UEFI PXE boot

tesparza · Sep 13, 2018, 10:23 PM

@george1421 [root@localhost admin]# tcpdump -i enp5s0 port 67 or port 68 or port 69 or port 4011
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp5s0, link-type EN10MB (Ethernet), capture size 262144 bytes
17:21:59.974458 IP 10.154.18.65.ibm-abtact > localhost.localdomain.tftp: 43 RRQ “undionly.kpxe” octet tsize 0 blksize 1468
17:21:59.977786 IP 10.154.18.65.pra_elmd > localhost.localdomain.tftp: 35 RRQ “undionly.kpxe” octet blksize 1468
^C
2 packets captured
2 packets received by filter
0 packets dropped by kernel
[root@localhost admin]#

tesparza · Sep 13, 2018, 10:26 PM

@george1421 I added added the 3 Arch

george1421 · Sep 13, 2018, 10:35 PM

@tesparza It would really help if you use the output file option and then upload the pcap here so we can take a look at it. That tcpdump command should have created more than just 2 packets. A normal dhcp process consists of at least 4 packets and then pxe boot many, many more. For centos you will probably need the -i interface command but the rest from my tutorial should produce an acceptable pcap.

The one thing I didn’t ask was to have the pxe booting client, fog server and dhcp server on the same subnet. Or at the very minimum the fog server and pxe booting client on the same subnet to capture what we really need to see. That will show us what the client is saying about itself and what the dhcp server is telling it.

george1421 · Sep 13, 2018, 10:37 PM

@tesparza for arch 6, you need to have i386/ipxe.efi for the boot file.

Sebastian Roth · Sep 13, 2018, 11:15 PM

@tesparza Do you have a single DHCP server in your network? We have seen occasions where a pair of DHCP server not synced properly are causing a PXE boot issue.

tesparza · Sep 13, 2018, 11:36 PM

@Sebastian-Roth I’m a school campus, part of a school district. Each school has its own DHCP server. But the computer in my campus can only get IP’s from my DHCP because the IDF in my campus has the IP helper to route to my DHCP server.

george1421 · Sep 13, 2018, 5:59 PM

@tesparza said in UEFI PXE boot:

because the IDF in my campus has the IP helper to route to my DHCP server

So this tells me your pxe booting client is on a different subnet than your dhcp server? Is your fog server on the same subnet as your dhcp server? That pcap will tell us what is going on, especially if there is another actor we don’t know about. If the pxe client is on a different subnet, then take a laptop with wireshark to capture that side of the pxe booting. It won’t give us the same level of detail as from the FOG server, but at least we can see what the pxe client is saying as well as the dhcp server.

tesparza · Sep 13, 2018, 6:11 PM

@george1421 No DHCP server is on the same subnet, it is local in that campus. The problem is it always just looks for undionly.kpxe it never attemps to boot from ipxe.efi even though i put the correct vendor and add the policy option 66 and 67

george1421 · Sep 14, 2018, 12:31 AM

@tesparza I can appreciate that. The way the policies work is that if there isn’t an exact match with the policy the dhcp server will send out the default you have configured for dhcp option 67, which is of course undionly.kpxe. I can tell you for certain that the FOG wiki page about bios/uefi coexistence does work because I have my dhcp server setup exactly the same way as the wiki.

tesparza · Sep 14, 2018, 12:36 AM

@george1421 what do you think I’m doing wrong. I’m putting the PXEClient:Arch:00007 exactly because the binary matches the wiki pics. I know it has something to do with my DHCP server. Just don’t know what else to check

george1421 · Sep 14, 2018, 12:43 AM

@tesparza Well I’m still waiting to see the pcap of the pxe booting process. If nothing else it will tell us where the problem is not. Right now all we know it its not working. The tcpdump results you posted is suspect, since it only captured the tftp part of the pxe boot steps. I’m expecting to see a dhcp discover, offer, request, and ack packets. The details of those packets will give us a clue to what is not working.

tesparza · Sep 14, 2018, 12:47 AM

@george1421 okay I will post tomorrow, I not at work right now. Was trying to post but tcpdump wasn’t allowing me, something about being root preventing me from capturing.

george1421 · Sep 13, 2018, 6:48 PM

@tesparza do you have the centos firewall on? I would think you would have imaging issues if it was enabled.

tesparza · Sep 14, 2018, 9:52 AM

@george1421 it’s enabled, but has the exception specified in the wiki guided

george1421 · Sep 14, 2018, 9:52 AM

@tesparza for the purpose of these testing please stop the centos firewall with systemctl stop firewalld then use tcpdump command. We need to see packets that would normally be dropped by the firewall.