Hosts are looking for tftp server.



  • We have just receved new computers Dell AIO 7470 and we found that when we send wake up on LAN, approximately 10 hosts from total of 25, block on tftp server and ask to enter it when we boot pxe. Second test different hosts make the same thing. We got the wiresharck file and please somebody to check it. This is a brand new model in our lab. I can show you too the dnsmasq config, just in case me missed something there.
    output.pcap

    # Don't function as a DNS server:
    port=0
    
    # Log lots of extra information about DHCP transactions.
    log-dhcp
    
    # Set the root directory for files available via FTP.
    tftp-root=/tftpboot
    
    # The boot filename, Server name, Server Ip Address
    dhcp-boot=undionly.kpxe,,192.168.149.43
    
    # Disable re-use of the DHCP servername and filename fields as extra
    # option space. That's to avoid confusing some old or broken DHCP clients.
    dhcp-no-override
    
    # inspect the vendor class string and match the text to set the tag
    dhcp-vendorclass=BIOS,PXEClient:Arch:00000
    dhcp-vendorclass=UEFI32,PXEClient:Arch:00006
    dhcp-vendorclass=UEFI,PXEClient:Arch:00007
    dhcp-vendorclass=UEFI64,PXEClient:Arch:00009
    
    # Set the boot file name based on the matching tag from the vendor class (above)
    dhcp-boot=net:UEFI32,i386-efi/ipxe.efi,,192.168.149.43
    dhcp-boot=net:UEFI,ipxe.efi,,192.168.149.43
    dhcp-boot=net:UEFI64,ipxe.efi,,192.168.149.43
    
    # PXE menu.  The first part is the text displayed to the user.  The second is the timeout, in seconds.
    pxe-prompt="Booting FOG Client", 1
    
    # The known types are x86PC, PC98, IA64_EFI, Alpha, Arc_x86,
    # Intel_Lean_Client, IA32_EFI, BC_EFI, Xscale_EFI and X86-64_EFI
    # This option is first and will be the default if there is no input from the user.
    pxe-service=X86PC, "Boot to FOG", undionly.kpxe
    pxe-service=X86-64_EFI, "Boot to FOG UEFI", ipxe.efi
    pxe-service=BC_EFI, "Boot to FOG UEFI PXE-BC", ipxe.efi
    
    dhcp-range=192.168.149.43,proxy,255.255.252.0
    

  • Senior Developer

    @marted Just want to keep this topic up as it might be very helpful for others. Not sure if you have time and access to systems right now though.


  • Moderator

    @marted Any hints you could provide the next guy would be appreciated. If one person has the problem there will be 10 other later. So if you have a step by step or at least a general guide that can be added to the wiki it would be well accepted.

    I’m glad you have it working now so you can get back to imaging and not messing under the hood with networking infrastructure.



  • @george1421 you’re right. It was a challenge to figured out the way to boot BIOS and UEFI clients with Infoblox… but We did it 🙂 and I’m so happy. The info I saw in fogwiki for Windows 2012 server it wasn’t work well on Infoblox. Creating a general roule for Bios clients with .kpxe file and add a filter for UEFI clients didn’t work at all. But what we figured out was that we can simply delete all general config IPV4 and BOOTP and create three IPV4 filters for BIOS 00000 , UEFI 00007 and UEFI 00009. And it works. 5 hours tests but it works 🙂 . And I was wondering if you want guys to add this info in your wiki or I can add it.
    @george1421 @Sebastian-Roth I can prepare a page with all screenshots for all config we did on Infoblox server and I think will be quite handy for people who want to use the principal DHCP for delivering information for boot file and tftp server.
    Thanks again for your help and I’m so happy 😁 it works now without any proxy DHCP !


  • Moderator

    @marted I remember infoblox from another thread. I guess we need to be mindful of this thread if we see issues here

    https://forums.fogproject.org/topic/11749/uefi-pxe-not-downloading-ipxe-efi-file?_=1583888282658


  • Senior Developer

    @marted said in Hosts are looking for tftp server.:

    Now I need just to put the files without /tftboot in front right?

    Yes



  • @Sebastian-Roth thanks for the answer.
    Now I need just to put the files without /tftboot in front right?


  • Senior Developer

    @marted Because it’s the first file we tell iPXE to load. Take a look at the ipxescript we embed into the iPXE binaries: https://github.com/FOGProject/fogproject/blob/master/src/ipxe/src/ipxescript



  • @Sebastian-Roth just from curiosity— why when a client boot I see default.ipxe like a file boot

    2AB78975-2D7B-4161-B845-0088F0AE519E.jpeg


  • Senior Developer

    @marted said:

    Finally the University accepted to add the info for tftp on the main dhcp and like this I can stop the dnsmasq.
    Ohhh wow. Keeping my fingers crossed this will fix your issue!

    but on 67 I don’t know how to provide the syntax of the boot file.

    They need to add several ones for different vendor classes. Hope infoblox is able to do this.

    • undionly.kpxe for legacy BIOS machines (vendor class PXEClient:Arch:00000)
    • ipxe.efi for most UEFI machines (vendor class PXEClient:Arch:00006 and PXEClient:Arch:00009)
    • i386-efi/ipxe.efi for some weird 32 bit UEFI devices (vendor class PXEClient:Arch:00007 - but seldomly used at all).

    The first two are important!



  • @george1421 @Sebastian-Roth
    Please somebody to help me with the options 66 67
    on windows DHCP (Infoblox). Finally the University accepted to add the info for tftp on the main dhcp and like this I can stop the dnsmasq.
    On 66 I put the IP of the server 192.168.149.43
    but on 67 I don’t know how to provide the syntax of the boot file. Do I have to write /tftpboot/default.ipxe or I write directly default.ipxe
    Thanks


  • Moderator

    @marted I can’t speak for this setting since I’ve never used it.

    dhcp-range=eth10,192.168.148.254,proxy
    dhcp-range=eth11,192.168.149.254,proxy
    dhcp-range=eth12,192.168.150.254,proxy
    dhcp-range=eth13,192.168.151.254,proxy
    

    I can say for 99% of the dnsmasq installs this line is all that is needed.

    dhcp-range=<fog_server_IP>,proxy
    

    Just for clarity this is a new vm and not the fog server where dnsmasq is installed?

    So if you are on a subnet where these 5-7 workstations ask for the tftp server. If you have wireshark loaded on a third computer with the capture filter of port 67 or port 68 do you only see one or 2 offers? There has to be still something else going on here. Dnsmasq should be fast enough to respond to 100s of requests per second.



  • @george1421
    I created 4 interfaces

    inet 192.168.149.43/22 brd 192.168.151.255 scope global dynamic noprefixroute ens32
        inet 192.168.148.254/22 brd 192.168.151.255 scope global eth10:0
        inet 192.168.149.254/22 brd 192.168.151.255 scope global eth11:0
        inet 192.168.150.254/22 brd 192.168.151.255 scope global eth12:0
        inet 192.168.151.254/22 brd 192.168.151.255 scope global eth13:0
    
    

    I changed the dnsmasq conf like this

    dhcp-range=eth10,192.168.148.254,proxy
    dhcp-range=eth11,192.168.149.254,proxy
    dhcp-range=eth12,192.168.150.254,proxy
    dhcp-range=eth13,192.168.151.254,proxy
    

    but nothing changed, I mean I still have 5 to 7 posts asking for tftp server.
    Could you check the config. Maybe I missed something.

    dnsmasq status

    root@foglabunix:/var/log# clear
    root@foglabunix:/var/log# nano /etc/dnsmasq.d/ltsp.conf
    root@foglabunix:/var/log# nano /etc/dnsmasq.d/ltsp.conf
    root@foglabunix:/var/log# systemctl status dnsmasq
    ● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
       Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
       Active: active (running) since Tue 2020-03-10 13:35:28 EDT; 10min ago
      Process: 4589 ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf (code=exited, status=0/SUCCESS)
      Process: 4606 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
      Process: 4597 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
      Process: 4596 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
     Main PID: 4605 (dnsmasq)
        Tasks: 1 (limit: 4915)
       CGroup: /system.slice/dnsmasq.service
               └─4605 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,19036,8,2,49aac11d7b6f6446702e54a16073
    
    Mar 10 13:46:06 foglabunix dnsmasq-dhcp[4605]: 2327500257 available DHCP subnet: 192.168.150.254/255.255.252.0
    Mar 10 13:46:06 foglabunix dnsmasq-dhcp[4605]: 2327500257 available DHCP subnet: 192.168.151.254/255.255.252.0
    Mar 10 13:46:06 foglabunix dnsmasq-dhcp[4605]: 2327500257 vendor class: MSFT 5.0
    Mar 10 13:46:06 foglabunix dnsmasq-dhcp[4605]: 2327500257 client provides name: C42145
    Mar 10 13:46:10 foglabunix dnsmasq-dhcp[4605]: 2327500257 available DHCP subnet: 192.168.148.254/255.255.252.0
    Mar 10 13:46:10 foglabunix dnsmasq-dhcp[4605]: 2327500257 available DHCP subnet: 192.168.149.254/255.255.252.0
    Mar 10 13:46:10 foglabunix dnsmasq-dhcp[4605]: 2327500257 available DHCP subnet: 192.168.150.254/255.255.252.0
    Mar 10 13:46:10 foglabunix dnsmasq-dhcp[4605]: 2327500257 available DHCP subnet: 192.168.151.254/255.255.252.0
    Mar 10 13:46:10 foglabunix dnsmasq-dhcp[4605]: 2327500257 vendor class: MSFT 5.0
    Mar 10 13:46:10 foglabunix dnsmasq-dhcp[4605]: 2327500257 client provides name: C42145
    lines 1-22/22 (END)
    

  • Senior Developer

    @marted @george1421 Nice things you guys worked out. I am at a loss with this. Can’t really believe that dnsmasq is not able to respond to 20 clients “at the same time”. Though I don’t have a really good idea on how to tackle this issue.

    Well here is one other thing you can try. Check to see if the switch you have all the clients hooked to with some running into the issue. See if you can setup a port mirror to receive all the communication from one (or a couple) of the client port on a mirror port. Hook up a laptop/PC to that mirror port, assign a static IP to it (doesn’t matter which because we don’t need it to comuinicate with the network, we just want to make sure it does not send out DHCP requests itself). Install wireshark and capture all the traffic up to the point where you have DHCP information captures with hosts that show the “enter tftp” message. Now filter the wireshark capture to only see information with that MAC address. I would be really interested to actually see what DHCP information it received.



  • @george1421 @Sebastian-Roth now before start creating 4 interfaces I made some changes and it gives some results.
    First I delete the server form IP Helper in the private switch and on the DHCP of the University we configured the server like a tftp-server. Means once the client contact the DHCP for IP will take the information for the tftp server. This one I think solved the problem of multi requests in the network but did not solve the problem with the hosts which ask for tftp server.
    Second I changed a little bit the config of dnsmasq. I replaced 192.168.149.43,proxy with

    dhcp-range=192.168.148.0,proxy
    dhcp-range=192.168.149.0,proxy
    dhcp-range=192.168.150.0,proxy
    

    and now i have only 3 or 4 client ask for tftp. Only with the first changes and no changes in dnsmasq i had still 10 posts asking for tfpt server

    This is a part of the log now from dnsmsaq log.

    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3819419945 next server: 192.168.149.43
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3819419945 broadcast response
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3819419945 sent size:  1 option: 53 message-type  2
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3819419945 sent size:  4 option: 54 server-identifier  192.168.149.43
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3819419945 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3819419945 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:32:00:10:38:80:31:c3:c0:4f...
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 vendor class: PXEClient:Arch:00007:UNDI:003016
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 PXE(ens32) 00:4e:01:c6:11:fc proxy
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 tags: UEFI, ens32
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 next server: 192.168.149.43
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 broadcast response
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 sent size:  1 option: 53 message-type  2
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 sent size:  4 option: 54 server-identifier  192.168.149.43
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3434271658 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:32:00:10:37:80:57:c3:c0:4f...
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 vendor class: PXEClient:Arch:00007:UNDI:003016
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 PXE(ens32) 00:4e:01:c6:35:9e proxy
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 tags: UEFI, ens32
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 next server: 192.168.149.43
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 broadcast response
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 sent size:  1 option: 53 message-type  2
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 sent size:  4 option: 54 server-identifier  192.168.149.43
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 3095135073 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:32:00:10:37:80:59:c3:c0:4f...
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 2455006384 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 2455006384 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 2455006384 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 2455006384 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 2455006384 vendor class: MSFT 5.0
    Mar 10 12:51:57 foglabunix dnsmasq-dhcp[31581]: 2455006384 client provides name: C39986.ens.uqam.ca
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 vendor class: PXEClient:Arch:00007:UNDI:003016
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 PXE(ens32) 00:4e:01:c5:f4:67 proxy
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 tags: UEFI, ens32
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 next server: 192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 broadcast response
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 sent size:  1 option: 53 message-type  2
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 sent size:  4 option: 54 server-identifier  192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2108649736 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:32:00:10:43:80:56:c3:c0:4f...
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 vendor class: PXEClient:Arch:00007:UNDI:003016
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 PXE(ens32) 00:4e:01:c5:eb:ab proxy
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 tags: UEFI, ens32
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 next server: 192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 broadcast response
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size:  1 option: 53 message-type  2
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size:  4 option: 54 server-identifier  192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:32:00:10:42:80:56:c3:c0:4f...
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 vendor class: PXEClient:Arch:00007:UNDI:003016
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 PXE(ens32) 00:4e:01:c6:2b:3f proxy
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 tags: UEFI, ens32
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 next server: 192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 broadcast response
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size:  1 option: 53 message-type  2
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size:  4 option: 54 server-identifier  192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:32:00:10:37:80:56:c3:c0:4f...
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 vendor class: PXEClient:Arch:00007:UNDI:003016
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 PXE(ens32) 00:4e:01:c5:e7:6d proxy
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 tags: UEFI, ens32
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 next server: 192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 broadcast response
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 sent size:  1 option: 53 message-type  2
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 sent size:  4 option: 54 server-identifier  192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 648478975 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:32:00:10:43:80:5a:c3:c0:4f...
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 vendor class: PXEClient:Arch:00007:UNDI:003016
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 PXE(ens32) 00:4e:01:c6:25:55 proxy
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 tags: UEFI, ens32
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 next server: 192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 broadcast response
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size:  1 option: 53 message-type  2
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size:  4 option: 54 server-identifier  192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 153622816 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:32:00:10:48:80:31:c3:c0:4f...
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 vendor class: PXEClient:Arch:00007:UNDI:003016
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 PXE(ens32) 00:4e:01:c6:12:2d proxy
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 tags: UEFI, ens32
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 next server: 192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 broadcast response
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 sent size:  1 option: 53 message-type  2
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 sent size:  4 option: 54 server-identifier  192.168.149.43
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 1703402172 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:32:00:10:37:80:33:c3:c0:4f...
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2521786052 available DHCP subnet: 192.168.148.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2521786052 available DHCP subnet: 192.168.149.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2521786052 available DHCP subnet: 192.168.150.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2521786052 available DHCP subnet: 192.168.151.0/255.255.252.0
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2521786052 vendor class: PXEClient:Arch:00007:UNDI:003016
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2521786052 PXE(ens32) 00:4e:01:c6:26:86 proxy
    Mar 10 12:52:01 foglabunix dnsmasq-dhcp[31581]: 2521786052 tags: UEFI, ens32
    

  • Moderator

    @marted said in Hosts are looking for tftp server.:

    Now how to make an interface on each subnet in one dnsmasq? add info in the same config file or crate 4 different config files. Could you help me with that?

    Understand this is on a new server not fog. But just create a new server with 4 interfaces. Place each interface on each subnet. There is only one config file because there is no reference to any subnet or mask in the config file. Make sure that the dhcp-helper service forgets about dnsmasq because everything will be handled locally. Once the server is setup, if we have to, we could create and install 4 instances of dnsmasq each bound to a different subnet and each with its own config file. But I don’t think that is necessary. One instance and one config file should be enough.



  • @george1421 said in Hosts are looking for tftp server.:

    VM (not the fog server) with dnsmasq running with an interface on each subnet would also work.

    Wow @george1421 very useful information. Now how to make an interface on each subnet in one dnsmasq? add info in the same config file or crate 4 different config files. Could you help me with that?
    Why we just not use the integrated tftp server with dnsmasq with the option enable-tftp and give the dnsmasq informaiton that we accept requests from 4 subnet?


  • Moderator

    @marted said in Hosts are looking for tftp server.:

    The Dnsmasq is not capable to handle many requests at a time.

    Its possible on a really busy FOG server that dnsmasq doesn’t have enough time to respond to all of the requests, but I find that a bit hard to believe. You could try to move dnsmasq to a standalone linux server to see if it helps. But I don’t think the speed of dnsmasq is your issue here.

    While its not a clean solution you could place a dnsmasq server on each of the 4 subnets and then remove the fog server from the dhcp-helper service. Each dnsmasq server on each subnet would be responsible for providing the pxe boot information for just that subnet. Just thinking out of the box, but a raspberry pi running raspbian would work for the dnsmasq server on each subnet. A standalone VM (not the fog server) with dnsmasq running with an interface on each subnet would also work.


  • Moderator

    @Sebastian-Roth said in Hosts are looking for tftp server.:

    Have you looked at why DHCP queries come in duplicated?

    I think I can explain this (or at least make up something that sounds good).

    What I saw in a previous pcap on this issue was with the target computer on the same subnet as the FOG server (running dnsmasq) but the main dhcp server is on a different subnet. When the target issued a DHCP discover, there was an OFFER from dnsmasq (as it should) but there was also an OFFER from the dhcp-helper service on the subnet router. This OFFER from the dhcp-helper service was a reflection of the dhcp OFFER from dnsmasq.

    (educated guess follows) The dhcp-helper service is configured to listen on the interface where the fog server is as well as the target computer. It is configured this way to allow the remote dhcp server to reply dhcp requests on the local subnet. This is standard and typical. Now for dnsmasq to reply with pxe boot information for remote subnets we would typically add the dnsmasq server as the last server in the dhcp-helper service. This would then inform the dnsmasq server when a client was pxe booting on a remote subnet. The problem comes where the dhcp-helper service is listening on the same subnet where the dnsmasq server is. The dnsmasq server replies to the OFFER directly to the target computer, but the dhcp-helper service also hears the DISCOVER and as its programmed sends to the DISCOVER to dnsmasq where it replies to the dhcp-helper service which then echos the OFFER from dnsmasq back to the target computer generating 2 offers from the same service (dnsmasq) from only one DISCOVER request.



  • @Sebastian-Roth said in Hosts are looking for tftp server.:

    Have you looked at why DHCP queries come in duplicated?

    I have no idea. I looked in the config file. Nothing different than your example in wiki. I’ll make today a test with tcpdump on 69 to see the traffic info on the server. Also I’ll check this options in dnsmasq like:

    --tftp-no-fail
    Do not abort startup if specified tftp root directories are inaccessible.
    --tftp-max=<connections>
    Set the maximum number of concurrent TFTP connections allowed. This defaults to 50. When serving a large number of TFTP connections, per-process file descriptor limits may be encountered. Dnsmasq needs one file descriptor for each concurrent TFTP connection and one file descriptor per unique file (plus a few others). So serving the same file simultaneously to n clients will use require about n + 10 file descriptors, serving different files simultaneously to n clients will require about (2*n) + 10 descriptors. If --tftp-port-range is given, that can affect the number of concurrent connections.
    --tftp-no-blocksize
    Stop the TFTP server from negotiating the "blocksize" option with a client. Some buggy clients request this option but then behave badly when it is granted.
    --tftp-port-range=<start>,<end>
    A TFTP server listens on a well-known port (69) for connection initiation, but it also uses a dynamically-allocated port for each connection. Normally these are allocated by the OS, but this option specifies a range of ports for use by TFTP transfers. This can be useful when TFTP has to traverse a firewall. The start of the range cannot be lower than 1025 unless dnsmasq is running as root. The number of concurrent TFTP connections is limited by the size of the port range.
    

    I’ll try also to capture a log with a different model clients to see if there is a différents.


Log in to reply
 

273
Online

7.2k
Users

14.4k
Topics

135.7k
Posts