UEFI is not booting with Windows DHCP
-
@cjiwonder said in UEFI is not booting with Windows DHCP:
Already secure boot is disabled.
sorry I missed that in your first post.
What error do you see? Is iPXE even trying to boot?
The difference between ipxe.efi and snp*.efi is in the network adapter. If iPXE boots but can’t find the network interface then you are not selecting the correct version of iPXE. But if iPXE never boots (what I suspect) then there is something wrong with the mechanics of getting the uefi boot file to the target computer. What error does the computer screen say? Something about “NBF”?
-
@george1421 PXE is not booting, could you pls help me to resolve this issue?
-
@cjiwonder said in UEFI is not booting with Windows DHCP:
PXE is not booting, could you pls help me to resolve this issue?
You really haven’t given me anything to help you other than it works for bios and not for uefi.
You have snp*.efi configured for dhcp option 67.
You haven’t provided any error message if there are any. No error messages is also a clue.
If the fog server and pxe booting computer are on the same ip subnet you can use this tutorial to capture the pxe booting process. This will tell us exactly what the target computer is being told through dhcp: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue
If your fog server and pxe booting computer are on different subnets, then you will need to load a computer with wireshark and use the capture filter of
port 67 or port 68to capture the dhcp process.Upload the pcap to the forum or a file share site that you can manage, and I will take a look at it.
I need more info to be able to help solve this issue.
-
@george1421 There is no error message, “>>Start PXE over IPv4” message and after a minute booting to HDD. Fog Server and PXE boot client are in the same VLAN but DHCP server is in a different VLAN. Tried with snponly.efi, intel.efi and pexe.efi but no luck. There is no issue with the DHCP IP release if I boot the PC in Windows, and there is no issue in booting with undionly.exe on the same PC. I am new to Wireshark, please guide me to run the capture filter. Thanks.
-
@cjiwonder If the fog server and pxe booting computer are on the same subnet then use the instructions in the link I previously provided to generate the pcap file. This will give you the entire pxe booting information and not just the dhcp part you would get from wireshark.
But to answer your wireshark question, when you first startup wireshark you will be prompted with this screen. In the using this filter section enter
port 67 or port 68and then double click on your ethernet adapter and the capture will start. With this filter you will only see the dhcp booting packets and not all of the network data packets.
Now pxe boot the target computer until you get the error. You should see at least 4 packets (Discover, Offer, Request, and Ack) this is the DORA process. The Discover and Request come from the target computer and Offer(s) and Ack from the DHCP server. The Offer packet tells the target computer which file to load from the tftp server. This same process is for both wireshark and tcpdump using the fog server. You can review the tcpdump output with wireshark if you want.
-
This post is deleted! -
@george1421 6768.pcap Attached capture filter for ports 67 and 68. 192.168.200.1 is the VLAN gateway.
-
@cjiwonder Well this is the strangest pcap that I’ve seen in a while. I finally found a uefi computer pxe booting at 8.3 seconds (you have a very active dhcp network). And the request is from 192.168.200.1.
Your dhcp server is telling the client to get ipxe.efi from 192.168.200.3. Is that your fog server? The dhcp transaction looks normal and from the dhcp side should work.
It looks like you used wireshark on the same subnet as your dhcp server? I would have expected to see broadcast messages from the pxe booting computers instead of unicast messages between the routers and dhcp server. That’s OK because we now know that the dhcp server is sending out the right boot file information (assuming that 200.3 is your fog server). If you would have used the tcpdump command from the fog server we could/should have see the target computer requesting the file to download. That would tell us if the file was actually being sent to the pxe booting computer. But from the dhcp side it looks good.
-
@george1421, could you please help me to resolve this issue? Any chance to help me by taking a remote session?
-
@cjiwonder It may help if you tell us what model of PC you’re trying to boot. There may be a BIOS setup option that needs adjustment.
For example, my Dell 3430s’ BIOS setup requires the following boot options:
General -> Boot Sequence: Onboard NIC(IPV4) (checkmark to enable)
General -> Boot Sequence: UEFI (checkmark to enable)
AND “Onboard NIC(IPV4)” must be the first device in the boot sequence listBut I must also have the following options in different menu set:
System Configuration -> IntegratedNIC: Enable UEFI Network Stack
System Configuration -> IntegratedNIC: Enabled w/PXE -
@cjiwonder said in UEFI is not booting with Windows DHCP:
@george1421 There is no error message, “>>Start PXE over IPv4” message and after a minute booting to HDD. Fog Server and PXE boot client are in the same VLAN but DHCP server is in a different VLAN. Tried with snponly.efi, intel.efi and pexe.efi but no luck. There is no issue with the DHCP IP release if I boot the PC in Windows, and there is no issue in booting with undionly.exe on the same PC. I am new to Wireshark, please guide me to run the capture filter. Thanks.
I just remembered that I had pretty much the same problem recently.
My problem was that the Ethernet link negotiation was taking too long on the Cisco 3850 switch I had the client connected to. The link negotiation took about 30 seconds and the IPXE wait for DHCP also took about 30 seconds, but always failed. This problem only happened for me when booting UEFI - worked fine booting BIOS / Legacy.
The solution for my case was to add this to the client port configuration on my Cisco switch:
spanning-tree portfast -
@RAThomas said in UEFI is not booting with Windows DHCP:
The solution for my case was to add this to the client port configuration on my Cisco switch:
Yep, if you are not using port-fast, fast-ftp, mstp, or rstp (or whatever your switch mfg calls it) standard spanning tree takes 27 seconds to start forwarding packets. This timer restarts every time the network link winks, like as the PC starts, iPXE starts up, and then FOS linux starts. FOS linux boots so fast (< 16 seconds), its already given up trying to get an IP address before the ports starts to forward traffic.
