Unable to UEFI boot
-
I’m facing trouble booting UEFI machines.
It seems UEFI not even trying to download the boot file from TFTP.
Any help will be much appreciated.
-
@sniffski on the uefi pcap, what does the OFFER say for both the ethernet header and dhcp options 66 and 67?
What device is your dhcp server?
-
@george1421 DHCP server is isc dhcp server running on separate (from fog) ubuntu server.
Here is the requested information, it looks correct, or at least much like the legacy OFFER with only difference in the boot file:
-
@sniffski For the DHCP OFFER I see the bootp part in the ethernet header, but not the dhcp info (66 and 67). For clients both need to be present. Its up to the target computer’s firmware program to use either bootp or dhcp to get the boot server and file name.
For reference here is what FOG will create if you tell FOG to create the dhcp server. Use this as reference for your existing dhcp server. It will work with FOG no problem. For Soho routers we need to make a different approach.
ref: https://wiki.fogproject.org/wiki/index.php/BIOS_and_UEFI_Co-Existence#Example_1
-
@george1421 Thank you for your time to write.
I’ve added these options as well, however nothing changed, I still get the same error.
Check the OFFER packet to see if that’s the desired option or I’m missing something:
-
@sniffski Looks pretty good to me including option 66/67 now. DO you still see the
NBP filesize is 0 Bytesor did the output on screen change? -
@sniffski OK that bit looks good.
So since you are comfortable with wireshark that will make the next bit easier. Since the FOG server and target computers are on the same subnet, lets use tcpdump from the FOG server perspective. (or wireshark on the fog server if that is where you are currently doing the capture from). Using wireshark on a witness computer will pick up the broadcast dhcp messages but it won’t the unicast messages. After the dhcp process the target computer reaches out to the fog server (dhcp option 66) and requests the file (dhcp option 67) and then transfers the boot loader (ipxe.efi) to the target computer over tftp. This is done over uicast messaging. So the witness computer won’t see it.
I have a tutorial here how to do this with tcpdump: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue
If you want to use wireshark on the fog server then use this capture filter
port 67 or port 68 or port 69 or port 4011Right after the DHCP DORA process it should ask the FOG server twice for the file defined in dhcp option 67, the first will be to check the size of the file the second to request the file.Also be aware for uefi that safeboot needs to be disabled on the target computer or it won’t boot the nbf (network boot file) if it does transfer it OK.
If you can’t get a solution then post the pcap to a file transfer site and either post the link here or use FOG DM to chat the URL to me and I’ll take a look at it.
