• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    dnsmasq ProxyDHCP BIOS and UEFI coexistence

    Scheduled Pinned Locked Moved Solved
    General Problems
    3
    19
    7.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Pikmin
      last edited by Pikmin

      Hi everyone,
      I’ve been following the wiki guide to set this up
      https://wiki.fogproject.org/wiki/index.php?title=ProxyDHCP_with_dnsmasq

      The basic script example works fine but when I try to follow the second example it stops working.

      Adding (a bit more complex) UEFI support to the basic script
      We’ll start with our basic configuration file again. Note: we removed the pxe-service entries we added previously.

      Soon as I remove the pxe-service entries I cannot UEFI boot and the dhcp-boot option doesn’t seem to do anything:

      Set the boot file name based on the matching tag from the vendor class (above)

      dhcp-boot=net:UEFI32,i386-efi/ipxe.efi,192.168.112.24
      dhcp-boot=net:UEFI,ipxe.efi,192.168.112.24
      dhcp-boot=net:UEFI64,ipxe.efi,192.168.112.24

      Can anyone tell me what I could be missing?

      There are powerful matching rules in dnsmasq’s configuration syntax. Here is an example of how this could be used to distingush between BIOS and UEFI. Note: This will NOT work in proxy mode!!
      dhcp-match=set:bios,60,PXEClient:Arch:00000
      dhcp-boot=tag:bios,undionly.kpxe,x.x.x.x,x.x.x.x # x.x.x.x = TFTP/FOG server IP

      Does that mean dhcp-boot will never work in an unmodifiable dnsmasq proxy setting?

      I would like to specify options per model and it seems to be working but dhcp-service is required. Certain laptops can’t boot into legacy No configuration methods succeeded (http://ipxe.org/040ee119)

      1 Reply Last reply Reply Quote 0
      • S
        Sebastian Roth Moderator
        last edited by

        @Pikmin Which version of dnsmasq are you using? I am sure you’ve read the section “Compiling dnsmasq 2.76 if you need uefi support” in the wiki article you posted!?!

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        1 Reply Last reply Reply Quote 1
        • P
          Pikmin
          last edited by

          @Sebastian-Roth said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

          2.76
          Hey Sebastian,
          Yeah I’ve compiled 2.76
          dnsmasq -v
          Dnsmasq version 2.76 Copyright © 2000-2016 Simon Kelley
          Compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify

          It doesn’t appear to be an issue with not being able to boot UEFI rather ignoring the dhcp-boot fields.
          Without the pxe-service=X86-64_EFI, “Boot UEFI PXE-64”, ipxe.efi, the boot fails

          george1421G 1 Reply Last reply Reply Quote 0
          • george1421G
            george1421 Moderator @Pikmin
            last edited by george1421

            @Pikmin Are you still having an issue? You last post seems to offer an answer. Did that resolve your issue?

            What does your ltsp.conf file look like. The tutorial the wiki was based on is here: https://forums.fogproject.org/topic/8725/compiling-dnsmasq-2-76-if-you-need-uefi-support/6 at the end of this post there is an example ltsp.conf file that has been proven to work.

            I also have an other tutorial that may add some value: https://forums.fogproject.org/topic/8726/advanced-dnsmasq-techniques

            You must have at least dnsmasq 2.76 to get uefi / bios auto switching to work.

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

            P 1 Reply Last reply Reply Quote 0
            • P
              Pikmin @george1421
              last edited by

              @george1421
              Hello, can you confirm that the following fields are meant to be enough to boot into UEFI, not the basic but advanced option
              Set the boot file name based on the matching tag from the vendor class (above)
              dhcp-boot=net:UEFI32,i386-efi/ipxe.efi,192.168.112.24
              dhcp-boot=net:UEFI,ipxe.efi,192.168.112.24
              dhcp-boot=net:UEFI64,ipxe.efi,192.168.112.24

              They don’t appear to be enough in my case, once again pxe-service is needed but you say in the guide to remove it :
              Adding (a bit more complex) UEFI support to the basic script
              We’ll start with our basic configuration file again. Note: we removed the pxe-serivce entries we added previously.

              This is what my config looks like now, I’ve added a match for HP 210 and have been testing stuff out, BIOS doesn’t work with this model: No configuration methods succeeded (http://ipxe.org/040ee119) I have added a BIOS menu that boots nothing (removed the undionly line) because it fails anyway.

              I have a separate HP210 UEFI menu

              HP210 UEFI Test

              pxe-service=tag:HP210,X86-64_EFI, “HP-210”, ipxe.efi

              when I push F8 I get two options HP-210 and Boot UEFI PXE-64
              Without the pxe-service and only dhcp-boot options, the boot fails

              # Don't function as a DNS server:
              port=0
              
              # Log lots of extra information about DHCP transactions.
              log-dhcp
              
              # Set the root directory for files available via FTP.
              tftp-root=/tftpboot
              
              # Disable re-use of the DHCP servername and filename fields as extra
              # option space. That's to avoid confusing some old or broken DHCP clients.
              dhcp-no-override
              
              # inspect the vendor class string and match the text to set the tag
              dhcp-vendorclass=BIOS,PXEClient:Arch:00000
              dhcp-vendorclass=UEFI32,PXEClient:Arch:00006
              dhcp-vendorclass=UEFI,PXEClient:Arch:00007
              dhcp-vendorclass=UEFI64,PXEClient:Arch:00009
              
              
              dhcp-match=set:HP210,97,00:4e:fc:b7:3e:58:32:11:e5:8b:16:b0:5a:da
              
              
              ##### Without this one I get asked to enter TFTP Address
              dhcp-boot=undionly.kpxe,,192.168.131.149
              
              
              pxe-prompt="Press F8 for boot menu", 10
              
              
              pxe-service=tag:HP210,X86PC, "HP-210 NOT COMPATIBLE WITH BIOS",
              
              # PXEClient:Arch:00000
              pxe-service=X86PC, "Boot BIOS Legacy PXE", undionly ###########.kpxe
              
              # PXEClient:Arch:00007
              pxe-service=BC_EFI, "Boot UEFI PXE-BC", ipxe.efi
              
              # HP210 UEFI Test
              pxe-service=tag:HP210,X86-64_EFI, "HP-210", ipxe.efi
              
              # PXEClient:Arch:00009
              pxe-service=X86-64_EFI, "Boot UEFI PXE-64", ipxe.efi
              
              
              dhcp-range=192.168.131.149,proxy,255.255.0.0
              
              george1421G 2 Replies Last reply Reply Quote 0
              • george1421G
                george1421 Moderator @Pikmin
                last edited by

                @Pikmin We find depending on your network setup (if your real dhcp server sends out some of the boot information) the pxe-service fields are needed.

                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                1 Reply Last reply Reply Quote 0
                • george1421G
                  george1421 Moderator @Pikmin
                  last edited by george1421

                  @Pikmin I just looked at my dev box and I still had this structure in the ltsp.conf file.

                  dhcp-match=set:e6230,97,00:44:45:4c:4c:38:00:10:36:80:4e:c4:c0:4f:4a:58:31
                  
                  dhcp-vendorclass=UEFI,PXEClient:Arch:00007
                  
                  dhcp-boot=tag:UEFI,tag:e6230, snp.efi, 192.168.112.24, 192.168.112.24
                  

                  With no pxe-service lines. Note for the dhcp-boot line I had to use tag: to identify both tags and to create the and condition.

                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                  george1421G P 2 Replies Last reply Reply Quote 0
                  • george1421G
                    george1421 Moderator @george1421
                    last edited by

                    It would be interesting to know how well this one works.

                    port=0
                    
                    # Log lots of extra information about DHCP transactions.
                    log-dhcp
                    
                    # Set the root directory for files available via FTP.
                    tftp-root=/tftpboot
                    
                    # Disable re-use of the DHCP servername and filename fields as extra
                    # option space. That's to avoid confusing some old or broken DHCP clients.
                    dhcp-no-override
                    
                    # inspect the vendor class string and match the text to set the tag
                    dhcp-vendorclass=BIOS,PXEClient:Arch:00000
                    dhcp-vendorclass=UEFI32,PXEClient:Arch:00006
                    dhcp-vendorclass=UEFI,PXEClient:Arch:00007
                    dhcp-vendorclass=UEFI64,PXEClient:Arch:00009
                    
                    dhcp-match=set:HP210,97,00:4e:fc:b7:3e:58:32:11:e5:8b:16:b0:5a:da
                    
                    # Set the boot file name based on the matching tag from the vendor class (above)
                    dhcp-boot=net:UEFI32,i386-efi/ipxe.efi,,192.168.131.149
                    dhcp-boot=net:UEFI,ipxe.efi,,192.168.131.149
                    dhcp-boot=net:UEFI64,ipxe.efi,,192.168.131.149
                    
                    # Our test to ensure both the UEFI and e6230 tags are set. 
                    dhcp-boot=tag:UEFI,tag:HP210, intel.efi, 192.168.131.149, 192.168.131.149
                    
                    # The boot filename, Server name, Server Ip Address
                    dhcp-boot=undionly.kpxe,,192.168.131.149
                    
                    # PXE menu.  The first part is the text displayed to the user.  The second is the timeout, in seconds.
                    pxe-prompt="Booting FOG Client", 1
                    
                    dhcp-range=192.168.131.149,proxy
                    

                    Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                    P 1 Reply Last reply Reply Quote 0
                    • P
                      Pikmin @george1421
                      last edited by Pikmin

                      @george1421

                      I’ve tried that but didn’t work for me, it gets to the boot menu but doesn’t seem to know what to boot, so the menu counts down and nothing happens
                      EDIT:
                      Last message I get is
                      PXE-E21: Remote boot cancelled?

                      This is what I get in the log

                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 vendor class: PXEClient:Arch:00007:UNDI:003016
                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 PXE(ens160) b0:5a:da:9e:d8:b8 proxy
                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 tags: UEFI, HP210, ens160
                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 bootfile name: snp.efi
                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 next server: 192.168.131.149
                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 broadcast response
                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 sent size:  1 option: 53 message-type  2
                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 sent size:  4 option: 54 server-identifier  192.168.131.149
                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
                      Jun 20 10:14:40 ndfog dnsmasq-dhcp[12339]: 2701847451 sent size: 17 option: 97 client-machine-id  00:4e:fc:b7:3e:58:32:11:e5:8b:16:b0:5a:da...
                      
                      george1421G 3 Replies Last reply Reply Quote 0
                      • george1421G
                        george1421 Moderator @Pikmin
                        last edited by

                        @Pikmin said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

                        it gets to the boot menu but doesn’t seem to know what to boot,

                        Please explain, are you getting to the FOG iPXE boot menu?

                        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                        1 Reply Last reply Reply Quote 0
                        • george1421G
                          george1421 Moderator @Pikmin
                          last edited by

                          @Pikmin said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

                          bootfile name: snp.efi

                          Also looking at your log file snp.efi is being sent. If you used my config file it should have sent intel.efi (right not I’m not saying its right or wrong kernel for that system I’m just looking for the same as I told it).

                          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                          P 1 Reply Last reply Reply Quote 0
                          • george1421G
                            george1421 Moderator @Pikmin
                            last edited by george1421

                            @Pikmin said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

                            Last message I get is
                            PXE-E21: Remote boot cancelled?

                            Ah ok then your dhcp server is sending out info too and the client is getting confused. Do you have time to debug this so we can see exactly what’s going on?

                            You will need the pxe-service commands but lets understand what’s going on first.

                            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                            P george1421G 2 Replies Last reply Reply Quote 0
                            • P
                              Pikmin @george1421
                              last edited by

                              @george1421 said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

                              @Pikmin said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

                              Last message I get is
                              PXE-E21: Remote boot cancelled?

                              Ah ok then your dhcp server is sending out info too and the client is getting confused. Do you have time to debug this so we can see exactly what’s going on?

                              You will need the pxe-service commands but lets understand what’s going on first.
                              The Windows DHCP Server is set to PXE Boot SCCM

                              Also note that without using the netmask in the range directive PXE boot doesn’t work
                              dhcp-range=192.168.131.149,proxy,255.255.0.0

                              I also have ip helper on the switch so I can netboot from other vlans

                              george1421G 2 Replies Last reply Reply Quote 0
                              • george1421G
                                george1421 Moderator @george1421
                                last edited by george1421

                                @george1421 Using the configuration file that created the PXE error 21.

                                Lets grab a pcap of the pxe booting process. This works the best if the FOG server and the target computers are on the same subnet. https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue

                                Since you have an IP helper, your fog server may not be on the same subnet. It would be ideal if they were on the same subnet since the filter we will use looks for dhcp, proxydhcp, and tftp communications. If this can’t happen then use wireshark on a computer plugged into the same subnet as the target computer.

                                Understand this is part helping you and part adding to the collective knowledge of the forums. It would also be nice to know what your dhcp server is for background info.

                                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                                1 Reply Last reply Reply Quote 0
                                • P
                                  Pikmin @george1421
                                  last edited by

                                  @george1421 said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

                                  @Pikmin said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

                                  bootfile name: snp.efi

                                  Also looking at your log file snp.efi is being sent. If you used my config file it should have sent intel.efi (right not I’m not saying its right or wrong kernel for that system I’m just looking for the same as I told it).

                                  My bad, I was trying something from your previous post, with the intel.efi setup same thing

                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 vendor class: PXEClient:Arch:00007:UNDI:003016
                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 PXE(ens160) b0:5a:da:9e:d8:b8 proxy
                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 tags: UEFI, HP210, ens160
                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 bootfile name: intel.efi
                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 next server: 192.168.131.149
                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 broadcast response
                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 sent size:  1 option: 53 message-type  2
                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 sent size:  4 option: 54 server-identifier  192.168.131.149
                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
                                  Jun 20 10:30:27 ndfog dnsmasq-dhcp[13167]: 1636139832 sent size: 17 option: 97 client-machine-id  00:4e:fc:b7:3e:58:32:11:e5:8b:16:b0:5a:da...
                                  
                                  george1421G 1 Reply Last reply Reply Quote 0
                                  • george1421G
                                    george1421 Moderator @Pikmin
                                    last edited by

                                    @Pikmin said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

                                    I also have ip helper on the switch so I can netboot from other vlans

                                    This raises a question if the dnsmasq server is on the same subnet as the pxe booting client computers. If not did you add the dnsmasq server as the last dhcp server in your dhcp helper list? dnsmasq will not supply any dhcp addresses it just needs to be made aware that a dhcp request was places so it can reply with its proxydhcp answer.

                                    Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                                    1 Reply Last reply Reply Quote 0
                                    • george1421G
                                      george1421 Moderator @Pikmin
                                      last edited by

                                      @Pikmin said in dnsmasq ProxyDHCP BIOS and UEFI coexistence:

                                      My bad, I was trying something from your previous post, with the intel.efi setup same thing

                                      Great, so now we know the “match” part is working. We just need to get the target computer to believe the proxydhcp response.

                                      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                                      1 Reply Last reply Reply Quote 0
                                      • george1421G
                                        george1421 Moderator @Pikmin
                                        last edited by

                                        @Pikmin let try this config file:

                                        # Don't function as a DNS server:
                                        port=0
                                        
                                        # Log lots of extra information about DHCP transactions.
                                        log-dhcp
                                        
                                        # Set the root directory for files available via FTP.
                                        tftp-root=/tftpboot
                                        
                                        # Disable re-use of the DHCP servername and filename fields as extra
                                        # option space. That's to avoid confusing some old or broken DHCP clients.
                                        dhcp-no-override
                                        
                                        # inspect the vendor class string and match the text to set the tag
                                        dhcp-vendorclass=BIOS,PXEClient:Arch:00000
                                        dhcp-vendorclass=UEFI32,PXEClient:Arch:00006
                                        dhcp-vendorclass=UEFI,PXEClient:Arch:00007
                                        dhcp-vendorclass=UEFI64,PXEClient:Arch:00009
                                        
                                        
                                        dhcp-match=set:HP210,97,00:4e:fc:b7:3e:58:32:11:e5:8b:16:b0:5a:da
                                        
                                        ##### Without this one I get asked to enter TFTP Address
                                        dhcp-boot=undionly.kpxe,,192.168.131.149
                                        
                                        pxe-prompt="Press F8 for boot menu", 10
                                        
                                        pxe-service=tag:HP210,X86PC, "HP-210 NOT COMPATIBLE WITH BIOS",
                                        
                                        # PXEClient:Arch:00000
                                        pxe-service=X86PC, "Boot BIOS Legacy PXE", undionly ###########.kpxe
                                        
                                        # PXEClient:Arch:00007
                                        pxe-service=BC_EFI, "Boot UEFI PXE-BC", bipxe.efi
                                        
                                        # HP210 UEFI Test
                                        pxe-service=tag:HP210,tag:X86-64_EFI, "HP-210", tipxe.efi
                                        
                                        # HP210 UEFI Test
                                        pxe-service=tag:HP210,tag:UEFI, "HP-210", gipxe.efi
                                        
                                        # PXEClient:Arch:00009
                                        pxe-service=X86-64_EFI, "Boot UEFI PXE-64", eipxe.efi
                                        
                                        
                                        dhcp-range=192.168.131.149,proxy,255.255.0.0
                                        

                                        Note this one will NOT boot your computer. I’m interested in what was matched. Some is an educated guess so lets see what is matched.

                                        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                                        1 Reply Last reply Reply Quote 0
                                        • P
                                          Pikmin @george1421
                                          last edited by

                                          @george1421

                                          Thanks for clearing stuff up with me. Appreciate it

                                          1 Reply Last reply Reply Quote 0
                                          • 1 / 1
                                          • First post
                                            Last post

                                          209

                                          Online

                                          12.0k

                                          Users

                                          17.3k

                                          Topics

                                          155.2k

                                          Posts
                                          Copyright © 2012-2024 FOG Project