Trying to "Push" CentOS7 image on Lenovo P620
-
@sebastian-roth said in Trying to "Push" CentOS7 image on Lenovo P620:
at doesn’t work you can go all in and compile iPXE from the latest souce code:
code repo:The only reason is that since I don’t know Fog much yet, I didn’t to break what is working already (the BIOS deployment works quite well). But I’m open to upgrade, is it hard to update my server?
Regards,
-
Got a little bit further
I can see after NBP message:iPXE initialising devices…ok
iPXE 1.20.1+ (g4bd0) – Open Source Network Coot Firmware – http://ipxe.org
Features: DNS FTP HTTP HTTPS iSCSI TFTP VLAN AoE EFI Menu
Configuring (net0 “THE GOOD MAC ADRESS”) … No configuration methods succeeded (http://ipxe.org/040ee186)I have the feeling that I’m getting closer !
-
@hybride It would be interesting to know…
If you took a witness computer on the same IP subnet as the pxe booting computer. Load wireshark on it and use the capture filter of
port 67 or port 68or if you don’t want to use a capture filter (for some reason) use a display filter ofbootp. Start wireshark then pxe boot the target computer.You “should” see two sets of dhcp (DORA) communication. You should see something like this
Discover (from client)
Offer (from dhcp server)
Request (from client)
Ack (from server)This first set is from the uefi pxe rom asking for the boot file (snponly.efi) in this case. Then iPXE gets transferred to the target computer.
Now once iPXE boot loader boots it “should” generate a second dhcp (DORA) request to get an IP address just before it throws the no configuration method succeeded. What we would be looking for is if specifically we see the second group Discover and Offer packets sent.
-
@george1421 said in Trying to "Push" CentOS7 image on Lenovo P620:
tart wireshark then pxe boot the target computer.
Thank you Goerge, I’ll try with Wireshark (I’ll have to found out how do to it lol)
I’ll get back to you,
-
@hybride said in Trying to "Push" CentOS7 image on Lenovo P620:
iPXE 1.20.1+ (g4bd0)
Ok, now you are using the iPXE binaries we shipped with FOG 1.5.9. Definitely getting closer but not there yet.
Take a look at wireshark as George suggested and if that doesn’t get us to a solution you might still try compiling the latest iPXE source code and see if that binary works for your hardware.
-
@sebastian-roth Hi!
I’m struggling a bit with Wireshark as I can’t see or catch any packets on thoses ports (maybe it’s me who is not using wireshark correctly)
But I was able to get into à kinda shell (ipxe one) when booting and I can confirm that the computer is getting the proper IP (from the IP reservation pool). Here’s what I get:
Received DHCP answer on Interface net0
tftp://MY FOG IP SERVER/default.ipxe … Connection timed outCould it be this file that is older also?
-
@hybride said in Trying to "Push" CentOS7 image on Lenovo P620:
But I was able to get into à kinda shell (ipxe one) when booting and I can confirm that the computer is getting the proper IP (from the IP reservation pool). Here’s what I get:
Received DHCP answer on Interface net0
tftp://MY FOG IP SERVER/default.ipxe … Connection timed outWell that’s interessting. Seems like it is actually receiving an IP from the DHCP but then fails to download default.ipxe. The file is just a text based iPXE config file. You can simply edit it (
/tftpboot/default.ipxeon your FOG server). Don’t think there is an older version of it that could cause such an issue.From what you said other machines (e.g. legacy BIOS based ones) properly PXE boot to FOG, right? So the connection timeout we now see is not a general issue but only happens with the P620, right?
Wireshark would definitely be helpful to get a better understanding of what is happening on the network layer. Keep playing with it until you get the packets captured. On which machine do you run Wireshark? While some of the network communication is broadcasted over the whole subnet and can be captured anywhere - most traffic is unicast and needs to be captured at the communication endpoints (FOG server, easy - or client, harder) or in between (using an old network hub or monitoring port on a modern manageable switch).
The other option you still have is compiling iPXE binaries from the latest iPXE code - find the instructions in one of my earlier posts.
-
@sebastian-roth said in Trying to "Push" CentOS7 image on Lenovo P620:
Seems like it is actually receiving an IP from the DHCP but then fails to download default.ipxe.
I confirm that is what is happening, when I get into de iPXE shell and do “show ip” I do get the IP from my dhcp server.
my defautl.ipxe file contain this:
#!ipxe
cpuid --ext 29 && set arch x86_64 || set arch ${buildarch}
params
param mac0 ${net0/mac}
param arch ${arch}
param platform ${platform}
param product ${product}
param manufacturer ${product}
param ipxever ${version}
param filename ${filename}
param sysuuid ${uuid}
isset ${net1/mac} && param mac1 ${net1/mac} || goto bootme
isset ${net2/mac} && param mac2 ${net2/mac} || goto bootme
:bootme
chain http://MYFOGServerIP/fog/service/ipxe/boot.php##params
Indeed everything look fine (I guess)
From what you said other machines (e.g. legacy BIOS based ones) properly PXE boot to FOG, right? So the connection timeout we now see is not a general issue but only happens with the P620, right?
Yes, P620 (who does not have the option to change to “bios” mode. From there now I know that this FOG server most probably never worked on any kind of UEFI system.
Think I’m going to install Wireshark directly on the fogserver (CentOS server) If it can be done.
The other option you still have is compiling iPXE binaries from the latest iPXE code - find the instructions in one of my earlier posts.
I’ll have a look on this also
Can I do it on a side VM and then just copy all the “new” tftp folder on my Fog server?Thank you for your help! Very cool!
-
@hybride said in Trying to "Push" CentOS7 image on Lenovo P620:
Can I do it on a side VM and then just copy all the “new” tftp folder on my Fog server?
Sure! You actually don’t even need to copy all of the new compiled binaries. Just copy over the new
ipxe.efiand see if that makes a difference. If not also try the newsnponly.efijust to be sure. -
@sebastian-roth said in Trying to "Push" CentOS7 image on Lenovo P620:
n’t even need to copy all of the new compiled binaries. Just copy over the new ipxe.efi and see if that makes a difference. If not also try the new
Saddly I don’t have much luck with new compiled efi files
I’ll install Wireshark on my FOG server and see what I can track,
I’ll be back!
-
@sebastian-roth Here’s my wireshark capture file
Cheers!
-
@hybride said in Trying to "Push" CentOS7 image on Lenovo P620:
Here’s my wireshark capture file
Ok, that’s a good start. We see the TFTP transfer of
snponly.efifile. Though there is nothing else in the Wireshark dump. No DHCP packets nor any further TFTP request.Any chance you can get hold of an old network hub that you can connect between the Lenovo P620 and the network layer switch. Then connect another Windows notebook to that hub and capture the network traffic.
-
@sebastian-roth said in Trying to "Push" CentOS7 image on Lenovo P620:
o DHCP packets nor any further TFTP request
My fault I filtered my capture, here’s one with no filter in it.
Hope it does the job!
No filter this time
-
@Hybride In Wireshark use the display filter
eth.addr == e0:4f:43:e6:4a:3eto see all the packets sent from and received by the Lenovo P620 laptop. After the TFTP transfer (snponly.efi) we see packets of the second DHCP DORA done by iPXE (first one is done by the BIOS/UEFI firmware). And finally after that we see ARP resolution requests over and over.To me this looks like iPXE loaded on the L620 is able to actually send packets on the wire (as we see them arrive on the server side) but has problems to receive the answers. Otherwise it shouldn’t send the same ARP request so many times!
Still question is, why is it able to do the DHCP DORA (two packets sent and two packets received) but then fails to go ahead?!
Can you get to the iPXE shell again? Try sending a ping to the server:
ping x.x.x.xand let us know if this works. -
@sebastian-roth said in Trying to "Push" CentOS7 image on Lenovo P620:
(two packets sent and two packets received) but then fails to go ahead?!
I can’t ping anything, not even my gateway. I only get timeout.
-
@sebastian-roth Hello, just a minor correction: It’s a Lenovo Desktop P620 and the network card is a: Marvel AQtion 10Gbit Network Adapter
-
@Hybride Any chance you can get hold of an old network hub that you can connect between the Lenovo P620 and the network layer switch? Then connect another Windows laptop to that hub and capture the network traffic using Wireshark in that laptop.
-
@sebastian-roth Sadly I don’t have any at my office
-
@sebastian-roth I will check what I can do with some “port mirroring” maybe!
-
@sebastian-roth Well that was easier than I thought!
Here’s the file. But I’ve filtered the result a bit with this filter:
eth.addr == e0:4f:43:e6:4a:3eBecause there was a lot of stuff running on my laptop but just tell me if you prefer more detailled logs. But I would like to send the complete log to your email and not post it on the forum please.
