fog/ consoleblank=0 rootfstype=ext4 storage=172.16.2.50:/images/ storageip=172.16.2.50 loglevel=4 mode=manreg
imgfetch init_32.xz
boot || goto MENU
:fog.reg
kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=http://172.16.2.50/fog/ consoleblank=0 rootfstype=ext4 storage=172.16.2.50:/images/ storageip=172.16.2.50 loglevel=4 mode=autoreg
imgfetch init_32.xz
boot || goto MENU
:fog.deployimage
login
params
param mac0 ${net0/mac}
param arch ${arch}
param username ${username}
param password ${password}
param qihost 1
isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
param sysuuid ${uuid}
:fog.multijoin
login
params
param mac0 ${net0/mac}
param arch ${arch}
param username ${username}
param password ${password}
param sessionJoin 1
isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
param sysuuid ${uuid}
:fog.sysinfo
kernel bzImage32 loglevel=4 initrd=init_32.xz root=/dev/ram0 rw ramdisk_size=127000 web=http://172.16.2.50/fog/ consoleblank=0 rootfstype=ext4 storage=172.16.2.50:/images/ storageip=172.16.2.50 loglevel=4 mode=sysinfo
imgfetch init_32.xz
boot || goto MENU
:bootme
chain -ar http://172.16.2.50/fog/service/ipxe/boot.php##params ||
goto MENU
autoboot

Sebastian Roth

@Pi0tR said in http connection timed out:

im trying to connect to server from another VLAN (another subnet)
fog-srv IP 172.16.2.50/24
host IP 172.16.20.x/24 - dhcp is on a fog-srv

Please explain this a bit more. Which IP address/subnet does the machine receive from the DHCP server when it does the PXE boot and fails with “Connection timed out”?

I am still wondering if there is a firewall causing that?! From what we see in the picture the client boots via PXE gets and IP from the DHCP and is also able to load default.ipxe file from 172.16.2.50 (obviously your FOG server) without any problem. From my point of view this means that DHCP and routing are working just fine.

Pi0tR

im grab trafic from booth interfaces and i se this

Sebastian Roth

@Pi0tR Retransmission as seen in the wireshark screenshot usually happens when a previous packet (number 182 in your case) is not being answered by the other end. The client seems to send a proper TCP SYN packet to 172.16.2.50 destination port 80 (HTTP). Looks fine. But there is no response which should be a TCP packet with 172.16.2.50 - port 80 as source and 172.16.20.10 - port 20449 as destination.

So either the routing is not setup properly - which I doubt because TFTP seems to work. Or the firewall/router in between is simply dropping the HTTP (port 80) packets for some reason. Talk to your network people.

If you are still sure this is not a firewall issue then please boot up the client machine 172.16.20.10 to its normal operating system from disk and try accessing the URL http://172.16.2.50/fog/service/ipxe/boot.php from that machine. I guess it won’t work.

Pi0tR

probably i found a problem

my ids block requests from 172.16.20.10 to 172.16.2.50:80 but i dont know why

Sebastian Roth

@Pi0tR Nice find! It’s interesting it states “Invalid TCP packet for current connection state” as this is the first packet (only SYN flag) of a TCP three way handshake and therefore surely the connection does not exist yet.