BIOS and UEFI Coexistence HP 850 G3 i219v nic
-
I have run across an instance that the following does not apply or is now incorrect:
https://wiki.fogproject.org/wiki/index.php?title=BIOS_and_UEFI_Co-Existence
The ARCH:00007 works with Surface Pro4 and now with the Intel i219v
I have tried the following to get around it but Windows is being a pain and not acepting such granular options:
Enter full vendor-class-identification as text or hex:
Example of Intel:
Option: (60) Vendor class identifier
Length: 32
Vendor class identifier: PXEClient:Arch:00007:UNDI:003010Enter the above in the vendor class all the way to the UNDI just breaks it and the client defaults back to the default efi file in DHCP.
Example of Surface Pro4:
Option: (60) Vendor class identifier
Length: 32
Vendor class identifier: PXEClient:Arch:00007:UNDI:003016
or
0000 50 58 45 43 6c 69 65 6e 74 3a 41 72 63 68 3a 30 PXEClien t:Arch:0
0010 30 30 30 37 3a 55 4e 44 49 3a 30 30 33 30 31 36 0007:UND I:003016Same result. Almost like Windows DHCP doesn’t allow such granular specifics on the Vendor Class Identification.
To get around this I have now set my default to ipxe7156.efi and added a vendor class for the i219v (HP 850 G3 Elitebook)and set that boot file to intel.efi. That seems to get around the issue. Problem being if something else comes along using ARCH:00007 that differs from both not sure what will happen then.
So in short I guess the wiki needs to be fixed (amended?) and looking for ideas on how to be more granular on the Vendor class. Stuck using DHCP form Windows for now, but for some reason I think Linux would probably handle this without a problem.
-
@psycholiquid said in BIOS and UEFI Coexistence HP 850 G3 i219v nic:
Option: (60) Vendor class identifier
Length: 32
Vendor class identifier: PXEClient:Arch:00007:UNDI:003010
Enter the above in the vendor class all the way to the UNDI just breaks it and the client defaults back to the default efi file in DHCP.
Example of Surface Pro4:
Option: (60) Vendor class identifier
Length: 32
Vendor class identifier: PXEClient:Arch:00007:UNDI:003016Warning: I don’t have an immediate answer to your situation, but first I have 2 comments.
- The wiki doesn’t need to be fixed, in a way its not wrong. It just doesn’t cover what you are trying to do because its beyond the scope of the fog project. (snark not intended here).
- I do have an issue with the wiki because its using the wrong measuring stick to come up with an answer that just by chance happens to work. The UNDI bit of the vendor class (i.e. UNDI:003016) actually describes the UNDI (Universal Network Driver Interface) version with the first 3 bytes being major version and the last 3 bytes being the minor version. So to translate my example above that is UNDI version 3.16. Its highly likely that multiple hardware from multiple vendors will use UNDI version 3.16 in Arch type 7.
Now back on point.
What would be more telling is if the hardware vendor filled out dhcp option 97 UUID. That is intended to be a unique hardware identifier value. Unfortunately the use of and how its used is up to the hardware manufacturer. I can tell you Dells use this field consistently.So you might ask, in the windows realm how to do I know what the hardware manufacturer is using? Your fog server (or wireshark) can help you understand by eavesdropping on the pxe booting process of your target hardware. If you follow these instructions: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue you can capture a pcap of the pxe booting process. That pcap can either be reviewed by you using wireshark or you can upload it to a google drive and share the link with us and we can tell you if there is something unique about the hardware. The only requirement is if you us the fog server, the target computer must be on the same subnet as the fog server so tcpdump can see the pxe booting process.
Once we know if the dhcp option 97 is unique for your hardware then we will have to see if we can make windows dhcp server add a second filter to say if its arch==7 and uuid == xxxxxx send file name yyyy. That part still needs to be worked out. But without knowing if the uuid value can be used the second part is not useful.
-
No snark taken, I get you I have the Wireshark snooping I just run it directly from the DHCP server to get a good baseline of what the clients are asking for.
The option 97 is a very good idea, so I could put equals variable “and” instead of “or” equals 97 answer.
Ill give this a try and see what I can come up with. I agree the Wiki is not persay wrong. I even tried multiple vendor-class-identifications and none with all the information worked even though M$ says they should. Go figured Windows lied (LOL)
But a second filter on the ARCH:00007 should help with that I would think.
Off how I miss the days of it just working. Damn you UEFI!!! But thank you for the idea and clearing that up. Not sure how to tackle the wording on the Wiki to better explain that. I can see someone trying it and getting confused. Please keep in mind I have Asperger Syndrome so I read things alot differently than most.
Here is an example of a Surface hitting the DHCP server while being snooped:
-
OK so now what I would do is see if you can identify the hardware by the uuid value? For example a surface pro 3 has a uuid of xxxx, pro 4 yyyy, hp (whatever) zzz. Once you have that, looking at the fog wiki page you should be able to create additional test conditions like with the arch 7, 9, whatever. And then combine them into a new policy like in step 6. That new policy may be arch7 and uuid xxxx == file name aaa (sorry about all of the abstractions but I don’t have a solid answer just yet). It seems logically like it should work.
-
@george1421 said in BIOS and UEFI Coexistence HP 850 G3 i219v nic:
OK so now what I would do is see if you can identify the hardware by the uuid value? For example a surface pro 3 has a uuid of xxxx, pro 4 yyyy, hp (whatever) zzz. Once you have that, looking at the fog wiki page you should be able to create additional test conditions like with the arch 7, 9, whatever. And then combine them into a new policy like in step 6. That new policy may be arch7 and uuid xxxx == file name aaa (sorry about all of the abstractions but I don’t have a solid answer just yet). It seems logically like it should work.
Sounds like a plan I will work it out and post back with what I find out, with pictures!!! I love pictures. LOL
-
@psycholiquid My goal when I wrote that article was just to show people how create DHCP vendor classes and policies using Windows and Linux because at the time of writing there was about zero good documentation anywhere on the Internet for this stuff. The article was more of an educational one giving the tools & knowledge needed to create whatever vendor classes and policies needed.
Ofcourse we can change it to be better, or add notes, or additional sections, or whatever needs done.
-
WEll snooping two different Surfaces I was able to get the following information"
Surface one UUID = 598FDD98-C837-7A56-48E6-130AE625101C
Surface two UUID = C3D3C87F-5BAB-FB24-5F25-D0FB46014244
So it doesn’t look like we can use that as a Condition. Not real sure what they are doing there but it looks totally different and could just be built off of a few factors of the hardware to generate that UUID.
@Wayne-Workman I didnt mean to convey it was wrong. I learned alot from the article. Just wanted to get it updated with more info. I think you did a great job when you wrote that as there was zero information I could find when I was working on the first UEFI stuff. You are the man!!!
-
So here is the whole snoop to see if we can glean some info out of it.
Surface: Frame 1510: 401 bytes on wire (3208 bits), 401 bytes captured (3208 bits) on interface 0 Ethernet II, Src: Cisco_5e:53:17 (00:a3:8e:5e:53:17), Dst: Vmware_bb:44:5b (00:50:56:bb:44:5b) Internet Protocol Version 4, Src: 10.20.42.3, Dst: 10.20.60.8 User Datagram Protocol, Src Port: 67, Dst Port: 67 Bootstrap Protocol (Request) Message type: Boot Request (1) Hardware type: Ethernet (0x01) Hardware address length: 6 Hops: 1 Transaction ID: 0x3697a7aa Seconds elapsed: 0 Bootp flags: 0x8000, Broadcast flag (Broadcast) Client IP address: 0.0.0.0 Your (client) IP address: 0.0.0.0 Next server IP address: 0.0.0.0 Relay agent IP address: 10.20.42.3 Client MAC address: Microsof_f5:44:71 (bc:83:85:f5:44:71) Client hardware address padding: 00000000000000000000 Server host name not given Boot file name not given Magic cookie: DHCP Option: (53) DHCP Message Type (Request) Length: 1 DHCP: Request (3) Option: (54) DHCP Server Identifier Length: 4 DHCP Server Identifier: 10.20.60.22 Option: (50) Requested IP Address Length: 4 Requested IP Address: 10.20.42.134 Option: (57) Maximum DHCP Message Size Length: 2 Maximum DHCP Message Size: 65280 Option: (55) Parameter Request List Length: 35 Parameter Request List Item: (1) Subnet Mask Parameter Request List Item: (2) Time Offset Parameter Request List Item: (3) Router Parameter Request List Item: (4) Time Server Parameter Request List Item: (5) Name Server Parameter Request List Item: (6) Domain Name Server Parameter Request List Item: (12) Host Name Parameter Request List Item: (13) Boot File Size Parameter Request List Item: (15) Domain Name Parameter Request List Item: (17) Root Path Parameter Request List Item: (18) Extensions Path Parameter Request List Item: (22) Maximum Datagram Reassembly Size Parameter Request List Item: (23) Default IP Time-to-Live Parameter Request List Item: (28) Broadcast Address Parameter Request List Item: (40) Network Information Service Domain Parameter Request List Item: (41) Network Information Service Servers Parameter Request List Item: (42) Network Time Protocol Servers Parameter Request List Item: (43) Vendor-Specific Information Parameter Request List Item: (50) Requested IP Address Parameter Request List Item: (51) IP Address Lease Time Parameter Request List Item: (54) DHCP Server Identifier Parameter Request List Item: (58) Renewal Time Value Parameter Request List Item: (59) Rebinding Time Value Parameter Request List Item: (60) Vendor class identifier Parameter Request List Item: (66) TFTP Server Name Parameter Request List Item: (67) Bootfile name Parameter Request List Item: (97) UUID/GUID-based Client Identifier Parameter Request List Item: (128) DOCSIS full security server IP [TODO] Parameter Request List Item: (129) PXE - undefined (vendor specific) Parameter Request List Item: (130) PXE - undefined (vendor specific) Parameter Request List Item: (131) PXE - undefined (vendor specific) Parameter Request List Item: (132) PXE - undefined (vendor specific) Parameter Request List Item: (133) PXE - undefined (vendor specific) Parameter Request List Item: (134) PXE - undefined (vendor specific) Parameter Request List Item: (135) PXE - undefined (vendor specific) Option: (97) UUID/GUID-based Client Identifier Length: 17 Client Identifier (UUID): c3d3c87f-5bab-fb24-5f25-d0fb46014244 Option: (94) Client Network Device Interface Length: 3 Major Version: 3 Minor Version: 16 Option: (93) Client System Architecture Length: 2 Client System Architecture: EFI BC (7) Option: (60) Vendor class identifier Length: 32 Vendor class identifier: PXEClient:Arch:00007:UNDI:003016 Option: (255) End Option End: 255 -
OK ok ok , I am an idiot… (go ahead take the stab)
So i forgot I have load balanced / failover DHCP in my environment. SO even if the fog server is set to one DHCP server it will still be pushed to the other in case of high utilization… (damn it me!!!)
So I was able to get it working more granular down to the UNDI. With what @george1421 said this could be a problem later but I am thinking it will be fine for now as the versions will probably only go up from here for change dramatically. So here is the setup for clairity.
DHCP (Windows Server 2012 R2) 'Failover is on your to configure"
Set Vendor Class for hardware. (You can get this from Wireshark easily if you run it on the DHCP server and set ip.src == IP of client PC)
Cant really copy and paste but here you go anyway: PXEClient:Arch:00007:UNDI:003016
Then goto Policies for either your whole server or for your scope depending on how your network is setup:
Make a new Policy, name it and description.
Add Condition:
Set Options:
Now if you refresh your Scope Options you will see the new options:
I have tested and this works specifically for the Surface Pro 4s with the dock. I am not sure about the dongle yet because I don’t have one.But I will see about getting one.
-
First of all, great job on the documentation. The more we know and share the more we ALL will know.
Second I looked into the MS dhcp server and it doesn’t look like (on the surface) we can use uuid to set a policy event.
I did think of 2 alternates that might work.
- Use the mac address to help identify the client. The first 6 bytes of a mac address is the nic vendor manufacturer number. We can key in on that element when creating a dhcp policy.
- Give up on MS Dhcp server delivering pxe boot information to your network and use dnsmasq on the FOG server. DNSMasq will be configured to only provide pxe booting information only. IF the fog server goes off line for some reason, there is no harm since the clients will just bypassing pxe booting. A current version of dnsmasq (2.76) supports the advanced stuff you are wanting to try.
These are only 2 alternate ways I can think of to give you the answer you seek. You DO have a functional solution right now so just keep these ideas in the back of your mind.
-
@george1421 Yeah I am not versed in DNSmasq but it sounds like I need to be I will start looking at that also
-
@psycholiquid Just search the tutorials forum I have a few posts out there about dnsmasq.
-
#wiki worthy
@Psycholiquid thank you for the pictures and steps! I will get them included into the wiki when I can. @moderators and @testers if you have wiki access, you can help too!
