PXE-E32 error, unable to boot to fog from pxe

george1421

@K.Hays Not sure if its my isp or the forum but replying takes me about 5 minutes.

ok then, can you confirm that the pxe client and fog server is on the same subnet?

Also your dhcp server is this a windows dhcp server or are you using the fog server or dnsmasq to provide pxe boot settings? (just trying to rule out what its not)

from a windows computer (with the tftp feature added) you can do a tftp get on the undionly,kpxe and the file is retrieved correctly?

K.Hays

They are in fact on the same subnet. The servers we are using are Windows, version Server 08. Have not tried to tftp get from a windows computer yet, I’ve just been using the Linux machines that are around here and they have been getting it just fine.

Wayne Workman

@K.Hays You might look through this for ideas. https://wiki.fogproject.org/wiki/index.php?title=Troubleshoot_TFTP

Sebastian Roth

Which version of FOG is this?

K.Hays

@Sebastian-Roth it is the most updated version, so 1.2.0

K.Hays

@Wayne-Workman Thanks, i will do that. I’d like to say though I’ve tried to figure this out on my own, of course with the help of all the forums and topics i could find, for a few weeks now to no avail.

Wayne Workman

@K.Hays You might jump straight to a packet capture then. With TFTP issues, it’s really easy to figure out what’s wrong from a packet capture because everything is plain text and pretty simple.

You can do a capture from the fog server or if you have an old hub (as opposed to a switch), you can do a full capture right at the client using a 3rd computer.

K.Hays

@Wayne-Workman How would one do that? I’m sorry still new to all of this.

Wayne Workman

@K.Hays There’s instructions in that troubleshooting article I posted.

george1421

@Wayne-Workman I forgot about the wiki. I just looked through it and while I found the tcpdump section I thing we should update to include the complete command that includes the filters and output file. That way we can direct users to execute the command in step x.y.w and then post the output file here so Mr Pcap can read the bits in between the lines of code.

george1421

@george1421 I think at this time we need to focus on the getting the pcap file. Where we’ll run the tcpdump command on your fog server and then pxe boot the target computer. Since they are on the same subnet the fog server will see the dhcp part was well as the tftp file request.

Wayne Workman

@george1421 said in [PXE-E32 error:

… I thing we should update to include the complete command that includes the filters and output file.

I’m not sure I follow what you mean.

K.Hays

@george1421 so i need to get the pcap folder now? i ran the command and got something like this

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
^C719 packets captured
719 packets received by filter
0 packets dropped by kernel

george1421

@Wayne-Workman Sorry it took me some time to find it. My google-fu in searching the forum is very weak. (BTW: This tcpdump command was borrowed from one of Sebastian’s posts)

tcpdump -w output.pcap port 67 or port 68 or port 69

or
tcpdump -w output.pcap port 67 or port 68 or port 69 or host <fog_server_IP>
if you want to include any fog server communications too.

Having it spelled out so the reader can just copy and paste the command to the fog server. Then once the pxe error happens they can just ctrl-c out and then upload the file to the forum. The wiki has the elements but not the whole command.

george1421

@K.Hays The command you need is in my previous post.

The steps to collecting he inforamtion are

1. get the tcpdump command up and running
2. PXE boot your target computer until you reach the error
3. Ctrl-C on the tcpdump command
4. Upload the pcap file so it can be reviewed by the devs (your response time on this may be a bit)

This will give a clear picture of why your target computer can’t get that ipxe boot file (undionly.kpxe).

K.Hays

@george1421 ok when i try to retrieve the file from a windows computer it says it failed. ‘connect request failed’ do i need to do that or can i just put the file right up here

K.Hays

@george1421 Also, will this issue.pcap contain sensitive information? Should i give it out? I know how now i just need to make sure i dont release anything that shouldnt be released.

Sebastian Roth

@K-Hays Well either you want us to help you or you want to figure this out yourself. If we don’t have information we are pretty much helpless. I am kind of over it to ask 20 questions to get things like this fixed instead of just looking at the PCAP file that will give me all the details I need. Feel free to check out the PCAP file using wireshark yourself!

By the way, I had a look before you deleted it:

• Private IP addresses - no chance anyone here would be willing or able to make use of those to harm you
• A few DNS requests for porn URLs - just joking!!!
• DHCP wise I only see one discovery and one request packet - not enough to find out what’s going on - I guess your DHCP server is responding to the client directly instead of broadcasting (which is kind of unusual as the client requests broadcasting in its packets)

For next time: The more filters you use with tcpdump the less we see in the PCAP file. But adding to many filters might possible hide important information. As well you can open the PCAP file in wireshark, add display filters till you are happy with it and then export the remaining packets

K.Hays

@Sebastian-Roth sorry about that. i meant to re-add it after i talked to my boss. I will reupload it again, but what do you want me to do first? Have less filters?

george1421

From a security standpoint. If you use the filters command that was provided we would only be able to see what your internal dns name is. The ip address of your dhcp server, the target computer, anything your are sending to the client. The filters only allow us to see the dhcp and tftp requests. There are nothing (typically) confidential in this communications.