Hosts are looking for tftp server.
-
@marted said in Hosts are looking for tftp server.:
dhcp-range=192.168.149.43,proxy,255.255.252.0
The first thing jumping at me is the subnet mask. While it’s fine to do subnetting I am just wondering if you really intend to do this or if it’s a typo in the config?
In the PCAP I can see some kind of DHCP relay answering as well - not exactly sure but it seems like it - IP 192.168.148.1.
There is some information missing in the PCAP file. This was probably captured on the FOG server, right? To actually understand your network and be able to help we need more information and possibly a capture taken from a different host (or monitoring port) in your network.
-
ok I see a few things.
in the pcap
- I’m not seeing a offer from your main dhcp server, only the proxydhcp server (the fog server 149.43)
- In the offer from the proxydhcp server its sending the next server name but not the boot file name.
- I’m seeing a discover packet from 149.1 which seems to be a router via a dhcp-helper service?? The computer sending the discover appears to be reflecting back through the dhcp-helper service. Its a dell computer in uefi mode.
in your dnsmasq configuration remove the subnet mask from the dhcp-range. You don’t want to enable other services on the dnsmasq service other than proxydhcp.
I do see it strange that we don’t see an offer from your main dhcp server.
-
@george1421 I need the dhcp range. I do pxe on 4 segments 192.168.148.0. 192.168.149.0 192.168.150.0 and 192.168.151.0
-
@george1421 @Sebastian-Roth can I add some lines in my dnsmasq config which tells the tftp server. I think I saw that somewhere. I went today to other completely different lab with the same new model with new fog server I have just installed and I used the dnsmasq config like example to activate dhcp proxy and again the same problem, 40 hosts 15 ask for tftp server and when I enter it works.
-
@marted proxydhcp only provides pxe boot info not dhcp information. proxydhcp doesn’t care about subnets.
What device is your main dhcp server?
-
@george1421 do I have change it like this
@marted said in Hosts are looking for tftp server.:
dhcp-range=192.168.149.43,proxy
-
@marted yes, exactly like in the tutorial
-
@george1421 I still don’t understand why we don’t see an offer packet from your main dhcp server.
What is your dhcp server?
Is the pxe booting target computer on the same subnet as the fog server?
What I see is a non-standard pxe boot. The client is getting an ip address from somewhere because its talking to the tftp server -
@george1421 Ok , I’ll try tomorrow.
It’s very very strange all this. Same hosts yesterday just one asked for TFTP server. Today 15 hosts ???
With this config I use fog almost 4 months on different models HP and I saw one or two times to ask me for tftp server -
@george1421 the client takes IP from DHCP of the University. Me in the lab I use dnsmasq for proxy server. My server 192.168.149.43 is configured like IP helper in the switch of my lab which has 4 subnet and 400 hosts. We have only one address NAT for all hosts 132.208… which address all hosts use for exit address. It works like router . DHCP of the University is on 132.208. and works fine it gives IP
Exit address 192.168.148.1
-
@marted Well what I’m saying is if the fog server and the pxe booting computer is on the same subnet, then what I see in the pcap is non-standard.
The standard dhcp/pxe boot is this.
Client -> Discover
DHCP -> Offer
ProxyDHCP -> Offer
Client -> Request
DHCP -> ACK
Client to ProxyDHCP -> Boot info request (udp port 4011)
ProxyDHCP to Client -> Boot info (udp port 4011)
Client -> TFTP server boot file size
TFTP -> Client boot file size is
Client -TFTP server give me file XXXXThat is what I expect to see.
Its possible that your dhcp-relay service is sending the off subnet dhcp offer via a unicast, in that case the fog server wouldn’t see it.
BUT what I see in the pcap is
Discover
Offer from proxy dhcp
then right away another Discover from the client. This means it didn’t get an acceptable offer to give it an IP address.This is non-standard.
-
@george1421 I reinstalled recently the server with https .
first time When I installed it I put the DNS IP for the server but this time I just skipped it. !Maybe this is the problem. Our DNS is DHCP server
-
@marted As I see it right now this is NOT a FOG problem. You are not even to FOG yet. I’ll say that as long as the FOG server is NOT your DHCP server. There isn’t a fog configuration that would cause what I’m seeing so far. I’m not saying this to redirect any fault here. Its just that at this stage the communication is between the target computer and your dhcp server.
-
@george1421 when a host boot I see it takes ip from dhcp, I see the dhcp address, I see the fog server on dhcp proxy place and everything is fine just to tftp: server. I put tftp server and it boot in fog menu. Like I say 25 hosts boot and 10 to 15 hosts ask for tftp server BUT have already IP and ready, just tftp server missing. Next time I send task other hosts ask for tftp server, always different hosts
-
@marted Well lets start tomorrow by fixing the dnsmasq setting then grab another pcap of the pxe boot process. Lets make new assumptions based on the correct (and well tested) dnsmasq file.
There ARE tweaks we can make to the dnsmasq configuration file to cover certain circumstances.
Like in this section
pxe-service=X86PC, "Boot to FOG", undionly.kpxe pxe-service=X86-64_EFI, "Boot to FOG UEFI", ipxe.efi pxe-service=BC_EFI, "Boot to FOG UEFI PXE-BC", ipxe.efi
we can specify the boot server in the services line. It would look like this
pxe-service=X86PC, "Boot to FOG", undionly.kpxe, 192.168.149.43 pxe-service=X86-64_EFI, "Boot to FOG UEFI", ipxe.efi, 192.168.149.43 pxe-service=BC_EFI, "Boot to FOG UEFI PXE-BC", ipxe.efi, 192.168.149.43
Its not typical that we need to do that, but in certain environments it necessary.
-
@george1421 thank you so much. I’ll fix that tomorrow and will post the resold. Thanks again!
-
@george1421 said in Hosts are looking for tftp server.:
I still don’t understand why we don’t see an offer packet from your main dhcp server.
Because the capture was taken on the FOG server (I guess) and the DHCP offer & ACKs are not broadcasted but send directly (unicast MAC) to the client.
-
@Sebastian-Roth tel me how to make the test with wireshark to see the actual situation. Thanks
-
@marted For a single client you could use a monitoring port on the switch or connect it to a hub to capture the traffic. But it’s quite a task to do and you still don’t get the full truth. You’d need to capture on the DHCP server to get all the packets. But make sure you do filter on capture or later on using display filters and export to a new PCAP so we don’t have all your network traffic in it.
Capture filter:
port 67 or port 68 or port 4011
On the other hand you won’t see the TFTP requests on the FOG server this way.
-
@george1421 @Sebastian-Roth I chanced the options in dnsmasq, restarted and nothing changed, always 5 to 10 different hosts ask for tftp server after taking an IP from DHCP of the University ![0_1583510428281_547BADC4-E100-4376-B025-9D12F6A3F622.jpeg](Uploading 0%)