TFTP Open Timeout on New Fog Install

fhrivers

@Sebastian-Roth I disabled firewalld in CentOS.

fhrivers

@Sebastian-Roth Here’s the output of my iptables:

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

fhrivers

@george1421 Where is the output.pcap file saved?

george1421

@fhrivers It would be saved in the directory where you ran the tcpdump command.

fhrivers

After much frustration, I set up another Fog installation on Ubuntu that is working much better. I still get a “TFTP open timeout” but at least I can transfer TFTP in both Windows and on the Fog server.

So there’s something wrong with my CentOS install. I reinstalled it twice and followed the Wiki instructions to the T.

fhrivers

Okay, I managed to upload a PCAP from Wireshark:

Wireshark Capture

george1421

@fhrivers Looking at it now.

george1421

@fhrivers Look at the FOG forum chat bubble (upper right hand corner of the browser window) for additional information.

I’m almost suspecting its your dhcp server at fault here. I want you to test the following on a windows computer connected to the same subnet as the pxe booting computer.

1. Install the tftp client feature into windows 7 or windows 10 computer.
2. Temporary disable the windows firewall
3. With the tftp client feature installed key in the following into a windows command prompt tftp 172.16.10.21 GET undionly.kpxe . I’m interested in seeing if the file is downloaded. You can delete the file after it downloads, I’m only testing the process.

Let me know the results.

fhrivers

@george1421 I tested that earlier. It works.

george1421

@fhrivers said in TFTP Open Timeout on New Fog Install:

@george1421 I tested that earlier. It works.

Ah, sorry I missed that in the thread. Since tftp is working from the fog server to the windows computer, I’m going to suggest that you disable the pxe boot information on your meraki dhcp server and switch over to using dnsmasq on your FOG server. In the configuration I’m going to give you dnsmasq will only provide the pxe boot information to the client all other dhcp information will come from your main dhcp server.

I have a tutorial here on how to install dnsmasq. Use my configuration file from the tutorial just be sure to update the tag with the IP address of your FOG server. If you have clients on a different subnet then you will need to update your router’s dhcp-relay service. But I’m not seeing that is the case from your pcap file.

https://forums.fogproject.org/topic/12796/installing-dnsmasq-on-your-fog-server

george1421

The OP was able to get things running using dnsmasq. It appears that the meraki dhcp server doesn’t provide enough information to the pxe booting computer. The advantage of dnsmasq (as well as simply working) it will dynamically provide the correct pxe boot loader based on the pxe booting client. That is something the meraki dhcp server isn’t capable of providing.

fhrivers

Much thanks, George and others for the help. As well as saving my company thousands of dollars!