New FOG setup, TFTP timeout-PXE-E32
-
[quote=“Uncle Frank, post: 41961, member: 28116”]TFTP configuration is under /etc/default/tftp-hpa (maybe a little different on Ubuntu but should still be in that directory!):
[CODE]# /etc/default/tftpd-hpaFOG Modified version
TFTP_USERNAME=“root”
TFTP_DIRECTORY=“/tftpboot”
TFTP_ADDRESS=“0.0.0.0:69”
TFTP_OPTIONS=“-s”[/CODE]
Maybe firewall rules prevent you from connecting via TFTP from the outside?! Please post the output of the following command run on the FOG server:
[CODE]iptables -L -n -v[/CODE][/quote]Yes, the /tftpd-hpa file looked exactly like that, in the same path.
Here is the output…Thank you for your help!Chain INPUT (policy ACCEPT 714K packets, 82M bytes)
pkts bytes target prot opt in out source destinationChain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destinationChain OUTPUT (policy ACCEPT 27794 packets, 4641K bytes)
pkts bytes target prot opt in out source destination -
[quote=“Wolfbane8653, post: 41984, member: 3362”]Please try the information in this wiki.
[url]http://fogproject.org/wiki/index.php/Tftp_timeout[/url]…[/quote]Thank you, I have followed this guide and everything seems to be working with the exception of being able to “get undionly.kpxe” from a workstation (on the server it works.)
-
so you are getting Failed and not “Received XXXX bytes in X.X seconds…” on the client.
I know this is for debian but you showed that iptables were installed so please run the following on the server and rerun the tftp tests on the client.
[CODE]iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT[/CODE] -
[quote=“haste347, post: 41990, member: 28447”]Thank you, I have followed this guide and everything seems to be working with the exception of being able to “get undionly.kpxe” from a workstation (on the server it works.)[/quote]
When you say workstation, you mean a windows machine in the same network as the FOG server? If your DHCP options are correct, you should at least get some kind of out put.
I highly recommend DNSMASQ. It seems that you are having difficulty resolving your bootfile name.
-
Jaymes, thank you, I will give that a try if there isn’t something obvious I have simply overlooked in my config causing the issue.
My environment is an interesting mix, for sure. I would not be surprised if it is causing the issue as well.
-
[quote=“Wolfbane8653, post: 41991, member: 3362”]so you are getting Failed and not “Received XXXX bytes in X.X seconds…” on the client.
I know this is for debian but you showed that iptables were installed so please run the following on the server and rerun the tftp tests on the client.
[CODE]iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT[/CODE][/quote]Done, still the same outcome. Thank you.
-
[code]sudo ufw disable[/code]
-
[quote=“Jaymes Driver, post: 41993, member: 3582”]When you say workstation, you mean a windows machine in the same network as the FOG server? If your DHCP options are correct, you should at least get some kind of out put.
I highly recommend DNSMASQ. It seems that you are having difficulty resolving your bootfile name.
Alright, I followed this setup and I am now getting through. However, I am unclear what the instructions meant by “update the schema…” for the iPXE boot.
When I PXE boot from a workstation, I choose “boot to network”, which then gets me to the attached screen/error.
Would you enlighten me further, please? I’d hate to mess something up when the resolution seems so close!
Thank you again for all your help!
[url=“/_imported_xf_attachments/1/1674_IMAG2049.jpg?:”]IMAG2049.jpg[/url]
-
When you navigate to the web GUI for the FOG server, if you haven’t done so already, it will ask you to update the schema.
This will allow the database to be initialized and set up properly for your version of FOG.
If you have already completed the schema update (required after installation of FOG) then it will not be necessary to complete the action again.
It appears as if it did not receive the file in time. Are you able to now use the tftp get command on a windows workstation?
-
Oh, ok…Yes, I have already initialized the database when it asked.
I am not able to ‘get’ from a workstation, still.
-
Is your TFTP server really running and listening on the FOG server?
[CODE]netstat -antup | grep “:69”
udp 0 0 0.0.0.0:69 0.0.0.0:* 10149/in.tftpd[/CODE]If yes there probably is another firewall is involved. Any router/firewall/layer-3 switch between client and FOG server??? How are client and FOG server connected?
-
have you tried Tom’s suggestion? [CODE]sudo ufw disable[/CODE]
-
[quote=“haste347, post: 41989, member: 28447”]
Chain INPUT (policy ACCEPT 714K packets, 82M bytes)
pkts bytes target prot opt in out source destinationChain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destinationChain OUTPUT (policy ACCEPT 27794 packets, 4641K bytes)
pkts bytes target prot opt in out source destination[/quote]No iptables rules loaded and default policies set to ACCEPT. I doubt that a local firewall could be the issue.
-
didn’t see that, i’m guessing it’s a switch issue than
-
[quote=“Junkhacker, post: 42061, member: 21583”]didn’t see that, i’m guessing it’s a switch issue than[/quote]
Possibly along the lines of [url]http://fogproject.org/wiki/index.php/IPXE#What_do_I_enable_and_disable.3F[/url]
-
[quote=“Junkhacker, post: 42057, member: 21583”]have you tried Tom’s suggestion? [CODE]sudo ufw disable[/CODE][/quote]
Yes, disabling the firewall was one of the steps in the config.
I’ve got it connected through an un-managed switch for the “imaging bench” (server resides in the same room for now), which connects to the rest of the network/servers through a layer 3 switch.
I read somewhere that some switches will only pass a file with a “.0” at the end…I am wondering if that might be the case here…Any thoughts on that?
-
that’s one of the reasons Jaymes recommends DNSMASQ, i believe there are instructions on the wiki for that scenario
-
I’ve not heard about switches only passing files matching any sort of pattern (e.g. “*.0”) but you can still give it a try by renaming or linking ‘undionly.kpxe’ to ‘pxelinux.0’ (very common name).
But I have heard about layer 3 switches doing some kind of magic like not forwarding but only relaying DHCP offers…
-
Jaymes can correct me if i’m getting this wrong, but i believe he had a packet capture that showed switches changing the requested file from undionly.kpxe to undionly.0
to fix the issue, he created a symbolic link between the actual file and the requested file
ln -s /tftpboot/undionly.kpxe [FONT=Tahoma]/tftpboot/undionly.0[/FONT] -
[quote=“Junkhacker, post: 42074, member: 21583”]Jaymes can correct me if i’m getting this wrong, but i believe he had a packet capture that showed switches changing the requested file from undionly.kpxe to undionly.0
to fix the issue, he created a symbolic link between the actual file and the requested file
ln -s /tftpboot/undionly.kpxe [FONT=Tahoma]/tftpboot/undionly.0[/FONT][/quote]It is a native function of dnsmasq, not sure why, but it does append the .0 to the file name, not the switches. Just to clarify.
But the resolution was to symlink undionly.kpxe to undionly.0
and it IS part of the installation instructions on the wiki for using DNSMASQ with iPXE.
I have only tried DNSMASQ setup on Novell Netware 6.5 and a simple home network with a linksys router, I don’t have experience in other network environments.
