UEFI pxe boot problem from a network
-
@george1421
Do you have an example for a more wordy client ? I use libvirt for virtualisation, but I think it does not support uefi pxe boot. -
@lebrun78 ok I think what we will need next is to have you install wireshark on a witness (extra) computer and use the capture filter of
udp.port 67 or udp.port 68
Lets see what your dhcp server is telling that target computer to boot in uefi mode. -
How could I have a witness ?
-
@lebrun78 said in UEFI pxe boot problem from a network:
How could I have a witness ?
Yes I was concerned that the name would not translate good.
What I meant is to have an extra computer plugged into the same subnet as the one that will not pxe boot in uefi mode. On this extra computer load wireshark (free program) and set the capture filter to what I said, so that it only sees the dhcp packets from your dhcp server. This will give us an idea where the problem is. If you save the pcap file (output from wireshark) to an internet file share site, then post the link here I will look at it quickly to see what is the pxe booting client being told.
-
@lebrun78 said in UEFI pxe boot problem from a network:
Mar 9 16:43:36 sybille2 dhcpd: PXEClient:Arch:00007:UNDI:003016
Mar 9 16:43:36 sybille2 dhcpd: DHCPDISCOVER from 10:65:30:83:5c:4b via em2.10
Mar 9 16:43:36 sybille2 dhcpd: DHCPOFFER on 148.60.10.140 to 10:65:30:83:5c:4b via em2.10
Mar 9 16:43:39 sybille2 dhcpd: PXEClient:Arch:00007:UNDI:003016
Mar 9 16:43:39 sybille2 dhcpd: DHCPREQUEST for 148.60.10.140 (148.60.10.252) from 10:65:30:83:5c:4b via em2.10
Mar 9 16:43:39 sybille2 dhcpd: DHCPACK on 148.60.10.140 to 10:65:30:83:5c:4b via em2.10We are sure the MAC is the one from the UEFI machine not properly PXE booting? Just want to make sure. If it is we do know the DHCP handshake is actually happening.
Looking through the config again I had the idea that maybe naming the classes all the same might be causing the issue. Though this doesn’t explain why only UEFI PXE boot is failing. Still you might want to change the names for one of the groups.
Other than that we’d need to get a packet dump from the DHCP information as suggested by George. You should be able to capture in the command line with a filter:
tcpdump -w /tmp/foo.pcap ether host 10:65:30:83:5c:4b
Upload the pcap to a fileshare and post a link here.
-
@Sebastian-Roth said in UEFI pxe boot problem from a network:
Looking through the config again I had the idea that maybe naming the classes all the same might be causing the issue. Though this doesn’t explain why only UEFI PXE boot is failing. Still you might want to change the names for one of the groups.
Which parameter should I change in the class declaration ?
-
@lebrun78 Just the names. Make it
class "10Legacy"
and so on for that subnet. -
@Sebastian-Roth
Hello
I tried to rename class but no success.I listen with wireshark and I discovered a problem with dhcp:
[https://filesender.renater.fr/?s=download&token=4e7a028b-59d6-afb9-d4bf-b08eb97b9e92](url du lien)mask and rouer do not correspond with ip obtained which is in the good subnet???
subnet 148.60.10.0 netmask 255.255.255.0 { ########################################## option domain-name-servers 148.60.15.109,148.60.15.106 ; option domain-name "istic.univ-rennes1.fr" ; option routers 148.60.10.254 ; option subnet-mask 255.255.255.0 ; default-lease-time 600 ; max-lease-time 1200 ; group { # On commente les deux lignes suivantes pour eviter le menu de Fog next-server 148.60.4.1; class "Legacy" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000"; filename "undionly.kkpxe"; } class "UEFI-32-2" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002"; filename "i386-efi/ipxe.efi"; } class "UEFI-32-1" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006"; filename "i386-efi/ipxe.efi"; } class "UEFI-64-1" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007"; filename "ipxe.efi"; } class "UEFI-64-2" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008"; filename "ipxe.efi"; } class "UEFI-64-3" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009"; filename "ipxe.efi"; } host hobart { hardware ethernet 00:0C:29:CF:D4:2F; fixed-address hobart; option Host-name "hobart";} host perth { hardware ethernet 00:0C:29:DA:4C:8B; fixed-address perth; option Host-name "perth";} # marque debut pour dhcp-vm vlan 10, pas touche SVP. host winrm10 {hardware ethernet 00:11:E2:61:00:03; fixed-address winrm10; option Host-name "winrm10";} # Ajout par dhcp-vm le 22/08/2016 (11:32:32) # marque fin pour dhcp-vm vlan 10, pas touche SVP. } pool { deny members of "telephones-ip"; range 148.60.10.180 148.60.10.220; next-server 148.60.4.1; #filename "pxelinux.0"; } #################################################### # pool d'adresse dynamique reserve aux telephones IP # testsip pool { allow members of "telephones-ip"; range 148.60.10.224 148.60.10.239; #avec un masque de 255.255.255.240 pour erebus } }
-
@lebrun78 said in UEFI pxe boot problem from a network:
mask and rouer do not correspond with ip obtained which is in the good subnet
You are right. If the posted config is the one in place we shouldn’t see router being set to 148.60.7.254 and mask to 255.255.248.0…
So something must be wrong with the config I suppose but I can’t find it. I’ve looked over it several times but just can’t see the obvious.
Is the config you posted really the whole one you have?
-
@Sebastian-Roth
Yes I only have one dhcp server.
I search to resolve the problem all last day, without success.
I change a different lease time for ech subnet.
Subnet 10 (Vlan10) clients receive Subnet 0 (vlan2) parameters. Why ?Would you know how to make dhcp los more verbose ?
-
More strange, ip parameters are correct when the os (ubuntu) is running !
-
@lebrun78 I haven’t tried this myself yet but just came across this: https://docs.menandmice.com/display/MM/using+the+log+function+for+debugging
You should be able to add specific logging statements to your config to see which one is used depending on VLANs as well as finding the difference between iPXE and Ubuntu booting on VLAN 10.
-
Hello
I take advantage that the university is deserted (covid19) to be able to do my dhcp tests, so I can easely insolate the boot log from a machine.
I have allways this problem on the vlan only with uefi pxe bootMar 31 11:37:08 sybille2 dhcpd: DHCPREQUEST for 148.60.10.34 from 00:11:e2:61:00:03 via em2.10 Mar 31 11:37:08 sybille2 dhcpd: DHCPACK on 148.60.10.34 to 00:11:e2:61:00:03 via em2.10 Mar 31 11:37:34 sybille2 dhcpd: PXEClient:Arch:00007:UNDI:003016 Mar 31 11:37:34 sybille2 dhcpd: Lease request from 10:65:30:83:5c:4b in subnet 148.60.10 Mar 31 11:37:34 sybille2 dhcpd: DHCPDISCOVER from 10:65:30:83:5c:4b via em2.10 Mar 31 11:37:35 sybille2 dhcpd: DHCPOFFER on 148.60.10.193 to 10:65:30:83:5c:4b via em2.10 Mar 31 11:37:37 sybille2 dhcpd: PXEClient:Arch:00007:UNDI:003016 Mar 31 11:37:37 sybille2 dhcpd: Lease request from 10:65:30:83:5c:4b in subnet 148.60.10 Mar 31 11:37:37 sybille2 dhcpd: DHCPREQUEST for 148.60.10.193 (148.60.10.252) from 10:65:30:83:5c:4b via em2.10 Mar 31 11:37:37 sybille2 dhcpd: DHCPACK on 148.60.10.193 to 10:65:30:83:5c:4b via em2.10
-
It looks like that topic no ?
George1421 have respond to this;
https://community.spiceworks.com/topic/2141866-wds-uefi-pxeboot-when-dhcp-and-clients-are-on-same-netwrok?from_forum=2721 -
pxe success on an other vlan, vlan with fog server
Mar 31 11:49:13 sybille2 dhcpd: PXEClient:Arch:00007:UNDI:003016 Mar 31 11:49:13 sybille2 dhcpd: Lease request from c8:1f:66:b1:e0:86 in subnet 148.60.0.0 Mar 31 11:49:13 sybille2 dhcpd: DHCPDISCOVER from c8:1f:66:b1:e0:86 via em2.2 Mar 31 11:49:13 sybille2 dhcpd: DHCPOFFER on 148.60.3.85 to c8:1f:66:b1:e0:86 via em2.2 Mar 31 11:49:16 sybille2 dhcpd: PXEClient:Arch:00007:UNDI:003016 Mar 31 11:49:16 sybille2 dhcpd: Lease request from c8:1f:66:b1:e0:86 in subnet 148.60.0.0 Mar 31 11:49:16 sybille2 dhcpd: DHCPREQUEST for 148.60.3.85 (148.60.4.3) from c8:1f:66:b1:e0:86 via em2.2 Mar 31 11:49:16 sybille2 dhcpd: DHCPACK on 148.60.3.85 to c8:1f:66:b1:e0:86 via em2.2 Mar 31 11:49:39 sybille2 dhcpd: PXEClient:Arch:00007:UNDI:003010 Mar 31 11:49:39 sybille2 dhcpd: Lease request from c8:1f:66:b1:e0:86 in subnet 148.60.0.0 Mar 31 11:49:39 sybille2 dhcpd: DHCPDISCOVER from c8:1f:66:b1:e0:86 via em2.2 Mar 31 11:49:39 sybille2 dhcpd: DHCPOFFER on 148.60.3.85 to c8:1f:66:b1:e0:86 via em2.2 Mar 31 11:49:40 sybille2 dhcpd: PXEClient:Arch:00007:UNDI:003010 Mar 31 11:49:40 sybille2 dhcpd: Lease request from c8:1f:66:b1:e0:86 in subnet 148.60.0.0 Mar 31 11:49:40 sybille2 dhcpd: DHCPDISCOVER from c8:1f:66:b1:e0:86 via em2.2 Mar 31 11:49:40 sybille2 dhcpd: DHCPOFFER on 148.60.3.85 to c8:1f:66:b1:e0:86 via em2.2 Mar 31 11:49:44 sybille2 dhcpd: PXEClient:Arch:00007:UNDI:003010 Mar 31 11:49:44 sybille2 dhcpd: Lease request from c8:1f:66:b1:e0:86 in subnet 148.60.0.0 Mar 31 11:49:44 sybille2 dhcpd: DHCPREQUEST for 148.60.3.85 (148.60.4.3) from c8:1f:66:b1:e0:86 via em2.2 Mar 31 11:49:44 sybille2 dhcpd: DHCPACK on 148.60.3.85 to c8:1f:66:b1:e0:86 via em2.2
-
@lebrun78 So let me see if I understand the issue.
On one vlan you can not pxe boot a uefi system, but on the same vlan you can pxe boot a bios based computer?
On a second vlan you can pxe boot both a uefi system and a bios based system no problem?
If that is the case I’d like to see a wireshark pcap of a uefi failed boot on the bad vlan. Use wireshark installed on a witness (extra) computer with a wireshark capture filter of
port 67 or port 68
When you capture the power on and pxe boot of the target computer start wireshark, power on the computer and pxe boot to the error. Then stop wireshark and save the pcap. In the pcap you will see a dhcp discover from the target computer, then a dhcp offer from your main dhcp server. We need to look into that offer packet to see what the target computer is being told to boot. Upload the pcap here so we can look at it.
-
Hello,
On one vlan you can not pxe boot a uefi system, but on the same vlan you can pxe boot a bios based computer? Yes
On a second vlan you can pxe boot both a uefi system and a bios based system no problem? Yes, the vlan the fog server is on.
Here is the capture from the wittness host:
No. Time Source Destination Protocol Length Info 1 0.000000000 0.0.0.0 255.255.255.255 DHCP 389 DHCP Discover - Transaction ID 0xea2ea26c Frame 1: 389 bytes on wire (3112 bits), 389 bytes captured (3112 bits) on interface 0 Ethernet II, Src: Dell_83:5c:4b (10:65:30:83:5c:4b), Dst: Broadcast (ff:ff:ff:ff:ff:ff) Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255 User Datagram Protocol, Src Port: 68, Dst Port: 67 Dynamic Host Configuration Protocol (Discover) No. Time Source Destination Protocol Length Info 2 1.001404071 148.60.10.252 255.255.255.255 DHCP 343 DHCP Offer - Transaction ID 0xea2ea26c Frame 2: 343 bytes on wire (2744 bits), 343 bytes captured (2744 bits) on interface 0 Ethernet II, Src: Dell_82:50:7e (50:9a:4c:82:50:7e), Dst: Broadcast (ff:ff:ff:ff:ff:ff) Internet Protocol Version 4, Src: 148.60.10.252, Dst: 255.255.255.255 User Datagram Protocol, Src Port: 67, Dst Port: 68 Dynamic Host Configuration Protocol (Offer) No. Time Source Destination Protocol Length Info 3 3.271384044 0.0.0.0 255.255.255.255 DHCP 401 DHCP Request - Transaction ID 0xea2ea26c Frame 3: 401 bytes on wire (3208 bits), 401 bytes captured (3208 bits) on interface 0 Ethernet II, Src: Dell_83:5c:4b (10:65:30:83:5c:4b), Dst: Broadcast (ff:ff:ff:ff:ff:ff) Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255 User Datagram Protocol, Src Port: 68, Dst Port: 67 Dynamic Host Configuration Protocol (Request) No. Time Source Destination Protocol Length Info 4 3.404871387 148.60.10.252 255.255.255.255 DHCP 343 DHCP ACK - Transaction ID 0xea2ea26c Frame 4: 343 bytes on wire (2744 bits), 343 bytes captured (2744 bits) on interface 0 Ethernet II, Src: Dell_82:50:7e (50:9a:4c:82:50:7e), Dst: Broadcast (ff:ff:ff:ff:ff:ff) Internet Protocol Version 4, Src: 148.60.10.252, Dst: 255.255.255.255 User Datagram Protocol, Src Port: 67, Dst Port: 68 Dynamic Host Configuration Protocol (ACK)
Thank you very much for your help.
-
In
UEFI Reading the DHCP offer on boot, router ip et subnet mask are wrong. (ip router and subnet mask of the vlan of fog server).In legacy mode, (same PC, same vlan)
router ip et subnet mask are wrong too. (ip router and subnet mask of the vlan of fog server). But the boot is going on
capturedhcp.txt -
@lebrun78 would you upload the entire pcap. I need to see the raw data and not just the packet headers.
-
here is a uefi capture: