UEFI PXE not booting
-
Hi all, FOG noob here - please excuse if this overlaps with any existing conversations.
Set up a FOG server (without DHCP) on an Ubuntu server virtual machine - through Hyper-V. Virtual switch set up as external and confirmed the web portal is accessible via my own PC.
I have a DrayTek Vigor 2927 working as my DHCP server, and have added the following options;
- option 66: ASCII: 192.168.19.26 (FOG Server)
- option 67: ASCII: ipxe.efi
From this point I’ve been trying to test the PXE boot functionality from a variety of PCs, some physical, others virtual (with the same virtual switch) to no avail. Client computers will only ever be UEFI based.
Running tcpdump on Ubuntu, I can see that the server is receiving requests from the client machine - but I suppose nothing is being sent back?
Additionally, i’ve used TFTP on a windows 11 vm to attempt to get the ipxe.efi file - which times out. Wireshark showed that it was receiving data packets back from the server, but would eventually time out after 8 or so attempts.
I can get some screenshots come monday, but any suggestions would be greatly appreciated. If some more details are needed, please do let me know.
Thanks in advnace!
-
@jack_darnellits said in UEFI PXE not booting:
Running tcpdump on Ubuntu, I can see that the server is receiving requests from the client machine - but I suppose nothing is being sent back?
If your fog server and dhcp server are on the same subnet then tcpdump on your fog server should see the offer packet from the dhcp server. Inspect the offer packet to make sure in the ethernet header both next-server and boot-file values are being set correctly, also look in the dhcp options and make sure that dhcp options 66 and 67 are set correctly. I’ve seen some soho routers always point to them selves as the boot server even if your configuration says something ekse.
Additionally, i’ve used TFTP on a windows 11 vm to attempt to get the ipxe.efi file - which times out. Wireshark showed that it was receiving data packets back from the server, but would eventually time out after 8 or so attempts.
for tftp to work from a windows computer, you need to temporarily disable the windows firewall then it should work. tftp is similar to ftp where there is a command channel and a data channel. The windows firewall will block one of the channels (can’t remember which ATM).
I can get some screenshots come monday, but any suggestions would be greatly appreciated. If some more details are needed, please do let me know.
I also have a tutorial on how to start debugging this: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue you can view the pcap in wireshark to make it easier to review than just a straight tcpdump.
-
@george1421 Thanks for the assistance! Greatly appreciated
Ran your tcpdump command to output the pcap file. Checked out in wireshark to read it - as suggested. As far as i’m aware, the DHCP server isn’t providing the options 66 and 67 for some reason - they’re just empty.
Confirmed both in the GUI and via Telnet that the options are set in the router, so not sure why they’re not being provided.
Furthermore, turned off windows firewall as suggested. tftp works perfectly fine then!
-
@george1421 Scratch that last bit!
Did a release / renew on the windows machine. Captured the bootp packets via wireshark.
Confirmed that both the tftp server option is set to 192.168.19.22, as well as the boot file as ipxe.efi.Thoughts?
-
@jack_darnellits ok looking at the first image you posted. I see that next-server and boot-file are not set in the ethernet header these are the bootp settings, where dhcp settings are option 66 and 67. Both groups of fields need to be set because its up to the pxe boot vendor which fields they will look at so both need to be set.
Also make sure you have only one offer packet from the expected dhcp server. If you are getting more than one offer packet that means you have multiple dhcp servers responding to the dhcp DISCOVER packet.
-
We currently aren’t getting an offer packet at all! I’ve triple checked the router settings and can confirm they’re correctly set for 66 and 67.
The only viewable packets are DHCP discover.
-
@jack_darnellits Are you able to get IP addresses on vlan 1? If yes then dhcp is working. Your dhcp server may be doing a directed broadcast (not common) its kind of like a unicast message directly between the dhcp server and target computer. Normally dhcp servers use broadcast messages which can be detected by a monitoring computer running tcpdump/wireshark.
You may have to put the pxe booting computer on a mirrored port to see this communications.
Or as an alternative use / install dnsmasq on your fog server to give pxe booting information (only) to the computers. https://forums.fogproject.org/topic/12796/installing-dnsmasq-on-your-fog-server
We will typically recommend dnsmasq when you have an uneditable dhcp server or a soho router/dhcp server that will not play nice.
-
I’ve reinstalled FOG, using the in-built DHCP server instead of the router.
Worked perfectly first time, after setting the router as a relay instead.Thank you very much for all your help!