Setting up FOG 1.2.0 in Multiple VLANs
-
You guys were right! I’m booting into PXE and can see the FOG menu now! Ah I’m so excited
[IMG]http://i.imgur.com/l32robu.png[/IMG]Yep… didn’t know you could configure options for individual scopes. Today I learned.
I’m going to try to import all of my FOG 0.32 Host info and images now and see where I stand then. Thank you guys so much for helping me out - I would’ve never figured it out without the assistance.
-
[B]UPDATE: [/B]
I was receiving [QUOTE]FATAL: INT18: BOOT FAILURE[/QUOTE] message when selecting [I]Boot to Disk[/I], resolved it by updating to the latest Published Kernel (x64) -
Well now that I’ve actually had the chance to venture out to the workstations on the other VLANs I noticed all of them are booting to PXE but once the FOG Menu is suppose to appear it errors out and reboots immediately. The error message flashes too quickly for me to tell what the problem was. It boots to the FOG menu fine if the workstation is located within the High School VLAN scope ([B]10.52.4-5.x[/B])
I’m going to assume it’s FOG’s [B]TFTP[/B] IP ([B]10.52.4.23[/B]) in FOG Settings > TFTP Server. The workstations on the [B]other[/B] VLANs cannot communicate with that IP because it is a High School VLAN IP.
[IMG]http://i.imgur.com/7nlVWb7.png[/IMG]I may try manually changing FOG’s TFTP IP (FOG Settings > TFTP Server)to the FOG IP relevant to that specific VLAN to see if it will work - worse case, I guess, would be having to do that each time you want to use FOG on another VLAN
-
On each of your switches, I’m going to guess that you’ve got STP (Spanning Tree Protocol) enabled? Can you enable Portfast or Rapid STP?
-
[quote=“Tom Elliott, post: 36343, member: 7271”]On each of your switches, I’m going to guess that you’ve got STP (Spanning Tree Protocol) enabled? Can you enable Portfast or Rapid STP?[/quote]
I will check on this as soon as I get credentials for the switches. We outsourced the VLAN configuration and never got the credentials.
Will update soon.
-
Okay I’ve obtained the credentials and have access via telnet and web interface. Haven’t tried console.
Questions before I start configuring the switches:
[LIST]
[]STP is enabled. Does it need to be disabled or just enable Portfast or Rapid STP alongside it?
[]Can this be done on just one of the end switches (like a lab switch) to see if it fixes the problem or does it have to be enabled on every switch in the network for it to have any effect?
[]Should this be done after hours or do you think it can safely be done during the work day to avoid a lot of downtime for end-users?
[]Do you have a link to a tutorial/thread explaining how to do this with Cisco switches? Thought I’d ask.
[/LIST]
Thanks! -
STP, I’m assuming is enabled for a reason, so if you can I’d recommend start by enabling Portfast/Rapid STP if you can. If you cannot, see about disabling stp throughout if you can.
You can do it, for testing, on a switch at a time, so yes, you can “test” by enabling/disabling as needed to a known problem area.
I don’t know how your switches react, so I’d say, just for performance, if you can test it after hours.
I don’t have a tutorial, I’m sorry.
-
i seem to recall someone having a short writeup about cisco switch configuration on the forums, or at least a link to one. some forum searching might yield useful results
-
[quote=“Junkhacker, post: 36537, member: 21583”]i seem to recall someone having a short writeup about cisco switch configuration on the forums, or at least a link to one. some forum searching might yield useful results[/quote]
I found it. Jaymes wrote one. Thanks[url]http://fogproject.org/forum/threads/cisco-ws-c2960s-not-passing-pxe-or-proxydhcp.9916/[/url]
[quote=“Tom Elliott, post: 36535, member: 7271”]STP, I’m assuming is enabled for a reason, so if you can I’d recommend start by enabling Portfast/Rapid STP if you can. If you cannot, see about disabling stp throughout if you can.
You can do it, for testing, on a switch at a time, so yes, you can “test” by enabling/disabling as needed to a known problem area.
I don’t know how your switches react, so I’d say, just for performance, if you can test it after hours.
I don’t have a tutorial, I’m sorry.[/quote]
Okay, I’ve enabled PortFast on all of the workstation interfaces (and on also on FOG Server switch port) and I’ve changed the Switch Mode from PVST to Rapid-PVST on both the FOG server switch & workstation switch with the same outcome. It doesn’t seem to make a difference. Connection timeout when it tries to load /default.ipxe
However, it [B]DOES[/B] work on workstations connected to the same switch as the FOG Server.
NOTE: I haven’t rebooted the switches since I’ve made those changes. Would that make a difference maybe?
Any suggestions?
-
This is some of the output of ‘show running-config’ command on the FOG server switch.
Interface GigabitEthernet1/0/16 is the FOG Server
[CODE]system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending!
interface GigabitEthernet1/0/16
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast trunk
[/CODE] -
[url]http://www.fogproject.org/wiki/index.php/Chainloading_PXE_to_iPXE_using_pxelinux.0[/url]
Followed that guide and I can get to the menu from at least one VLAN now (I will check the others soon).
Only different thing I did from the guide is use FOG’s hostname instead of IP - works fine.
[CODE]DEFAULT vesamenu.c32
MENU TITLE Fog Reimage Menu
MENU COLOR TITLE 1;36;44 #ffffffff #00000000 std
LABEL iPXE Boot
MENU DEFAULT
KERNEL ipxe.krn
APPEND dhcp && chain http://fogserver/fog/service/ipxe/boot.php?mac=${net0/mac}
PROMPT 0
TIMEOUT 1[/CODE]Hope it images okay tho. One step at a time! I’ll report back.
-
Meh… doesn’t work in the other VLANs lol. [I]clenches fists[/I]
-
I’m going to take a step back and make sure I have my router configured properly.
[QUOTE][I]Tom Wrote[/I]: We have 12 separate VLANs in our organization. All have their own Gateway’s that lead back to our routing switch. Our routing switch has an ip-helper setting back to our central DHCP server for their related Gateway. This way there’s still a gate to communicate across, and the routing switch has all the routes configured to allow pass of traffic from one subnet to another.[/QUOTE]
I’m researching how to configure our FortiGate router to make FOG’s IP visible across all VLANs. If anyone knows how I should setup the FortiGate so the VLANs can communicate with the FOG Server’s IP I’d appreciate it. My network engineering experience is limited.
-
does this help any? [url]http://fogproject.org/forum/threads/multicasting-over-vlans-get-stuck-at-please-wait.5436/#post-14158[/url]
Sorry I don’t know anything about fortigate
-
Reading the wiki on setting up DNSMasq to try. Will report back.
Still would like to know how to setup an ip-helper setting on a FortiGate router if anyone knows.
-
[quote=“Jaymes Driver, post: 37013, member: 3582”]does this help any? [url]http://fogproject.org/forum/threads/multicasting-over-vlans-get-stuck-at-please-wait.5436/#post-14158[/url]
Sorry I don’t know anything about fortigate :([/quote]
I’ll check it out and try that; however, multicasting isn’t the main problem right now. It’s just being able to use FOG across all VLANs. I can’t even PXE boot from another VLAN - only the VLAN that the FOG server is located.
-
I mistyped on previous post.
It will boot to the fogserver’s PXE (not the FOG menu) - it will timeout when default.ipxe is trying to load.
Chainloading solved the issue but only for the VLAN FOG is on.
-
here’s something for you to try
[CODE]chain http://10.52.4.23/fog/service/ipxe/boot.php?mac=${net0/mac} || chain http://10.52.8.23/fog/service/ipxe/boot.php?mac=${net0/mac} || chain http://10.52.1.23/fog/service/ipxe/boot.php?mac=${net0/mac} || etc[/CODE]
on each failure, it will try the next chain command -
Nice hack! It almost worked.
While I was testing it on another VLAN from the FOG server it did as you said and went down the list trying the different IP’s; however, when it finally got to the right VLAN IP and wanted to download bg.png it failed because it was trying to download it from FOG’s native IP (10.52.4.23). I say “native” because that’s the IP that’s setup in FOG’s settings because I had no choice as I couldn’t add FOG’s hostname instead.
I was in the Elementary 10.52.[B]16[/B] vlan
[QUOTE][url]http://10.52[/url].[B]4[/B].23/fog/service/ipxe/bg.png… Connection timeout[/QUOTE] -
[quote=“Jaymes Driver, post: 37013, member: 3582”]does this help any? [url]http://fogproject.org/forum/threads/multicasting-over-vlans-get-stuck-at-please-wait.5436/#post-14158[/url]
Sorry I don’t know anything about fortigate :([/quote]
I read on another thread that you use the DNSMASQ technique for FOG - I followed the wiki guide and set it up here as well. I’ve set the ip-helper/dhcp relay up to point back to the FOG server; however, it still cannot boot to the FOG menu because everytime iPXE loads it tries to pull the boot.php file from the wrong IP (much like the above result).
Should the dhcp-relay/ip-helper be different on each VLAN (I’m using FOG’s respective VLAN IP)
Any ideas?
