PXE-E32: TFTP open time out on palo alto dhcp server

fernando.martinez

@fernando-martinez said in PXE-E32: TFTP open time out on palo alto dhcp server:

tftp -i 192.168.96.204 get undionly.pxe

Dnsmasq version is 2.75, I tried to create a sym link but i have the same problem.

george1421

@fernando-martinez would you grab another pcap with these links in place?

What I find strange is that why is it appending the .0 to the file name and why does it appear to request the file and appear to download it. From your picture of the pcap (it appears you deleted the original pcap) the client asks for the file size of undionly.kpxe.0 and it appears to get the file size because it asks for the file next from 96.204. If that file did not exist it should have not attempted to download it but fail on the file size request.

Edit: Ah I had the version wrong it needs to be 2.76 or later ref: https://forums.fogproject.org/topic/12796/installing-dnsmasq-on-your-fog-server

That config file “should” work with 2.75 but we will see the .0 file name appended onto the file name like we see in the pcap.

Sebastian Roth

@fernando-martinez said in PXE-E32: TFTP open time out on palo alto dhcp server:

I tried to create a sym link but i have the same problem.

From the picture we see you created the symlinks in the fogproject source directory. You need to create thos in /tftpboot/ directory…

fernando.martinez

@Sebastian-Roth @george1421

Hello guys! we did it!!
I created sym link in /tftpboot directory and i’ts worked!!
Now we have to configure.

Many thanks for your help!!!

joanmarzo

Hi,

I have the same problem, can u help me?

george1421

@joanmarzo Are you using a PaloAlto dhcp server too?

What specifically do you have defined for dhcp options 66 and 67?

joanmarzo

@george1421

Yes, I use palo alto dhcp too and I put this in 66 and 67 options!

Thanks!

george1421

@joanmarzo So I take it that 192.168.96.162 is the IP address of the fog server?

This is me just making an educated guess. Has the IP address of the fog server changed since FOG was installed? The fog server needs to be configured to use a static IP address before FOG is installed. As I said this is an educated guess but a FOG server IP address of .162 is pretty close to the IP address assigned to the target computer of .206. I might guess they are in the same subnet dhcp scope range. That is why I’m asking if the fog server ip address has changed.

joanmarzo

@george1421 said in PXE-E32: TFTP open time out on palo alto dhcp server:

This is me just making an educated guess. Has the IP address of the fog server changed since FOG was installed? The fog server needs to be configured to use a static IP address before FOG is installed. As I said this is an educated guess but a FOG server IP address of .162 is pretty close to the IP address assigned to the target computer of .206. I might guess they are in the same subnet dhcp scope range. That is why I’m asking if the fog server ip address has changed.

Yes, the IP of fogserver is 192.168.96.162 and I put it and static IP, If u want any information tell to me, thanks a lot

george1421

@joanmarzo Sorry about the slow response its been busy here this AM. So you put the static address in before you installed FOG? OK good. You can confirm that the IP address hasn’t changed between the time you installed FOG and now by inspecting the .fogsettings file more < /opt/fog/.fogsettings There is an IP field in there that indicates the IP address when FOG was installed.

If the IP address hasn’t changed then we might suspect your dhcp server is doing something abnormal. If we follow this thread it looks like we used dnsmasq to make everything work in the end.

I think in your case since you are using a firewall for a dhcp server and we’ve had issues in the past with firewalls not sending out the right information needed for pxe booting that we go ahead and install dnsmasq on your fog server. In this configuration the dnsmasq program will ONLY supply the pxe booting information all other information will still come from your main dhcp server. The nice thing about this is if you install dnsmasq on your FOG server and then turn off the fog server then all pxe booting will be turned off too.

If you follow these instructions you will be up and running with dnsmasq on your fog server in about 10 minutes. https://forums.fogproject.org/topic/12796/installing-dnsmasq-on-your-fog-server
If you have multiple subnets you will need to adjust an existing setting in your subnet router if you want to pxe boot on the subnets where your FOG server is not. Other than dealing with subnets, dnsmasq should just work.

joanmarzo

@george1421

I do the dnsmasq but the fog doesn’t work, any idea? I paste an screenshot about the ltsp.conf

george1421

@joanmarzo Did you make sure that the dnsmasq service is running? It should appear here with this command ps aux | grep dnsmasq

It should show you the service name and give you an ip address. If that doesn’t work make sure that you have the linux server firewall turned off. DNSMASQ is a simple tool, it should just work. Your ltsp.conf file looks good. It should just work.

If it not work then we can do some more deeper debugging. We are not out of options now.

joanmarzo

@george1421 said in PXE-E32: TFTP open time out on palo alto dhcp server:

ps aux | grep dnsmasq

Yes, the dnsmasq it’s work but I have the same error:( if u want we can do an remote session haha

george1421

@joanmarzo Sorry its not running. Use systemctl enable dnsmasq and then systemctl start dnsmasq to start it. When you do, there will be a second line to the ps command. If it still not running then we need to look at the server log to see what it’s not happy about grep dnsmasq /var/log/messages or grep dnsmasq /var/log/syslog to see of it complains about your ltsp.conf file. I did not see anything wrong with it but I maybe missed something too.

joanmarzo

@george1421 said in PXE-E32: TFTP open time out on palo alto dhcp server:

grep dnsmasq /var/log/messages

I try to initiate the dnsmasq but it doesn’t work

george1421

@joanmarzo Well we know why it not work. So when you install FOG server did you tell it to install dhcp server? For some reason dnsmasq can’t start because dhcp server already is running on the fog server. DNSMASQ failed because it says you have dhcp server already running on this computer.

I think you are using ubuntu from the screen shots I see already. The command to stop the dhcp server might be. See if this command will stop the dhcp server running on the fog server. If you have palo alto dhcp server on your network then having 2 dhcp servers will cause problems. systemctl stop isc-dhcp-server then try to start dnsmasq. If it starts OK then you can disable isc dhcp server with this command systemctl disable isc-dhcp-server

Once you see dnsmasq running then pxe booting should work.

joanmarzo

@george1421 I use Centos7

george1421

@joanmarzo OK so I’m a bad guesser for operating systems.

For Centos you use these commands.

systemctl stop dhcpd to stop the dhcp server

systemctl disable dhcpd to make it not start on next reboot.

joanmarzo

@george1421 said in PXE-E32: TFTP open time out on palo alto dhcp server:

systemctl disable dhcpd

george1421

@joanmarzo looks good now. The ps aux | grep dnsmasq now should give you two lines. That means its running. You will see the line with grep in it, but you should also see a line that starts dnsmasq.