Isolated Network Setup (Stuck in Start PXE over IPv4)
-
@Enigma Well it look like I forgot to hit submit earlier when I responded. Looks like the dhcp server is up and running and listening on port 67. So that is the first half of getting things to boot.
I think the next step is to configure the fog server to capture a pxe boot packet to see if there are any other actors involved. Here are the steps needed to configure tcpdump on the fog server to capture the pxe booting process.
https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue?_=1687300270627Other things I’ve seen cause pxe booting issues.
If dhcp snooping is enabled on your network to only allow dhcp packets to get to the defined dhcp server and that dhcp server is not the FOG server.
If you have more than one dhcp server on your subnet and the other dhcp server responds before the fog server.
You have a proxy dhcp server configured on your network
Your fog server is running as a VM on a vm host server that doesn’t have the promiscuous network mode enabled.Most of these questions will be answered with the pcap. Once you collect the pcap upload it to a file share site and share it as public read only. Then either post the link here or use the fog forum chat and DM me the link. I will take a look and let you know what we found.
-
I sent over the Wireshark traffic cap over DM, also some screenshots.
-
@george1421 I’ve disabled the firewall on the server and I’m seeing the same results (only DHCP discover packets going through)
-
@Enigma Are you sure it’s booting PXE and not UEFI?
In case it is UEFI, please disable secure boot on the machine.
-
@Tom-Elliott
Hello, Yes you are right it was not but now it is but now stuck here.
-
@Enigma Can you edit your /etc/dhcpd.conf file and change the instances of undionly.kpxe to undionly.kkpxe, if that still doesn’t work, attempt ipxe.pxe?
Once you change the file, you’ll need to restart dhcpd service with:
systemctl restart dhcpd -
@Tom-Elliott Ok, but the dhcpd.conf file is empty, where should add those details?
-
@Enigma ok so how did you add dhcp services to your fog server (a blank dhcp config file would do exactly what you are seeing. ISCDHCP listening but not responding to any requests)? Did you add dhcp services when you installed FOG? Did you add the isc-dhcp server after fog was installed from your repo?
So you’ll probably ask what goes in that file? Look at this example: https://wiki.fogproject.org/wiki/index.php/BIOS_and_UEFI_Co-Existence#Example_1 The dhcp pool will probably need to be updated to match the subnet of your dedicated imaging network.
-
@george1421 Hello thank you, For the fog setup I let dhcp service to be handled by fog. not sure why the dhcp config is empty.
Can add these details to the from the 2 screenshots to the dhcp config file?
-
@Enigma I would start with example #1 from that url. You will need to update the subnet, netmask range values so its appropriate for your isolated network. Anywhere you see the default 192.168.1.x you need to update so its appropriate for your imaging network.
-
@george1421 Ok thank you I updated the dhcp config from example 1 and now i’m seeing different results. Can i share a traffic cap?
-
@Enigma yes same method as before.
-
@Tom-Elliott said in Isolated Network Setup (Stuck in Start PXE over IPv4):
/etc/dhcpd.conf
I might be wrong here but from the top of my head I wouldn’t think that’s the right config file. Guess it is /etc/dhcp/dhcpd.conf though.
Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)
Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG
-
@george1421 Hello I’ve DM the traffic cap
-
@Sebastian-Roth Probably, yeah, sorry
-
@Enigma said in Isolated Network Setup (Stuck in Start PXE over IPv4):
Hello I’ve DM the traffic cap
Ok that is looking much better I now see the DORA process (Discover, Offer, Request, Ack). BUT there is something missing. When I look at the ethernet header I see the next server being 192.168.107.2 (hopefully is your fog server). The boot file is undionly.kpxe (this is good), but what is missing is the dhcp options 66 and 67. So that is telling me you are missing something in the config file. You are so close to having this work.
Could you post your complete dhcpd.conf config file?
-
@george1421 Hello
sure, here you go:
# # DHCP Server Configuration file. # see /usr/share/doc/dhcp*/dhcpd.conf.example # see dhcpd.conf(5) man page # option space PXE; option PXE.mtftp-ip code 1 = ip-address; option PXE.mtftp-cport code 2 = unsigned integer 16; option PXE.mtftp-sport code 3 = unsigned integer 16; option PXE.mtftp-tmout code 4 = unsigned integer 8; option PXE.mtftp-delay code 5 = unsigned integer 8; option arch code 93 = unsigned integer 16; # RFC4578 use-host-decl-names on; ddns-update-style interim; ignore client-updates; next-server 192.168.107.200; authoritative; subnet 192.168.107.0 netmask 255.255.255.0 { option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.107.10 192.168.107.254; default-lease-time 21600; max-lease-time 43200; option domain-name-servers 192.168.107.200; #option routers x.x.x.x; class "UEFI-32-1" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006"; filename "i386-efi/ipxe.efi"; } class "UEFI-32-2" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002"; filename "i386-efi/ipxe.efi"; } class "UEFI-64-1" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007"; filename "ipxe.efi"; } class "UEFI-64-2" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008"; filename "ipxe.efi"; } class "UEFI-64-3" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009"; filename "ipxe.efi"; } class "Legacy" { match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000"; filename "undionly.kkpxe"; } } -
Hello do i have the correct DHCP conf settings?
-
@george1421 Hello any ideas?
