BIOS and UEFI Coexistence HP 850 G3 i219v nic


  • Testers

    I have run across an instance that the following does not apply or is now incorrect:

    https://wiki.fogproject.org/wiki/index.php?title=BIOS_and_UEFI_Co-Existence

    The ARCH:00007 works with Surface Pro4 and now with the Intel i219v

    I have tried the following to get around it but Windows is being a pain and not acepting such granular options:

    Enter full vendor-class-identification as text or hex:

    Example of Intel:

    Option: (60) Vendor class identifier
    Length: 32
    Vendor class identifier: PXEClient:Arch:00007:UNDI:003010

    Enter the above in the vendor class all the way to the UNDI just breaks it and the client defaults back to the default efi file in DHCP.

    Example of Surface Pro4:

    Option: (60) Vendor class identifier
    Length: 32
    Vendor class identifier: PXEClient:Arch:00007:UNDI:003016
    or
    0000 50 58 45 43 6c 69 65 6e 74 3a 41 72 63 68 3a 30 PXEClien t:Arch:0
    0010 30 30 30 37 3a 55 4e 44 49 3a 30 30 33 30 31 36 0007:UND I:003016

    Same result. Almost like Windows DHCP doesn’t allow such granular specifics on the Vendor Class Identification.

    To get around this I have now set my default to ipxe7156.efi and added a vendor class for the i219v (HP 850 G3 Elitebook)and set that boot file to intel.efi. That seems to get around the issue. Problem being if something else comes along using ARCH:00007 that differs from both not sure what will happen then.

    So in short I guess the wiki needs to be fixed (amended?) and looking for ideas on how to be more granular on the Vendor class. Stuck using DHCP form Windows for now, but for some reason I think Linux would probably handle this without a problem.


  • Moderator

    #wiki worthy

    @Psycholiquid thank you for the pictures and steps! I will get them included into the wiki when I can. @moderators and @testers if you have wiki access, you can help too!


  • Moderator

    @psycholiquid Just search the tutorials forum I have a few posts out there about dnsmasq.


  • Testers

    @george1421 Yeah I am not versed in DNSmasq but it sounds like I need to be I will start looking at that also


  • Moderator

    First of all, great job on the documentation. The more we know and share the more we ALL will know.

    Second I looked into the MS dhcp server and it doesn’t look like (on the surface) we can use uuid to set a policy event.

    I did think of 2 alternates that might work.

    1. Use the mac address to help identify the client. The first 6 bytes of a mac address is the nic vendor manufacturer number. We can key in on that element when creating a dhcp policy.
    2. Give up on MS Dhcp server delivering pxe boot information to your network and use dnsmasq on the FOG server. DNSMasq will be configured to only provide pxe booting information only. IF the fog server goes off line for some reason, there is no harm since the clients will just bypassing pxe booting. A current version of dnsmasq (2.76) supports the advanced stuff you are wanting to try.

    These are only 2 alternate ways I can think of to give you the answer you seek. You DO have a functional solution right now so just keep these ideas in the back of your mind.


  • Testers

    OK ok ok , I am an idiot… (go ahead take the stab)

    So i forgot I have load balanced / failover DHCP in my environment. SO even if the fog server is set to one DHCP server it will still be pushed to the other in case of high utilization… (damn it me!!!)

    So I was able to get it working more granular down to the UNDI. With what @george1421 said this could be a problem later but I am thinking it will be fine for now as the versions will probably only go up from here for change dramatically. So here is the setup for clairity.

    DHCP (Windows Server 2012 R2) 'Failover is on your to configure"

    Set Vendor Class for hardware. (You can get this from Wireshark easily if you run it on the DHCP server and set ip.src == IP of client PC)

    0_1505318117679_7305fbf0-ae76-4da1-8848-d8f36aac2e67-image.png

    0_1505318135541_5df67178-312e-446d-8876-365dec696ecd-image.png

    Cant really copy and paste but here you go anyway: PXEClient:Arch:00007:UNDI:003016

    Then goto Policies for either your whole server or for your scope depending on how your network is setup:

    0_1505318223359_6ec6bee1-4a87-4ba9-9ff3-8e4395d15943-image.png

    Make a new Policy, name it and description.

    0_1505318268209_38d4eeaa-c33f-47eb-a73f-cd3a14e46828-image.png

    Add Condition:

    0_1505318294038_1dc1da12-9f99-40f6-9ea3-e248139451de-image.png

    Set Options:

    0_1505318315735_34d229ac-2354-4264-baae-7c60ae97519b-image.png

    Now if you refresh your Scope Options you will see the new options:

    0_1505318379964_4bedc421-ecf5-4d45-b897-17f9d78841fc-image.png

    I have tested and this works specifically for the Surface Pro 4s with the dock. I am not sure about the dongle yet because I don’t have one.But I will see about getting one.


  • Testers

    So here is the whole snoop to see if we can glean some info out of it.

    Surface:
    
    Frame 1510: 401 bytes on wire (3208 bits), 401 bytes captured (3208 bits) on interface 0
    Ethernet II, Src: Cisco_5e:53:17 (00:a3:8e:5e:53:17), Dst: Vmware_bb:44:5b (00:50:56:bb:44:5b)
    Internet Protocol Version 4, Src: 10.20.42.3, Dst: 10.20.60.8
    User Datagram Protocol, Src Port: 67, Dst Port: 67
    Bootstrap Protocol (Request)
        Message type: Boot Request (1)
        Hardware type: Ethernet (0x01)
        Hardware address length: 6
        Hops: 1
        Transaction ID: 0x3697a7aa
        Seconds elapsed: 0
        Bootp flags: 0x8000, Broadcast flag (Broadcast)
        Client IP address: 0.0.0.0
        Your (client) IP address: 0.0.0.0
        Next server IP address: 0.0.0.0
        Relay agent IP address: 10.20.42.3
        Client MAC address: Microsof_f5:44:71 (bc:83:85:f5:44:71)
        Client hardware address padding: 00000000000000000000
        Server host name not given
        Boot file name not given
        Magic cookie: DHCP
        Option: (53) DHCP Message Type (Request)
            Length: 1
            DHCP: Request (3)
        Option: (54) DHCP Server Identifier
            Length: 4
            DHCP Server Identifier: 10.20.60.22
        Option: (50) Requested IP Address
            Length: 4
            Requested IP Address: 10.20.42.134
        Option: (57) Maximum DHCP Message Size
            Length: 2
            Maximum DHCP Message Size: 65280
        Option: (55) Parameter Request List
            Length: 35
            Parameter Request List Item: (1) Subnet Mask
            Parameter Request List Item: (2) Time Offset
            Parameter Request List Item: (3) Router
            Parameter Request List Item: (4) Time Server
            Parameter Request List Item: (5) Name Server
            Parameter Request List Item: (6) Domain Name Server
            Parameter Request List Item: (12) Host Name
            Parameter Request List Item: (13) Boot File Size
            Parameter Request List Item: (15) Domain Name
            Parameter Request List Item: (17) Root Path
            Parameter Request List Item: (18) Extensions Path
            Parameter Request List Item: (22) Maximum Datagram Reassembly Size
            Parameter Request List Item: (23) Default IP Time-to-Live
            Parameter Request List Item: (28) Broadcast Address
            Parameter Request List Item: (40) Network Information Service Domain
            Parameter Request List Item: (41) Network Information Service Servers
            Parameter Request List Item: (42) Network Time Protocol Servers
            Parameter Request List Item: (43) Vendor-Specific Information
            Parameter Request List Item: (50) Requested IP Address
            Parameter Request List Item: (51) IP Address Lease Time
            Parameter Request List Item: (54) DHCP Server Identifier
            Parameter Request List Item: (58) Renewal Time Value
            Parameter Request List Item: (59) Rebinding Time Value
            Parameter Request List Item: (60) Vendor class identifier
            Parameter Request List Item: (66) TFTP Server Name
            Parameter Request List Item: (67) Bootfile name
            Parameter Request List Item: (97) UUID/GUID-based Client Identifier
            Parameter Request List Item: (128) DOCSIS full security server IP [TODO]
            Parameter Request List Item: (129) PXE - undefined (vendor specific)
            Parameter Request List Item: (130) PXE - undefined (vendor specific)
            Parameter Request List Item: (131) PXE - undefined (vendor specific)
            Parameter Request List Item: (132) PXE - undefined (vendor specific)
            Parameter Request List Item: (133) PXE - undefined (vendor specific)
            Parameter Request List Item: (134) PXE - undefined (vendor specific)
            Parameter Request List Item: (135) PXE - undefined (vendor specific)
        Option: (97) UUID/GUID-based Client Identifier
            Length: 17
            Client Identifier (UUID): c3d3c87f-5bab-fb24-5f25-d0fb46014244
        Option: (94) Client Network Device Interface
            Length: 3
            Major Version: 3
            Minor Version: 16
        Option: (93) Client System Architecture
            Length: 2
            Client System Architecture: EFI BC (7)
        Option: (60) Vendor class identifier
            Length: 32
            Vendor class identifier: PXEClient:Arch:00007:UNDI:003016
        Option: (255) End
            Option End: 255
    

  • Testers

    WEll snooping two different Surfaces I was able to get the following information"

    Surface one UUID = 598FDD98-C837-7A56-48E6-130AE625101C

    Surface two UUID = C3D3C87F-5BAB-FB24-5F25-D0FB46014244

    So it doesn’t look like we can use that as a Condition. Not real sure what they are doing there but it looks totally different and could just be built off of a few factors of the hardware to generate that UUID.

    @Wayne-Workman I didnt mean to convey it was wrong. I learned alot from the article. Just wanted to get it updated with more info. I think you did a great job when you wrote that as there was zero information I could find when I was working on the first UEFI stuff. You are the man!!!


  • Moderator

    @psycholiquid My goal when I wrote that article was just to show people how create DHCP vendor classes and policies using Windows and Linux because at the time of writing there was about zero good documentation anywhere on the Internet for this stuff. The article was more of an educational one giving the tools & knowledge needed to create whatever vendor classes and policies needed.

    Ofcourse we can change it to be better, or add notes, or additional sections, or whatever needs done.


  • Testers

    @george1421 said in BIOS and UEFI Coexistence HP 850 G3 i219v nic:

    OK so now what I would do is see if you can identify the hardware by the uuid value? For example a surface pro 3 has a uuid of xxxx, pro 4 yyyy, hp (whatever) zzz. Once you have that, looking at the fog wiki page you should be able to create additional test conditions like with the arch 7, 9, whatever. And then combine them into a new policy like in step 6. That new policy may be arch7 and uuid xxxx == file name aaa (sorry about all of the abstractions but I don’t have a solid answer just yet). It seems logically like it should work.

    Sounds like a plan I will work it out and post back with what I find out, with pictures!!! I love pictures. LOL


  • Moderator

    OK so now what I would do is see if you can identify the hardware by the uuid value? For example a surface pro 3 has a uuid of xxxx, pro 4 yyyy, hp (whatever) zzz. Once you have that, looking at the fog wiki page you should be able to create additional test conditions like with the arch 7, 9, whatever. And then combine them into a new policy like in step 6. That new policy may be arch7 and uuid xxxx == file name aaa (sorry about all of the abstractions but I don’t have a solid answer just yet). It seems logically like it should work.


  • Testers

    No snark taken, I get you I have the Wireshark snooping I just run it directly from the DHCP server to get a good baseline of what the clients are asking for.

    The option 97 is a very good idea, so I could put equals variable “and” instead of “or” equals 97 answer.

    Ill give this a try and see what I can come up with. I agree the Wiki is not persay wrong. I even tried multiple vendor-class-identifications and none with all the information worked even though M$ says they should. Go figured Windows lied (LOL)

    But a second filter on the ARCH:00007 should help with that I would think.

    Off how I miss the days of it just working. Damn you UEFI!!! But thank you for the idea and clearing that up. Not sure how to tackle the wording on the Wiki to better explain that. I can see someone trying it and getting confused. Please keep in mind I have Asperger Syndrome so I read things alot differently than most.

    Here is an example of a Surface hitting the DHCP server while being snooped:

    0_1505307488146_b795c8dd-8883-4cdb-ade4-ef131a8ad875-image.png


  • Moderator

    @psycholiquid said in BIOS and UEFI Coexistence HP 850 G3 i219v nic:

    Option: (60) Vendor class identifier
    Length: 32
    Vendor class identifier: PXEClient:Arch:00007:UNDI:003010
    Enter the above in the vendor class all the way to the UNDI just breaks it and the client defaults back to the default efi file in DHCP.
    Example of Surface Pro4:
    Option: (60) Vendor class identifier
    Length: 32
    Vendor class identifier: PXEClient:Arch:00007:UNDI:003016

    Warning: I don’t have an immediate answer to your situation, but first I have 2 comments.

    1. The wiki doesn’t need to be fixed, in a way its not wrong. It just doesn’t cover what you are trying to do because its beyond the scope of the fog project. (snark not intended here).
    2. I do have an issue with the wiki because its using the wrong measuring stick to come up with an answer that just by chance happens to work. The UNDI bit of the vendor class (i.e. UNDI:003016) actually describes the UNDI (Universal Network Driver Interface) version with the first 3 bytes being major version and the last 3 bytes being the minor version. So to translate my example above that is UNDI version 3.16. Its highly likely that multiple hardware from multiple vendors will use UNDI version 3.16 in Arch type 7.

    Now back on point.
    What would be more telling is if the hardware vendor filled out dhcp option 97 UUID. That is intended to be a unique hardware identifier value. Unfortunately the use of and how its used is up to the hardware manufacturer. I can tell you Dells use this field consistently.

    So you might ask, in the windows realm how to do I know what the hardware manufacturer is using? Your fog server (or wireshark) can help you understand by eavesdropping on the pxe booting process of your target hardware. If you follow these instructions: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue you can capture a pcap of the pxe booting process. That pcap can either be reviewed by you using wireshark or you can upload it to a google drive and share the link with us and we can tell you if there is something unique about the hardware. The only requirement is if you us the fog server, the target computer must be on the same subnet as the fog server so tcpdump can see the pxe booting process.

    Once we know if the dhcp option 97 is unique for your hardware then we will have to see if we can make windows dhcp server add a second filter to say if its arch==7 and uuid == xxxxxx send file name yyyy. That part still needs to be worked out. But without knowing if the uuid value can be used the second part is not useful.


Log in to reply
 

861
Online

39.3k
Users

11.0k
Topics

104.5k
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.