New FOG setup, TFTP timeout-PXE-E32
-
Greetings, I have setup FOG 1.2 on Ubuntu 14.04 on a dedicated “server”. I get a PXE-E32 TFTP open timeout error when attempting to PXE boot a workstation. I followed the fog wiki on the config.
I can ping the server, and can “get undionly.kpxe” on the server, but not on a workstation.
I have followed several checklists, but cannot figure out what about the config won’t allow the tftp connection.
Any suggestions on what to check/try next?
Any help is greatly appreciated!!!
-
TFTP configuration is under /etc/default/tftp-hpa (maybe a little different on Ubuntu but should still be in that directory!):
[CODE]# /etc/default/tftpd-hpaFOG Modified version
TFTP_USERNAME=“root”
TFTP_DIRECTORY=“/tftpboot”
TFTP_ADDRESS=“0.0.0.0:69”
TFTP_OPTIONS=“-s”[/CODE]
Maybe firewall rules prevent you from connecting via TFTP from the outside?! Please post the output of the following command run on the FOG server:
[CODE]iptables -L -n -v[/CODE] -
Please try the information in this wiki.
[url]http://fogproject.org/wiki/index.php/Tftp_timeout[/url]… -
If the information that you have entered into your DHCP scope is correct, and you are still unable to complete a PXE boot, I recommend using DNSMASQ to proxy boot your clients in PXE. This will help to resolve to your tftp server and it’s bootfile.
Sometimes the information in the DHCP scope is correct and you can not PXE boot, this can be a cause by a number of variables in your environment ranging from Servers, Switch Gear, VoIP systems, etc. In my environment, the cause is the environment and the size of the bootfile name. I had to use DNSMASQ to help my clients to resolve to my bootfile and server properly.
-
[quote=“Uncle Frank, post: 41961, member: 28116”]TFTP configuration is under /etc/default/tftp-hpa (maybe a little different on Ubuntu but should still be in that directory!):
[CODE]# /etc/default/tftpd-hpaFOG Modified version
TFTP_USERNAME=“root”
TFTP_DIRECTORY=“/tftpboot”
TFTP_ADDRESS=“0.0.0.0:69”
TFTP_OPTIONS=“-s”[/CODE]
Maybe firewall rules prevent you from connecting via TFTP from the outside?! Please post the output of the following command run on the FOG server:
[CODE]iptables -L -n -v[/CODE][/quote]Yes, the /tftpd-hpa file looked exactly like that, in the same path.
Here is the output…Thank you for your help!Chain INPUT (policy ACCEPT 714K packets, 82M bytes)
pkts bytes target prot opt in out source destinationChain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destinationChain OUTPUT (policy ACCEPT 27794 packets, 4641K bytes)
pkts bytes target prot opt in out source destination -
[quote=“Wolfbane8653, post: 41984, member: 3362”]Please try the information in this wiki.
[url]http://fogproject.org/wiki/index.php/Tftp_timeout[/url]…[/quote]Thank you, I have followed this guide and everything seems to be working with the exception of being able to “get undionly.kpxe” from a workstation (on the server it works.)
-
so you are getting Failed and not “Received XXXX bytes in X.X seconds…” on the client.
I know this is for debian but you showed that iptables were installed so please run the following on the server and rerun the tftp tests on the client.
[CODE]iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT[/CODE] -
[quote=“haste347, post: 41990, member: 28447”]Thank you, I have followed this guide and everything seems to be working with the exception of being able to “get undionly.kpxe” from a workstation (on the server it works.)[/quote]
When you say workstation, you mean a windows machine in the same network as the FOG server? If your DHCP options are correct, you should at least get some kind of out put.
I highly recommend DNSMASQ. It seems that you are having difficulty resolving your bootfile name.
-
Jaymes, thank you, I will give that a try if there isn’t something obvious I have simply overlooked in my config causing the issue.
My environment is an interesting mix, for sure. I would not be surprised if it is causing the issue as well.
-
[quote=“Wolfbane8653, post: 41991, member: 3362”]so you are getting Failed and not “Received XXXX bytes in X.X seconds…” on the client.
I know this is for debian but you showed that iptables were installed so please run the following on the server and rerun the tftp tests on the client.
[CODE]iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT[/CODE][/quote]Done, still the same outcome. Thank you.
-
[code]sudo ufw disable[/code]
-
[quote=“Jaymes Driver, post: 41993, member: 3582”]When you say workstation, you mean a windows machine in the same network as the FOG server? If your DHCP options are correct, you should at least get some kind of out put.
I highly recommend DNSMASQ. It seems that you are having difficulty resolving your bootfile name.
Alright, I followed this setup and I am now getting through. However, I am unclear what the instructions meant by “update the schema…” for the iPXE boot.
When I PXE boot from a workstation, I choose “boot to network”, which then gets me to the attached screen/error.
Would you enlighten me further, please? I’d hate to mess something up when the resolution seems so close!
Thank you again for all your help!
[url=“/_imported_xf_attachments/1/1674_IMAG2049.jpg?:”]IMAG2049.jpg[/url]
-
When you navigate to the web GUI for the FOG server, if you haven’t done so already, it will ask you to update the schema.
This will allow the database to be initialized and set up properly for your version of FOG.
If you have already completed the schema update (required after installation of FOG) then it will not be necessary to complete the action again.
It appears as if it did not receive the file in time. Are you able to now use the tftp get command on a windows workstation?
-
Oh, ok…Yes, I have already initialized the database when it asked.
I am not able to ‘get’ from a workstation, still.
-
Is your TFTP server really running and listening on the FOG server?
[CODE]netstat -antup | grep “:69”
udp 0 0 0.0.0.0:69 0.0.0.0:* 10149/in.tftpd[/CODE]If yes there probably is another firewall is involved. Any router/firewall/layer-3 switch between client and FOG server??? How are client and FOG server connected?
-
have you tried Tom’s suggestion? [CODE]sudo ufw disable[/CODE]
-
[quote=“haste347, post: 41989, member: 28447”]
Chain INPUT (policy ACCEPT 714K packets, 82M bytes)
pkts bytes target prot opt in out source destinationChain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destinationChain OUTPUT (policy ACCEPT 27794 packets, 4641K bytes)
pkts bytes target prot opt in out source destination[/quote]No iptables rules loaded and default policies set to ACCEPT. I doubt that a local firewall could be the issue.
-
didn’t see that, i’m guessing it’s a switch issue than
-
[quote=“Junkhacker, post: 42061, member: 21583”]didn’t see that, i’m guessing it’s a switch issue than[/quote]
Possibly along the lines of [url]http://fogproject.org/wiki/index.php/IPXE#What_do_I_enable_and_disable.3F[/url]
-
[quote=“Junkhacker, post: 42057, member: 21583”]have you tried Tom’s suggestion? [CODE]sudo ufw disable[/CODE][/quote]
Yes, disabling the firewall was one of the steps in the config.
I’ve got it connected through an un-managed switch for the “imaging bench” (server resides in the same room for now), which connects to the rest of the network/servers through a layer 3 switch.
I read somewhere that some switches will only pass a file with a “.0” at the end…I am wondering if that might be the case here…Any thoughts on that?
