Surface Pro 3 - ipxe issues
-
It’s because the surface pro is an EFI device only, and the version of DNSMASQ that you have installed doesn’t support EFI devices in ProxyDHCP mode.
The version of DNSMASQ available to your distribution (Ubuntu 16.04) is old and we can’t help that. However you can pull the latest source code from Simon Kelly’s (the creator and maintainer of dnsmasq) website and build the latest version which does have support for EFI devices in ProxyDHCP mode and will work for you’re use case.
And, we have an entire wiki article just on all of this that you can follow.
The article is here:
https://wiki.fogproject.org/wiki/index.php?title=ProxyDHCP_with_dnsmasqI’m pinging @george1421 just so he’s aware that you will probably try this, the documentation is all the product of his findings.
And, for future readers, if your version of DNSMASQ is 2.76 or later, you do not need to build DNSMASQ from source, but still need to properly configure the ltsp.conf file for proper UEFI support in ProxyDHCP mode.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
Daily Clean Installation Results:
https://fogtesting.fogproject.us/
FOG Reporting:
https://fog-external-reporting-results.fogproject.us/ -
The other comment here is that there “was” an alternate version of the uefi boot kernel
ipxe7156.efithat was build specifically because some of the surface pros would not boot the native ipxe.efi iPXE kernel.With the updated dnsmasq (2.76) its possible to have dnsmasq automatically switch the kernels based on the booting device.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
-
I think there still is. I think Tom might have stuck all those in their very own directory, along with the 10secdelay files in their own directory too.
-
Thanks Wayne and George.
I am using the updated 2.76 version of dnsmasq, however I do not have the boot kernel ipxe7156.efi I’ll have to try that and report back my findings.
-
@xerxes2985 said in Surface Pro 3 - ipxe issues:
I do not have the boot kernel ipxe7156.efi
Really?
Try this command:
find /tftpboot | grep ipxe7156.efi -
@george1421 @Wayne-Workman This still exists and is working for me with SP3’s and SP4’s. I could not get either model working with ipxe.efi.
-
In my environment, I use both Surface Pro 3s and Surface Pro 4s.
I use snponly.efi and can image my Surfaces.
-
@Scott-Adams said in Surface Pro 3 - ipxe issues:
In my environment, I use both Surface Pro 3s and Surface Pro 4s.
I use snponly.efi and can image my Surfaces.
Exactly what version of FOG are you using? This is quite important.
-
@Wayne-Workman let me restate that lol. I have it, just not in my itsp.conf file. I didn’t specify that as an option.
-
@xerxes2985 Well go through the wiki article I linked and set it up as an option.
If you can get us a packet capture of the network booting process of the Surface Pro 3, it would help us to improve our DHCP & DNSMASQ default configurations.
-
@Wayne-Workman I’m using
Running Version 1.3.0-RC-23
SVN Revision: 6017@Scott-Adams
Here are the contents of my itsp.confport=0 log-dhcp tftp-root=/tftpboot dhcp-no-override dhcp-boot=undionly.kpxe,,x.x.x.x pxe-prompt="Booting FOG Client", 20 pxe-service=X86PC, "Boot BIOS PXE", undionly.kpxe pxe-service=BC_EFI, "Boot UEFI PXE-BC", ipxe.efi pxe-service=X86-64_EFI, "Boot UEFI PXE-64" ipxe.efi pxe-service=X86-64_EFI, "Boot Surface UEFI" snponly.efi dhcp-range=x.x.x.x,proxyWhen I PXE boot and select my snponly.efi entry the screen flashes, then goes back to the “Surface” logo.
-
@xerxes2985 Yeah that config file won’t do what you need. If you are up for a little road trip I think we can collect what we need to get you started.
As long as your fog server, dhcp server and target computer are on the same subnet we can use the FOG server to eavesdrop on the dhcp / pxe booting process to give us some insight for tweaking the ltsp.conf file.
To set this up, make sure all ll three on the same subnet.
- Run this tcpdump command:
tcpdump -w output.pcap port 67 or port 68 or port 69 or port 4011 - PXE boot the target computer to the error or failure how ever you look at it.
- Post the pcap file here so we can look at it.
The tcpdump filter will only capture dhcp, tftp, and dhcpProxy traffic so you can be sure that no internal data will leak out. You can review the output.pcap file with wireshark if you want to be sure.
Now with your snponly.efi line, can you test to see if the ipxe7156.efi file boots your surface pro better. We are taking several approaches here to see which one fits the best for your situation.
@Wayne-Workman I think once we get a solid path forward on this devices we need to get this information documented and then into a wiki. These surface pros are not going away any time soon.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
- Run this tcpdump command:
-
@george1421 Completely agree. I’ve been meaning to collect all of our information and put it in one spot. I’ll start on it tonight at least, and at least get all the links together.
-
@Scott-Adams said in Surface Pro 3 - ipxe issues:
In my environment, I use both Surface Pro 3s and Surface Pro 4s.
I use snponly.efi and can image my Surfaces.
Could you document your entire setup for the surface pros only the PXE booting and FOG parts. We need to know dhcp settings and network adapter used, and if there is any relevancy to bios version or setting you did to make this work. I think you hold the key to getting snponly.efi or even ipxe.efi working for these guys.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
-
here’s a wireshark capture I did of any traffic going into FOG
-
Now that I figured out how to take it out of my Ubuntu server, here is the file.
0_1479321004153_output.pcap -
I’m IM’ing with you but its pretty lonely when you don’t respond.
Here is the relevant information from the pcap file. Its packet #7.
We can see that this device has a unique UUID which is cool we can use that if we want to create a custom dnsmasq filter.
We also can see that the system arch is type 7 EFI BC. That info will be used in the ltsp.conf file. According to your posted config file dnsmasq should send ipxe.efi for the type BC_EFI.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
-
I had a quick IM session with the OP. He was able to get the surface pro to boot using the ipxe7156.efi file. He went the bit longer way the wiki defined to get to the right answer. But this route would have worked too. (the longer way is the proper way if you need to add filters some time in the future).
<edit> the OP IM’d me and said that this route did not work as expected so he went the longer route. Do no follow this section since it is now suspect.
In his posted ltsp.conf file, if he would have replacedpxe-service=BC_EFI, "Boot UEFI PXE-BC", ipxe.efiwithpxe-service=BC_EFI, "Boot UEFI PXE-BC", ipxe7156.efiit would have worked equally as well.But this way unfortunate all Arch 7 type devices would get the same ipxe boot file. With filters you can tailor the boot file based on the specific booting client type (assuming that the vendor set the uuid field correctly)
-
All,
I’ve modified my itsp.conf to the following based upon ProxyDHCP_with_dnsmasq:Adding (a bit more complex) UEFI support to the basic script
port=0 log-dhcp tftp-root=/tftpboot dhcp-no-override dhcp-vendorclass=BIOS,PXEClient:Arch:00000 dhcp-vendorclass=UEFI32,PXEClient:Arch:00006 dhcp-vendorclass=UEFI,PXEClient:Arch:00007 dhcp-vendorclass=UEFI64,PXEClient:Arch:00009 dhcp-boot=net:UEFI32,i386-efi/ipxe.efi,,x.x.x.x dhcp-boot=net:UEFI,ipxe7156.efi,,x.x.x.x dhcp-boot=net:UEFI64,ipxe.efi,,x.x.x.x dhcp-boot=undionly.kpxe,,x.x.x.x pxe-prompt="Booting FOG Client", 20 dhcp-range=x.x.x.x,proxyThe key to getting the Surface Pro 3 to PXE boot into the FOG Menu, and successfully start a Full Registration was modifying the following values.
dhcp-boot=net:UEFI,ipxe.efi,,x.x.x.xTo This
dhcp-boot=net:UEFI,ipxe7156.efi,,x.x.x.xI am currently 12% of the way through capturing an image, although my VM will probably fill up.
-
@xerxes2985 You have the proper setup now. Adding filters (if you need them) is just a short walk from there. There is two ways you can go with the config file, easy and a little harder. But the little harder gives you many more options.
The wiki page you referenced is based on my working document here: https://forums.fogproject.org/topic/8726/advanced-dnsmasq-techniques
which goes into the details a bit more.
