Zyxel USG40 DHCP Pool

juels

Hello i’m just wondering if I configured my router setup correctly i’m kinda new into the fog project but eager to learn more.

I have spend countless hours on the internet to fix some of my issues I had but I realized I just need to attack 1 problem at the time.

I’m working for a IT company with about 500+ computers around the country and since we are about to create 100+ more workstations ready I wanted to setup a FOG server that can make things a little bit easier for my colleagues and myself
I want a setup with 1 FOG server running on a VM with 2 NICs

1 that’s used to access it from our local network 192.168.10.0 and 1 that has it’s completely own network like 10.0.0.0 or 192.168.0.0

But since i’m running the DHCP from our USG40 I just wanted to share the config of the DHCP pool and I want to see if any of you can spot if there is any issue

btw we are only using Linux servers in the office but I don’t care about the distro so if you have any success stories or just a really good distro for FOG or FOG version please share you’re knowledge.

The workstation i’m cloning is a Dell OptiPlex 3070 Micro just wanted to share that aswell.

DHCP pool name : LAN1_POOL
  network          :              192.168.10.0,   netmask           :             255.255.255.0
  domain name      :                      none,   lease time        :      2 day  0 hour  0 min
  host             :                      none,   hardware address  :                      none
  client identifier:                      none,   client name       :                      none
  starting address :             192.168.10.33,   pool size         :                        70
  first dns server :                    ZyWALL,   second dns server :                   8.8.8.8
  third dns server :                      none,   default router    :            192.168.10.250
  first wins server:                      none,   second wins server:                      none
  authoritative    :                       yes
  description      :
  bootp server ip  : 192.168.10.45
  bootfile         : undionly.kpxe

Best regards juels

george1421

@juels

1 that’s used to access it from our local network 192.168.10.0 and 1 that has it’s completely own network like 10.0.0.0 or 192.168.0.0

What is your end goal here with 2 networks. Is one for management and one for an isolated imaging network? If so this is a common configuration.

But since i’m running the DHCP from our USG40 I just wanted to share the config of the DHCP pool and I want to see if any of you can spot if there is any issue

Share the dhcp between what? the business network and the isolated imaging network? If so, not possible.

a really good distro for FOG or FOG version please share you’re knowledge.

We see less problems with Centos 7 than Ubuntu. Bot FOG supports the big three the best with Centos, Ubuntu, and Debian.

i’m cloning is a Dell OptiPlex 3070

You will need to test the bleeding edge hardware to see if its compatible with the linux kernel that FOG uses. The FOG Project is dependent on the linux kernel developers to provide hardware support.

Also using your router, I will suspect that you will have issue supporting both bios and uefi systems seamlessly. Both hardware platforms require their own boot loader. For the bios systems you need to load undionly.kpxe and for uefi you will need ipxe.efi boot loaders. The static settings in most routers don’t support the dynamic boot file allocations. Not a problem because we can use dnsmasq to support dynamic booting between the firmware platforms.

juels

@george1421 said in Zyxel USG40 DHCP Pool:

ipxe.efi

Hello George

Thanks for the quick respons.

But if I use dnsmasq do I need to put all 100+ workstations MAC-addresses in the dhcpd.conf? Or can dnsmasq automatically provide DHCP address for all 100+ machines? without giving them fixed addresses?

But I will try with the ipxe.efi - 100% 1 of the issues i’m having. Thanks

george1421

@juels said in Zyxel USG40 DHCP Pool:

But if I use dnsmasq do I need to put all 100+ workstations MAC-addresses in the dhcpd.conf? Or can dnsmasq automatically provide DHCP address for all 100+ machines? without giving them fixed addresses?

How dnsmasq works in this configuration is that it only supplies the pxe boot information. The main dhcp server provides all other settings. If you follow this tutorial exactly it should take you about 10 minutes to setup and start servicing your pxe booting. https://forums.fogproject.org/topic/12796/installing-dnsmasq-on-your-fog-server DNSMASQ will override any settings you have in dhcp for pxe booting.

You still haven’t explained the dual network bit. You will need to take precautions if you install dnsmasq on a linux server with 2 network interfaces. One of the 2 subnets will get the wrong boot information if dnsmasq is bound to both interfaces.

juels

@george1421 Actually I don’t need dual NICs since the server is located in my department, so I can just access it when I need it.

I actually just want a FOG server and a 24port switch connected so I can connect my workstations for deployment, but what about dhcp then?

But do I still need to give the workstations I connect a fixed ip address?

But I also need internet connection to install FOG what’s why I thought I needed two NICs

george1421

@juels said in Zyxel USG40 DHCP Pool:

Actually I don’t need dual NICs since the server is located in my department, so I can just access it when I need it.
I actually just want a FOG server and a 24port switch connected so I can connect my workstations for deployment, but what about dhcp then?

Well you do and you don’t. To install FOG the fog server needs to have internet access. BUT FOG gets cranky when you change its IP address after FOG is installed. So its best to have 2 network interfaces. One for management and internet access to install/upgrade FOG and one for imaging (if you want an isolated imaging network, not specifically required). If you have an isolated imaging network then you will need to configure the FOG server to be the dhcp server for the imaging network. Just understand the system’s imaged on the imaging network won’t have access to the rest of your network including the AD server if the target servers will connect to AD.

If you are concerned about network traffic AND as part of the imaging process your computers need to reach out of the isolated network you are better off not to use an isolated imaging network. You can modify your design a bit to plug the fog server and computers to be imaged on that 24 port switch, then plug that 24 port switch into your business network. All imaging will stay local to that 24 port switch but the clients that are imaged will be able to reach your business network servers and the internet if needed.