UNSOLVED TFTP Timeout
My new job uses SSDs with images on it in order to image machines, however it often gets VERY busy and we are limited by how many machines we can image at once, and which SSD has the newest image on it etc etc.
I spoke with my boss and we have decided that it would be easier for us to build an imaging server. I have decided to load Ubuntu Desktop LTS in a VM on one of our standard W10 images. I have finished the install all the way through and had our network admin change the DHCP settings so port 66 points to the servers static IP and 67 is undionly.kpxe. When I go to PXE boot with a test machine I get the TFTP timeout error. I have turned on TFTP in the Windows settings and turned off the firewall on the VM but it still errors out when I try to boot. Does anyone have any ideas?
@quinnby95 This is an interesting one…
We’ve hit on the simple ones, now lets look a bit deeper.
- Is selinux disabled:
sudo getenforceHopefully this returns Permissive
- is there anything in the tftp directory?
ls -la /tftpbootensure that undionly.kpxe exists in that directory as well as a bunch of other files.
- Are you using the proper tftp get command on the windows test system?
tftp <fog_server_ip> GET undionly.kpxe .?
- In /var/logs there may be a tftp log file it may be called in.tftp. See if there are any helpful messages in that log file. If you can’t find which log file to look into use this command
sudo grep -r tftp /var/log/*to find the name of the log file as well as display any entries with tftp in the name
Other infrastructure questions. Is the FOG server and the target computer on the same subnet?
- Is selinux disabled:
@george1421 The status is currently inactive, I turned off the firewall for both the Windows machine and Ubuntu and got the same results. I truly am at an impasse for why this is happening I spent the last week looking at other posts trying everything
@quinnby95 Run this command to see if the firewall is enabled.
sudo ufw status
If its running then issue this command to stop it.
sudo ufw disable
Since you are using a Desktop OS, I’m suspecting its enabled by default.
Once you stop the firewall, test again to download the file using a windows client.
@Sebastian-Roth That is correct, I can ping the machine but no TFTP. I thought maybe a firewall issue too so I tried disabling the Windows firewall entirely as well and got the same result.
That is the response from the IP Tables
@quinnby95 Ping works from an external machine but TFTP doesn’t? Do I get this right? Guess it is a firewall issue. Maybe Windows firewall and as well check the firewall in your VM:
sudo iptables -L -n -v
That is what shows up when I run the requested command
Yes when I installed FOG server I had SELINUX turned off as well as the firewall
@quinnby95 OK excellent on the checks, now we have a path forward.
I want you to key in the following command on your FOG server linux console.
sudo netstat -an|grep :69
You may get a few lines depending on how busy your fog server is but the key line I’m looking for is this:
udp 0 0 0.0.0.0:69 0.0.0.0:*
This tells us that the tftp server is listening for connections.
Also I have to ask did you perform the prerequisites before installing FOG?
- Set selinux to permissive
- Disable the firewall on the FOG server?
DHCP option 66 points to the VM with the server installed (192.168.1.72) and option 67 points to undionly.kpxe.
When I try to pull the undionly from the 3rd computer it times out.
@quinnby95 OK then lets get started,
What do you have (exactly) for dhcp options 66 and 67?
If you install the tftp client windows feature can you use (from windows command line) use the tftp -get command to pull undionly.kpxe from the fog server to this third computer?
My apologies, it is a BRIDGED adaptor. I am trying to boot it physically on the network. I have tried pinging the servers IP address from a 3rd PC and it does receive a response, so other computers can find it on the network
Lets get a little clarity on this one. Is it bridged or NAT? They have different implications.
Is the computer you are trying to pxe boot on the same VM Hypervisor host or it is physically on the network somewhere?
If it is physically on the network somewhere, from a third computer on the same subnet as your pxe booting computer, can you ping the FOG server’s IP address?
It is a bridged NAT, the Windows itself has a static IP of 192.168.1.71 and the VM has a static IP of 192.168.1.72.
It is Ubuntu 18.104.22.168 LTS, using VirtualBox
This post is deleted!
@quinnby95 What does the network setup of that VM look like? What kind of VM is it by the way?