UEFI-PXE-Boot (Asus t100 Tablet)
-
@K.Hays OK that is the mac address of what I’m seeing.
What I see in your pcap file is the tablet asking for dhcp stuff but your dhcp server never responds. I do see other clients sending informs (dhcp client saying hello i’m here but nothing from your dhcp server.)
OK then that explains why the pcap is missing the dhcp server responses. You have the dhcp server on a different subnet, so then your router must have a dhcp-relay service running. If this is the case the responses from the dhcp server will be unicast on the client side.
-
This post is deleted! -
@K.Hays ok I see the same results in this pcap file.
You have an unfortunate situation here.
Because of the way a switched network works the fog server (packet capture device) will never see unicast communication that its not directly involved with. So what you must do is insert the packet capture device in the data path between the two unicast devices.
Its not as complicated as it sounds, if you switch has a port mirroring capabilities then you can mirror the traffic going to your router interface on the client subnet to the network interface where your packet capture device is running. The port mirroring will echo all traffic going into and out of the link that goes to your router to the packet capture device. I feel this is more complicated of a setup than you are ready for. But if you can do this, then use wireshark to capture this traffic into a pcap file.
Another solution is to move this device to the same subnet as your dhcp server (for debugging purposes only), as well as setup wireshark on a laptop (or what ever) and capture the dhcp broadcast traffic from there. You won’t get the tftp stuff, but I think the error so far is on the dhcp side.
-
@george1421 The client and the fog server are on the same switch, different ports. The dhcp is on the other side of the network. Were talking about what to do next, just thought this may be valuable information. We are also looking for any dhcp settings that may need to be switched to accommodate for a uefi device.
-
@K.Hays The key will be to get the dhcp server, booting client and packet capture device into the same broadcast domain (subnet). To get a clean capture. This will avoid having to mess with switch configuration for port mirroring.
Also for clarity, your dhcp server is a microsoft dhcp server? If its a 2012 dhcp server we have a few more options when dealing with bios and uefi clients. Typically the dhcp server should just hand out dhcp addresses unless you are doing something already for bios and uefi clients. In that case this device is a IA32 device where most computers are x64 which has a different arch ID.
-
Why do we see so many malformed packets in the dump file. Never seen this before!! The issue with Windows DHCP server is that it does not broadcast the DHCP answers (if I remember correctly). So we will see the DHCP discovery packets from the client but not the answers.
@K-Hays Would you be able to install wireshark on that DHCP server? Then open it up, start capturing, put
bootp || tftpas display filter and boot up your client. When you see the error stop wireshark. Then export only the packets that are seen by the display filter (there is an option in the export dialog. Other than that there are only more complicated ways of getting the information. One would be to use a hub (instead of a switch) to connect the client to the rest of the network. On every port of that hub you can capture the client’s network traffic using another computer using wireshark again.Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)
Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG
-
@Sebastian-Roth said:
Why do we see so many malformed packets in the dump file. Never seen this before!! The issue with Windows DHCP server is that it does not broadcast the DHCP answers (if I remember correctly).
I was wondering when Mr. PCAP was going to wake up and join in.
If I remember correctly on how a dhcp-relay works, is that on the return trip sending stuff from the dhcp server to the client on another subnet it uses unicast messages and not broadcast (or it uses a directed broadcast which is similar to a unicast).
-
@george1421 said in UEFI-PXE-Boot (Asus t100 Tablet):
I was wondering when Mr. PCAP was going to wake up and join in.
Well… I am sorry but I get paid now for doing same kind of debugging stuff at my new job. Trying to keep up with the forums but it’s not easy!
I think I missed the part about dhcp helpers and subnets. I don’t see different subnets in the packet dump?!? Beside that I think it depends on the relay being used. If I remember correctly we had always broadcasts when using ISC-DHCP-RELAY in our network back at the old working place.
Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)
Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG
-
@Sebastian-Roth yeah it was a bit buried in the text.
k.hayes posted: Also the dhcp server does not have a 10.40.0.x address. it would be 10.100.0.x
This tells me that the dhcp server is some place else and they must have two or more subnets and to have a single dhcp server they must be using a dhcp-relay / helper service. It was a bunch of reading the tea leaves here, but tha tis how I came up with my conclusion.
-
@george1421 We have a Dhcp relay, and a total of 5 different subnets. The dhcp is also running Microsoft server 2008. We may try to bring the client pc and the capture device to the Dhcp on Friday.
-
@george1421 All of our servers are static ip based and there is no way to put the client pc on the same subnet as the dhcp because the 10.100 server range is only a static ip range. If that makes sense, i’m trying to explain it as best as possible.
-
@K.Hays I understand what you are saying. If there is no dhcp scope assigned to 10.100.x.x. you are back to setting up wireshark on a mirror port.
I know the dev team was working on a utility that would act as a dhcp client so they could capture this info without having to setup a mirrored port and packet scanner. Let me see if they made any progress with this program.
-
@george1421 Any luck on that program?
-
@K.Hays The feedback I received was its not available yet.
Just because I’ve been dealing with multiple threads in these last few days. Do other computers on the same client subnet boot normally?
-
@george1421 yeah, they do.
-
@K-Hays said:
@george1421 yeah, they do.
That’s what I kind of expected. From what I’ve read so far I guess this is not a DHCP issue primarily - but more an issue with the USB NIC adapters. Can you try booting one of you normal PCs using those USB NIC adapters just to proof that they work.
The issue with USB NICs is that the firmware/BIOS needs to have a driver to PXE boot from it. In other words PC/tablet and USB NIC need to “work” together. So the USB NIC not working with one machine does not mean it wouldn’t work with any other. Please try out different things and keep us posted. Possibly as well get another adapter to try out. Check on our list as well… hape we can make this work! -
@Sebastian-Roth So i tested both of them on a regular desktop and i got the “Media Test Failure, Check Cable” error. It seems to me that it’s trying to boot form the regular nic. When booting to the usb it just said no device found or whatever. I dont know if there is a setting to change or whatnot, or if it really is just the adapters. the reason we didnt think it was the adapters was because the first one we got, wouldn’t show up at all on the tablets. It wouldn’t register as a boot device, but the next two we got did. So we figured it was on our side now. Is it just that none of these adapters work properly with pxe? Also if we use a regular nic on a purely uefi laptop, we get the pxe-18 error, which is server timeout,which is what we get with the tables when they are booting from the adapter. Don’t know if this is just a coincidence or not im not sure.
-
@K-Hays Sorry for the delay. Most days I just don’t have enough time to think about those complex (and interesting) problems as much as I’d like to. Today I found some more time to re-read and think about it.
Also if we use a regular nic on a purely uefi laptop, we get the pxe-18 error, which is server timeout,which is what we get with the tables when they are booting from the adapter. Don’t know if this is just a coincidence or not im not sure.
This and the mentioned subnets plus ip-helper stuff make me think that it’s not the adapters but a network configuration issue. The world best tool to find issues in your network is wireshark/tcpdump as you can really see what’s on the wire. Anything else is just guess work - which I prefer not to do because I mostly go wrong.
In this case I guess the packet dump wouldn’t hurt but probably won’t shed much light on this as the client simply never gets an answer from the DHCP. But as your normal clients seem to get an IP via DHCP (even in the 10.40.0.x subnet I suppose?!) I am wondering why don’t a PXE booting client is getting the information? My guess is the DHCP relay is not properly forwarding all the PXE information in the DHCP packets. I think you need to tell us more about the DHCP relay software you are using. Is it cisco ip-helpers or ISC-DHCP-RELAY or …? Please if possible post the configuration here (or send me a private message if you feel this information is too sensitive for the public). -
@Sebastian-Roth Hey, since summer hit we’ve been very busy with setting up lots of new things so i haven’t had time to check the forums. Also we are just going forward with regular maintenance on these for now, but I’d like to leave this topic open because it is something that we will need to figure out. If i have an off day ill test this and get back to you, but at the moment it will be on the back burner. Thanks for all of the help so far!
-
@K-Hays You are welcome to get back to this anytime. I am definitely interested to see if we can figure this out. I’m sure we will at some point…
