PXE-M0F: Exiting Broadcom PXE ROM.
-
Built a FOG server at home, using dnsmasq, having the blues with it.
I can’t get the target computer to network boot…
Fedora 21 server - fully updated as of yesterday.
FOG - r3224Target machine: Optiplex 745 This is listed in working hardware with undionly.kpxe
[CODE][root@localhost trunk]# ps -Af | grep tftp
root 13942 9516 0 20:45 pts/0 00:00:00 grep --color=auto tftp
[root@localhost trunk]#
[/CODE]
[CODE][root@localhost ~]# service dnsmasq status -l
Redirecting to /bin/systemctl status -l dnsmasq.service
● dnsmasq.service - DNS caching server.
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled)
Active: active (running) since Tue 2015-04-07 20:54:05 CDT; 52s ago
Main PID: 15967 (dnsmasq)
CGroup: /system.slice/dnsmasq.service
└─15967 /usr/sbin/dnsmasq -k
Apr 07 20:54:42 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 tags: enp2s0
Apr 07 20:54:42 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 bootfile name: undionly.kpxe
Apr 07 20:54:42 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 broadcast response
Apr 07 20:54:42 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 sent size: 1 option: 53 message-type 2
Apr 07 20:54:42 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 sent size: 4 option: 54 server-identifier 10.0.0.3
Apr 07 20:54:42 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 sent size: 9 option: 60 vendor-class 50:58:45:43:6c:69:65:6e:74
Apr 07 20:54:42 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 sent size: 17 option: 97 client-machine-id 00:44:45:4c:4c:46:00:10:4c:80:52:b2:c0:4f…
Apr 07 20:54:42 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 sent size: 97 option: 43 vendor-encap 06:01:03:09:3f:00:00:20:e2:80:9c:42:6f:6f…
Apr 07 20:54:47 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 available DHCP subnet: 10.0.0.3/255.255.255.0
Apr 07 20:54:47 localhost.localdomain dnsmasq-dhcp[15967]: 2712157279 vendor class: PXEClient:Arch:00000:UNDI:002001[/CODE]
Also, I can use tftp to get files from /tftpboot (some may find this example very funny)
[CODE][root@localhost log]# cp /var/log/foginstall.log /tftpboot
[root@localhost log]# exit
logout
Connection to 10.0.0.3 closed.
[administrator@D620 ~]$ tftp
(to) 10.0.0.3
tftp> get foginstall.log
tftp> quit
[administrator@D620 ~]$ ls
Desktop Downloads MEGAsync Pictures Templates xpshare
Documents foginstall.log Music Public Videos
[administrator@D620 ~]$ [/CODE]And, the foginstall.log that I grabbed is attached.
Here is /etc/dnsmasq.d/ltsp.conf
[CODE]port=0
log-dhcp
tftp-root=/tftpboot
dhcp-boot=undionly.kpxe
dhcp-option=17,/images
dhcp-option=vendor:PXEClient,6,2b
dhcp-no-override
pxe-prompt=“Press F8 for boot menu”, 3
pxe-service=X86PC, “Boot from network” undionly
pxe-service=X86PC, “Boot from local hard disk”, 0
dhcp-range=10.0.0.3,proxy
dhcp-option=66,“10.0.0.3”[/CODE]
Firewall and selinux:
[CODE][root@localhost ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
Active: inactive (dead)
[root@localhost ~]# sestatus
SELinux status: disabled
[root@localhost ~]# [/CODE]
/tftpboot permissions
[CODE][root@localhost ~]# ls -la /tftpboot
total 3040
drwxrwxrwx 3 fog root 4096 Apr 7 20:47 .
dr-xr-xr-x. 21 root root 4096 Apr 7 19:59 …
-rwxrwxrwx 1 fog root 840 Apr 7 19:59 boot.txt
-rwxrwxrwx 1 root root 397 Apr 7 19:59 default.ipxe
-rw-r–r-- 1 root root 7129 Apr 7 20:47 foginstall.log
drwxrwxrwx 2 fog root 4096 Apr 7 19:59 i386-efi
-rwxrwxrwx 1 fog root 906560 Apr 7 19:59 ipxe.efi
-rwxrwxrwx 1 fog root 337051 Apr 7 19:59 ipxe.kkpxe
-rwxrwxrwx 1 fog root 337099 Apr 7 19:59 ipxe.kpxe
-rwxrwxrwx 1 fog root 336613 Apr 7 19:59 ipxe.krn
-rwxrwxrwx 1 fog root 337291 Apr 7 19:59 ipxe.pxe
-rwxrwxrwx 1 fog root 25340 Apr 7 19:59 memdisk
-rwxrwxrwx 1 fog root 16794 Apr 7 19:59 pxelinux.0.old
-rwxrwxrwx 1 fog root 169088 Apr 7 19:59 snp.efi
-rwxrwxrwx 1 fog root 169280 Apr 7 19:59 snponly.efi
-rwxrwxrwx 1 fog root 88724 Apr 7 19:59 undionly.kkpxe
-rwxrwxrwx 1 fog root 88772 Apr 7 19:59 undionly.kpxe
-rwxrwxrwx 1 fog root 88816 Apr 7 19:59 undionly.pxe
-rwxrwxrwx 1 fog root 147728 Apr 7 19:59 vesamenu.c32[/CODE]
Here’s a video of what it does: [media=youtube]9hwZpqPpYNQ[/media]Here’s a screenshot of the Web GUI’s TFTP settings:
[IMG]http://s8.postimg.org/64q2abs5x/Screenshot_from_2015_04_07_21_13_53.png[/IMG]
Not sure where I’m going wrong with this… help would be very appreciated.[url=“/_imported_xf_attachments/1/1851_foginstall.log.zip?:”]foginstall.log.zip[/url]
-
To me, this looks like it doesn’t even recognize that a network cable is plugged in as it’s not even attempting to load to undionly files. this is not to say it’s directly a problem with the file, but I’d start here. It seems, to me, that the cable may have some issue, and the only reason you’re not seeing it when it gets to DHCP for PXE is because ProxyDHCP is responding with just enough for the nic to be able to pick up an IP address.
Can you boot the system fully and attempt running the windows tftp -c command line to get the undionly file?
Have you ensured your system has the undionly.0 file as you’re using proxy dhcp?
-
Please try tcpdump on the FOG server:
[CODE]sudo tcpdump -i eth0 -w issue.pcap udp[/CODE]
Upload the dump file or take a look at it yourself using wireshark!
-
I booted the machine up fully and used the command prompt to grab the file.
[CODE]C:\Documents and Settings\Administrator>ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 10.0.0.15 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.0.0.1Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 10.198.1.6 Subnet Mask . . . . . . . . . . . : 255.255.255.252 Default Gateway . . . . . . . . . : 10.198.1.5C:\Documents and Settings\Administrator>tftp 10.0.0.3 get undionly.kpxe c:\undio
nly.kpxe
Transfer successful: 89460 bytes in 1 second, 89460 bytes/sC:\Documents and Settings\Administrator>cd c:\
C:>dir
Volume in drive C has no label.
Volume Serial Number is FC56-C26EDirectory of C:\
04/03/2015 01:26 AM 0 AUTOEXEC.BAT
04/03/2015 01:26 AM 0 CONFIG.SYS
04/04/2015 02:23 AM <DIR> dell
04/03/2015 01:28 AM <DIR> Documents and Settings
04/03/2015 01:23 AM <DIR> Inetpub
04/04/2015 02:25 AM <DIR> Intel
04/03/2015 10:24 PM <DIR> Program Files
04/08/2015 04:37 PM 89,114 undionly.kpxe
04/03/2015 10:33 PM <DIR> WINDOWS
3 File(s) 89,114 bytes
6 Dir(s) 61,086,072,832 bytes freeC:>[/CODE]
undionly.0 is also present.
[CODE][root@localhost tftpboot]# ls
boot.txt ipxe.efi ipxe.pxe snponly.efi undionly.pxe
default.ipxe ipxe.kkpxe memdisk undionly.0 vesamenu.c32
foginstall.log ipxe.kpxe pxelinux.0.old undionly.kkpxe
i386-efi ipxe.krn snp.efi undionly.kpxe
[root@localhost tftpboot]# [/CODE]I’m going to do a TCP dump as Uncle Frank suggested… It should shed some light on what’s happening…
Oh, and so you guys don’t freak, it only has 1 NIC. The second one listed there in IPCONFIG is a virtual adapter for my encrypted VPN service. It has zero bearing on net-booting, as it’s virtual and part of the OS.
-
Can you post the ltsp.conf file?
-
Nevermind you already did. Remove the dhcp-option=66,blahblah
-
Removed the dhcp option 66 and restarted dnsmasq… still no luck…
-
I started the below command, booted the target computer, waited till it failed and started booting windows, then killed the command. Says 5 packets were captured.
I’ve got the feeling that 5 packets doesn’t cut it…
[CODE][root@localhost ~]# sudo tcpdump -i enp2s0 -w issue.pcap udp
tcpdump: listening on enp2s0, link-type EN10MB (Ethernet), capture size 262144 bytes
stop
^C5 packets captured
5 packets received by filter
0 packets dropped by kernel
[root@localhost ~]# [/CODE]Think it has anything to do with the adapter name? It’s very unusual… enp2s0
Packet capture file is attached.
EDIT: getting wireshark now…
[url=“/_imported_xf_attachments/1/1853_issue.pcap.zip?:”]issue.pcap.zip[/url]
-
According to Wireshark, my FOG server’s dnsmasq service only sends out one packet…
[IMG]http://s29.postimg.org/56b9s2qp3/Screenshot_from_2015_04_08_17_30_15.png[/IMG]
-
In the ltsp.conf file,
I am eyeballing this line:
[CODE]dhcp-option=vendor:PXEClient,6,2b[/CODE]
I don’t think it’s right… How can I bypass it so that it just gives undionly.kpxe to everything?
-
DHCP offers are both missing ‘next-server’… but your FOG server 10.0.0.3 should provide this information! I think you kind of mis-configured dnsmasq a little.
[CODE]dhcp-boot=undionly.kpxe,10.0.0.3[/CODE]
and completely remove the dhcp-option 66 line… -
Still no change, but there was a change in traffic. tcpdump said 13 or so packets were captured, but the filter only stored 5 of them. I’ve also reboot the FOG server too, and tried again.
New ltsp.conf file:
[CODE]port=0
log-dhcp
tftp-root=/tftpboot
dhcp-boot=undionly.kpxe,10.0.0.3
dhcp-option=17,/images
dhcp-option=vendor:PXEClient,6,2b
dhcp-no-override
pxe-prompt=“Press F8 for boot menu”, 3
pxe-service=X86PC, “Boot from network” undionly
pxe-service=X86PC, “Boot from local hard disk”, 0
dhcp-range=10.0.0.3,proxy[/CODE][url=“/_imported_xf_attachments/1/1854_issue.pcap.zip?:”]issue.pcap.zip[/url]
-
Because the boot file is undionly.kkpxe I believe you need to also have undionly.kkpxe.0 in the tftpboot folder.
-
[quote=“Tom Elliott, post: 45204, member: 7271”]Because the boot file is undionly.kkpxe I believe you need to also have undionly.kkpxe.0 in the tftpboot folder.[/quote]
undionly.kkpxe.0 ?? or cp undionly.kkpxe undionly.0 ?
I thought I was using undionly.[B][U]kpxe[/U][/B] ? -
[quote=“Wayne Workman, post: 45215, member: 28155”]undionly.kkpxe.0 ?? or cp undionly.kkpxe undionly.0 ?
I thought I was using undionly.[B][U]kpxe[/U][/B] ?[/quote]Dnsmasq adds a .0 to the file name, I never really understood why, but adding a symlink for undionly.0 seems to resolve the issue for using DNSMASQ.
This is explained in the documentation on the dnsmasq set up page.
[quote]
Make a symlink for the undionly.kpxe file so dnsmasq can find it.
[code]cd /tftpboot
sudo ln -s undionly.kpxe undionly.0[/code]
source:[url]http://fogproject.org/wiki/index.php/Using_FOG_with_an_unmodifiable_DHCP_server/_Using_FOG_with_no_DHCP_server#DNSMASQ_settings_for_iPXE[/url]
[/quote]of course you don’t have to use the Undionly.kpxe file, you can use Ipxe.kpxe or any of the variants, but you still need to include a symlink for the .0
I noticed this when we moved from pxelinux.0 (look there’s that .0 again!!!) to the Undionly.kpxe platform for iPXE in 0.33b. I could not get my boot file on my machine during pxe boot, in doing some research (I believe I found the information in wireshark) I found that the machines were looking for Undionly.0 instead of Undionly.kpxe.
I added a symlink for udionly.kpxe to undionly.0 and the problem resolved itself.
I started by using the pxelinux.0 to chainload the undionly.kpxe file until I understood the .0 being appended to the file name.
The Thread where I discuss this issue and my notes on resolution can be found here:[url]http://fogproject.org/forum/threads/dnsmasq-help-for-ipxe-stuff.10222/[/url] -
Try changing this:
[code]port=0
log-dhcp
tftp-root=/tftpboot
dhcp-boot=undionly.kpxe
dhcp-option=17,/images
dhcp-option=vendor:PXEClient,6,2b
dhcp-no-override
pxe-prompt=“Press F8 for boot menu”, 3
pxe-service=X86PC, “Boot from network” undionly
pxe-service=X86PC, “Boot from local hard disk”, 0
dhcp-range=10.0.0.3,proxy
dhcp-option=66,“10.0.0.3”[/code]TO THIS:
[code]port=0
log-dhcp
tftp-root=/tftpboot
dhcp-boot=undionly.0,10.0.0.3,10.0.0.3
dhcp-option=17,/images
dhcp-option=vendor:PXEClient,6,2b
dhcp-no-override
pxe-prompt=“Press F8 for boot menu”, 3
pxe-service=X86PC, “Boot from network”, undionly
pxe-service=X86PC, “Boot from local hard disk”, 0
dhcp-range=10.0.0.3,proxy[/code] -
Made the change to the file, wow!
However, it still doesn’t boot… I’ve tried the Optiplex 745 and my laptop, which is a Dell D620.
Here’s what it does: [media=youtube]g1mQa-18ISQ[/media]
-
Going to try the other files in a bit…
-
What’s the output of the browser if you type in:
-
[quote=“Tom Elliott, post: 45278, member: 7271”]What’s the output of the browser if you type in:
[url]http://10.0.0.3/fog/service/ipxe/boot.php[/url][/quote]
[CODE]
ForbiddenYou don’t have permission to access /fog/service/ipxe/boot.php on this server.
[/CODE]I did this:
[CODE]chmod -R 755 /var/www/html/fog[/CODE]And now that link gives output.
and I GET THE FOG MENU!!! WOOT WOOT!!
