• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

PXE UEFI boot problems

Scheduled Pinned Locked Moved Unsolved
Windows Problems
3
14
10.2k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • E
    Eazis
    last edited by Mar 13, 2018, 10:56 AM

    I have some problems with booting UEFI in another network.
    First lets explain what we have:

    There are two different networks.
    Network one - quarantine network
    The FOG server is inside this network and use the DHCP server from the FOG.
    Network two - client network
    This network get his ip address from a Unifi DHCP server.

    Now lets explain what i want todo:
    We want to integrate the clients also to the PXE network so i can capture and deploy those system from the same PXE server to an Synology NAS center.

    Now lets explain what is the problem:
    Network one - quarantine network
    Everything here is working fine. I can boot from BIOS (legacy) and UEFI. We deploy here many systems on a day.
    Network two - client network
    I can start the PXE from the BIOS (legacy) but not from UEFI and i don’t know how i can resolve this problem.
    On the Unifi console there is an option DHCP Network boot and a filename. If i change this to ipxe.efi i will get the following message

    Checking Media Presence...
    Media Present
    Start PXE over IPv4.
    Downloading NBP File...
    Succeed to download NBP file
    

    After this it goes to boot into Windows.

    I have also attached an screenshot from my Unifi DHCP settings.
    0_1520938553230_937255bd-0d10-405c-8ce1-4a47e253cde3.JPG

    Can anyone help me with this, or tell me what i’m doing wrong???

    1 Reply Last reply Reply Quote 0
    • G
      george1421 Moderator
      last edited by Mar 13, 2018, 11:24 AM

      Before I can give you a clear answer, can you tell me why the FOG server is on the quarantine network? What problem are you trying to solve here?

      Is there any type of network IP routing between the two networks?

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

      E 1 Reply Last reply Mar 13, 2018, 12:07 PM Reply Quote 0
      • E
        Eazis @george1421
        last edited by Mar 13, 2018, 12:07 PM

        @george1421

        Because if the FOG server isn’t in the quarantine network i can’t do a multicast task.
        There a plenty of multicast tasks on this network everyday and this is the fastest way to do these multicast tasks.

        Yes there is a routing between this two networks. In the client network i can ping the fog server and visa versa.

        G 1 Reply Last reply Mar 13, 2018, 12:18 PM Reply Quote 0
        • G
          george1421 Moderator @Eazis
          last edited by Mar 13, 2018, 12:18 PM

          @eazis Ok, when you use industry specific key words like ‘quarantine’, I wanted to make sure there wasn’t something more going on here than expected.

          So for your business network, you want to do point to point (unicast) imaging only? If you want to do multicast imaging your router between the two subnets must support multicast routing.

          OK to your initial question. The issue you have is your dhcp server on your business network doesn’t support dynamic boot files. If you want to pxe boot both uefi and bios (legacy mode) computers, your dhcp server needs to be smart enough to send the appropriate boot file based on the pxe booting client computer. In the case of the fog server, it uses isc-dhcp server which has a specific configuration to dynamically switch between the two boot files.

          So if your dhcp server doesn’t support this you can use a ProxyDhcp server (like dnsmasq) to only supply the pxe booting information. This is not a dhcp server replacement (it can be, but not in this instance), but a dhcp add on function called ProxyDHCP. Where the dnsmasq server listens for a discover request from a pxe booting client and sends out a ProxyDHCP offer in addition to your primary dhcp server sending out a dhcp offer.

          Dnsmasq (or any other ProxyDHCP service) can run on the fog server, or on a windows or linux box on your business network.

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

          E 1 Reply Last reply Mar 13, 2018, 12:32 PM Reply Quote 0
          • E
            Eazis @george1421
            last edited by Eazis Mar 13, 2018, 6:33 AM Mar 13, 2018, 12:32 PM

            @george1421 said in PXE UEFI boot problems:

            @eazis Ok, when you use industry specific key words like ‘quarantine’, I wanted to make sure there wasn’t something more going on here than expected.

            So for your business network, you want to do point to point (unicast) imaging only? If you want to do multicast imaging your router between the two subnets must support multicast routing.

            OK to your initial question. The issue you have is your dhcp server on your business network doesn’t support dynamic boot files. If you want to pxe boot both uefi and bios (legacy mode) computers, your dhcp server needs to be smart enough to send the appropriate boot file based on the pxe booting client computer. In the case of the fog server, it uses isc-dhcp server which has a specific configuration to dynamically switch between the two boot files.

            So if your dhcp server doesn’t support this you can use a ProxyDhcp server (like dnsmasq) to only supply the pxe booting information. This is not a dhcp server replacement (it can be, but not in this instance), but a dhcp add on function called ProxyDHCP. Where the dnsmasq server listens for a discover request from a pxe booting client and sends out a ProxyDHCP offer in addition to your primary dhcp server sending out a dhcp offer.

            Dnsmasq (or any other ProxyDHCP service) can run on the fog server, or on a windows or linux box on your business network.

            In the client network (business network) there are only clients for UEFI. So there is no need for BIOS (legacy).
            I don’t need dynamic boot files on this network. So i thought if i change the filename to ipxe.efi then it will start in UEFI but this is only what i get

            Checking Media Presence...
            Media Present
            Start PXE over IPv4.
            Downloading NBP File...
            Succeed to download NBP file
            

            After this it goes to boot into Windows.

            If i change the filename back to undionly.kkpxe and change the BIOS to non-UEFI it will start over PXE.

            G 1 Reply Last reply Mar 13, 2018, 12:38 PM Reply Quote 0
            • G
              george1421 Moderator @Eazis
              last edited by Mar 13, 2018, 12:38 PM

              @eazis ok lets collect a bit more info then.

              1. What version of fog are you using?
              2. What is the manufacturer and model of the target hardware.
              3. Has the firmware been updated on the target hardware
              4. (which probably should be #1) Have you disabled secure boot on the target computer?

              What I find strange is that the iPXE kernel is not starting at all. This makes me think secure boot has not been disabled.

              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

              E 1 Reply Last reply Mar 13, 2018, 12:53 PM Reply Quote 0
              • E
                Eazis @george1421
                last edited by Mar 13, 2018, 12:53 PM

                @george1421

                1. Fog version: 1.5.0
                2. ASUS (EEE family) A4110
                3. No firmware changes
                4. Secure boot is disabled on target computer

                When i connect this computer to the “quarantine network” it can boot from UEFI.
                If i connect it back to the “client network” it can’t boot from UEFI…

                G 1 Reply Last reply Mar 13, 2018, 12:57 PM Reply Quote 0
                • G
                  george1421 Moderator @Eazis
                  last edited by Mar 13, 2018, 12:57 PM

                  @eazis To rule out the workstation from this problem, if you (have you) moved a non-pxe booting computer from the business network to the imaging network and confirmed it boots into the iPXE menu?

                  We are missing something here iPXE should boot no matter what subnet. The next steps will be to get wireshark setup to capture some packets.

                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                  E 1 Reply Last reply Mar 13, 2018, 1:05 PM Reply Quote 0
                  • E
                    Eazis @george1421
                    last edited by Mar 13, 2018, 1:05 PM

                    @george1421

                    Yes indeed.
                    That’s the strange thing…it don’t boot into iPXE
                    If i do the following command on the “client network” in Windows it download succesfully the file

                    F:\>tftp -i 10.54.68.102 GET ipxe.efi
                    Transfer successful: 994176 bytes in 1 second(s), 994176 bytes/s
                    
                    G 1 Reply Last reply Mar 13, 2018, 1:09 PM Reply Quote 0
                    • G
                      george1421 Moderator @Eazis
                      last edited by Mar 13, 2018, 1:09 PM

                      @eazis Again to rule out the workstation, please test a non-functioning one from the business network on the imaging network. We have seen some systems with pretty cruddy uefi firmware that have been fixed with firmware updates. I want to rule out a hardware issue before going to packet capture.

                      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                      E 1 Reply Last reply Mar 13, 2018, 1:12 PM Reply Quote 0
                      • E
                        Eazis @george1421
                        last edited by Mar 13, 2018, 1:12 PM

                        @george1421

                        There is no hardware issue, because if i rule out the workstation to the imaging network it boot into iPXE with UEFI

                        G 1 Reply Last reply Mar 13, 2018, 1:21 PM Reply Quote 0
                        • G
                          george1421 Moderator @Eazis
                          last edited by george1421 Mar 13, 2018, 7:22 AM Mar 13, 2018, 1:21 PM

                          @eazis Ok then, wireshark is the next steps, as well as tcpdump on the fog server.

                          On the fog server you will want to follow this guide: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue

                          In reality since your target computer is on another subnet, all you need is port 69 (tftp) the rest are dhcp and proxydhcp.

                          You will need a computer with wireshark loaded and on the same subnet as the non-pxe booting computer. Ideally this non-pxe booting computer should be on the same subnet as your main dhcp server. For wireshark you will want to run this capture filter port 67 or port 68

                          The process will be to start tcpdump on the fog server, then wireshark capture and then pxe boot a failing pxe boot system. As soon as the pxe boot system starts into windows then stop wireshark and then stop tcpdump. You can either review with wireshark or upload to a dropbox or google drive and I will review it. What we are looking for is the target system will send a dhcp discover packet. That packet will state the type of computer it is. Then your dhcp server should send out a dhcp offer. You should have only one offer from one dhcp server.

                          As for the pcap from the fog server, I’m interested in seeing the requested file is transferred completely.

                          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                          1 Reply Last reply Reply Quote 0
                          • E
                            Eazis
                            last edited by Mar 27, 2018, 3:31 PM

                            Sorry for the delay. I had some other problems to resolve.

                            Now the ASUS (EEE family) A4110 can boot from the PXE network. But i still have some clients with UEFI that can’t boot.
                            They have the following error:

                            Server IP address is 10.54.68.102
                            NBP filename is ipxe.efiÿ
                            NBP filesize is 0 Bytes
                            PXE-E23: Client recieved TFTP error from server
                            

                            It looks like that this ÿ is wrong. Any suggestions to resolve this? I have included tcpdump on the following link.
                            http://www.eazis.com/output.pcap

                            Many thanks.

                            1 Reply Last reply Reply Quote 0
                            • S
                              Sebastian Roth Moderator
                              last edited by Mar 27, 2018, 8:01 PM

                              @eazis said in PXE UEFI boot problems:

                              NBP filename is ipxe.efiÿ

                              Did you copy&paste the filename into the Unifi DHCP settings page? Maybe just clear the setting and re-type by hand to make sure there is no hidden character in that filename field. I can clearly see 0xff in the PCAP file… So either the Unifi DHCP is doing something really weird or there is a character in that field.

                              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                              1 Reply Last reply Reply Quote 0
                              • 1 / 1
                              • First post
                                Last post

                              157

                              Online

                              12.0k

                              Users

                              17.3k

                              Topics

                              155.2k

                              Posts
                              Copyright © 2012-2024 FOG Project