UEFI PXE boot



  • @george1421 okay I will post tomorrow, I not at work right now. Was trying to post but tcpdump wasn’t allowing me, something about being root preventing me from capturing.


  • Moderator

    @tesparza Well I’m still waiting to see the pcap of the pxe booting process. If nothing else it will tell us where the problem is not. Right now all we know it its not working. The tcpdump results you posted is suspect, since it only captured the tftp part of the pxe boot steps. I’m expecting to see a dhcp discover, offer, request, and ack packets. The details of those packets will give us a clue to what is not working.



  • @george1421 what do you think I’m doing wrong. I’m putting the PXEClient:Arch:00007 exactly because the binary matches the wiki pics. I know it has something to do with my DHCP server. Just don’t know what else to check


  • Moderator

    @tesparza I can appreciate that. The way the policies work is that if there isn’t an exact match with the policy the dhcp server will send out the default you have configured for dhcp option 67, which is of course undionly.kpxe. I can tell you for certain that the FOG wiki page about bios/uefi coexistence does work because I have my dhcp server setup exactly the same way as the wiki.



  • @george1421 No DHCP server is on the same subnet, it is local in that campus. The problem is it always just looks for undionly.kpxe it never attemps to boot from ipxe.efi even though i put the correct vendor and add the policy option 66 and 67


  • Moderator

    @tesparza said in UEFI PXE boot:

    because the IDF in my campus has the IP helper to route to my DHCP server

    So this tells me your pxe booting client is on a different subnet than your dhcp server? Is your fog server on the same subnet as your dhcp server? That pcap will tell us what is going on, especially if there is another actor we don’t know about. If the pxe client is on a different subnet, then take a laptop with wireshark to capture that side of the pxe booting. It won’t give us the same level of detail as from the FOG server, but at least we can see what the pxe client is saying as well as the dhcp server.



  • @Sebastian-Roth I’m a school campus, part of a school district. Each school has its own DHCP server. But the computer in my campus can only get IP’s from my DHCP because the IDF in my campus has the IP helper to route to my DHCP server.


  • Developer

    @tesparza Do you have a single DHCP server in your network? We have seen occasions where a pair of DHCP server not synced properly are causing a PXE boot issue.


  • Moderator

    @tesparza for arch 6, you need to have i386/ipxe.efi for the boot file.


  • Moderator

    @tesparza It would really help if you use the output file option and then upload the pcap here so we can take a look at it. That tcpdump command should have created more than just 2 packets. A normal dhcp process consists of at least 4 packets and then pxe boot many, many more. For centos you will probably need the -i interface command but the rest from my tutorial should produce an acceptable pcap.

    The one thing I didn’t ask was to have the pxe booting client, fog server and dhcp server on the same subnet. Or at the very minimum the fog server and pxe booting client on the same subnet to capture what we really need to see. That will show us what the client is saying about itself and what the dhcp server is telling it.



  • @george1421 0_1536877486802_Screen Shot 2018-09-13 at 5.24.32 PM.png I added added the 3 Arch



  • @george1421 [root@localhost admin]# tcpdump -i enp5s0 port 67 or port 68 or port 69 or port 4011
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on enp5s0, link-type EN10MB (Ethernet), capture size 262144 bytes
    17:21:59.974458 IP 10.154.18.65.ibm-abtact > localhost.localdomain.tftp: 43 RRQ “undionly.kpxe” octet tsize 0 blksize 1468
    17:21:59.977786 IP 10.154.18.65.pra_elmd > localhost.localdomain.tftp: 35 RRQ “undionly.kpxe” octet blksize 1468
    ^C
    2 packets captured
    2 packets received by filter
    0 packets dropped by kernel
    [root@localhost admin]#


  • Moderator

    @tesparza Could you use your FOG server to grab a pcap of these target system pxe booting? https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue

    You have to remember that there are 4 different flavors of uefi, the target computer tells what it is in its dhcp discovery packet.

    The 3 common uefi types are: Arch:0000x
    6 EFI IA32
    7 EFI BC (EFI Byte Code)
    9 EFI x86-64
    Your dhcp server needs to be configured for all three to cover all of the bases.



  • @Sebastian-Roth 0_1536850990307_Screen Shot 2018-09-13 at 10.02.47 AM.png I followed the steps one by one. Binary is the exact same so I typed the Arch:00007 correctly. But still it uses the undionly.kpxe instead of the ipxe.efi


  • Developer

    @tesparza said in UEFI PXE boot:

    MBP filename is undionly.kpxe

    Here is your issue. UEFI PXE booting needs to load a different binary, usually ipxe.efi. Seems like your vendor classes are simply not working right. Find instructions on how to properly setup your DHCP server here: https://wiki.fogproject.org/wiki/index.php?title=BIOS_and_UEFI_Co-Existence



  • @tesparza Quality is bad but it says
    Station IP address is 10.154.19.42
    Server IP address is 10.154.72.190 which is correct
    MBP filename is undionly.kpxe
    MBP filzesize is 97003 Bytes (I believe)
    Downloading MBP file…
    Then it just goes into Windows 10



  • 0_1536842966156_IMG_4373.PNG was able to slowmo and screen grab what it said. For some reason its looking for undionly.kpxe, but i have ipxe.efi setup.



  • @Sebastian-Roth Okay, I’m running FOG 1.5.4 and I’m running it on CENTOS 7. I’ll capture the video see if any errors happen. Also I’ll try the packet capture. I’ll upload ASAP


  • Developer

    @tesparza Could be different things causing this (firmware issue on the Prodesk 400 - not likely but possible, misconfigured DHCP, …) so we need to gather more information.

    Let’s start with the version of FOG and on which Linux OS you are running. Might play a role later on as well.

    Then I may ask you to get a good steady video of the boot process on screen. Rest the camera in front of the screen on a pile of books and make sure all the text on screen is readable (focused and no reflections). Best if you can capture the video in 60 fps - often called slow motion capture. Many smartphone cameras can do this nowadays. This way we hopefully see any hint on screen on why it fails. Upload the video and post a link here.

    If you don’t have a camera to do this we can go take a look at the network traffic and try to guess what’s wrong based on this. So on the FOG server install a package called tcpdump and run ip a s to figure out the name of the network interface. Then start: tcpdump -i ethX -w hpprodesk400.pcap ether host xx:xx:xx:xx:xx:xx (put in the interface name to capture packets on instead of ethX and exchange xx:xx:xx:xx:xx:xx with the clients MAC address to filter for those packets only)

    Let the tcpdump command just sit there, will only print one line. Now PXE boot your client till it starts off the OS and then stop tcpdump (ctrl+c). Upload the generated hpprodesk400.pcap file and post a download link so we can have a look.


Log in to reply
 

347
Online

6.2k
Users

13.6k
Topics

128.1k
Posts