VLAN Issues



  • Hello,

    I am trying to set up my network using separate VLANs for Gamers and Admins. My Fog server is on the Admin VLAN and the computers are on the Gamer VLAN. I can ping the fog server from the Gamer VLAN with no problem. My firewall is set up with ipxe.efi and the computers have network stack enabled and Network Boot as the first option. When I start the computers though they will search IPv4 and IPv6 for a long time and then just boot to the drive. When I disable the VLAN for the fog server so it is open to the entire network it works. Is there a setting in fog I need to adjust or does anyone know if I need to adjust the VLAN or Firewall settings? We use Unifi switches and all our other servers on the Admin VLAN have no problem communicating with the Gamer VLAN.


  • Moderator

    @nerdstburns Since the pxe booting computers are on a different subnet than the fog server, you will have to go the wireshark route.

    Install wireshark on a 2nd computer on the gamers vlan. Setup a capture filter of port 67 or port 68 and then pxe boot a computer until you get the error.

    The stop the wireshark capture. You should see a dhcp DISCOVER from the target computer and then one or more OFFERS from dhcp servers that heard the DISCOVER packet. Make sure you know these responding dhcp servers if you have more than one answer.

    Look at the OFFER packet (in the center section) and expand it there should be an ethernet header section where you would have …

    It may be just easier to post the pcap here or to a file share site and IM me the link. It would take me twice as long to type out what to look for than for me to just look at it.



  • Those are all enabled on the firewall and still having the same problem occurs. All PCs are UEFI enabled in the BIOS.


  • Moderator

    Is there any firewall between the admin network and the gamers network? (I might suspect yes). If so you will need to enable a series of protocols between the two networks (vlans/subnets). You will need to enable tftp, http, nfs, and ftp protocols between the vlans.

    Understand that ipxe.efi will only boot uefi computers. If you need to pxe boot both types of computers and your dhcp server doesn’t support dynamic booting (windows dhcp, linux, and pfsense does) then you can use the fog server to supply the dynamic boot file names, and leave your main dhcp server for managing the IP addresses for your network.


Log in to reply
 

313
Online

7.5k
Users

14.6k
Topics

137.7k
Posts