Cannot PXE boot on Client PCs
-
@george1421 I updated the boot file name. Now the DHCP should be okay. From the attached image, you can see the Client PC can see the DHCP IP address, but then there’s the error of TFTP server response timeout. I still couldn’t see DHCP packets from either Wireshark or
tcpdumpbut now the client PC can see the DHCP IP. I am not sure if it’s okay? If not, then how can I configure DHCP packets on my network?tftpd-hpaon my server is active and running, and ufw firewall is blocked, but still cannot access TFTP from the client PC. What should I do in this case?tftp-hpa config:
# /etc/default/tftpd-hpa # FOG Modified version TFTP_USERNAME="root" TFTP_DIRECTORY="/tftpboot" TFTP_ADDRESS=":69" TFTP_OPTIONS="-s"netstat -antup | grep ":69"udp 0 0 0.0.0.0:69 0.0.0.0:* 739/in.tftpd udp6 0 0 :::69 :::* 739/in.tftpd
-
@zguo Ok this is a good start. Look at the “server” ip address, that should be your FOG server’s IP address. I’m guessing its your router’s IP address. As I mentioned before most soho routers put themselves as the boot-server / next-server.
We have to be missing something here, because you should be able to see the dhcp process with both tcpdump and wireshark, because the pxe booting computer is now getting the info.
-
@george1421 I powered on another PC, here DHCP IP here is 172.20.4.1? So this is like the previous one with the “server” IP written as 172.20.4.1?
I didn’t adjust the server IP address. It remains the same, it’s 172.20.4.25. Same with FOG and “next-server” in the router settings. Not sure why it shows 172.20.4.1. I guess maybe because the client PC cannot find the server, then it goes to the default gateway? Then back to the question, how can I let my client PC detect the server?
-
@george1421 Also, we confirmed that both the client and server are on the same subnet. Nothing is blocked between them
-
@zguo said in Cannot PXE boot on Client PCs:
Not sure why it shows 172.20.4.1. I guess maybe because the client PC cannot find the server, then it goes to the default gateway? Then back to the question, how can I let my client PC detect the server?
99% of the time, your dhcp server is not telling the pxe booting computer the right thing. And your dhcp server’s IP address is at .1
When you run wireshark are you running it as administrator AND are you picking the wired network interface to monitor. It should see multicast on any computer connected to the same subnet.
For wireshark, launch is as Administrator, then your wireshark startup screen should look like this before launching capture. If you don’t see any data or the ethernet port, then you did not run wiershark as admin. Make sure you enter a capture filter like this (1), and then select the network adapter where you see traffice (2)
-
@george1421 I followed your instructions and launched Wireshart as admin. Click this for my Wireshark file. The IP of the host with the Wireshark is 172.20.4.54, and the FOG server IP is 172.20.4.25. I only see they are communicating with port 80 (HTTP), not 67 or 68. If I run
tcpdumpon the FOG server, there’s more for port 22 (SSH), but still no for port 67 or 68. I don’t know why DHCP packets don’t exist. My router is Sophos. Anything could block the DHCP packets?And there’s a very small progress. I manually put the command of
chain http://172.20.4.25/fog/service/ipxe/boot.phpon the network boot page of the client host, so the client host can at least do the registration and inventory, and I can see the client host pops up on the FOG web. But since the client host still cannot find the FOG server automatically by the boot file, then I can’t capture the OS image.So what is the very first thing I should do now? Figuring out the network problem? But regarding the network, is that the thing I’m able to configure by myself, or do I have to contact the router provider?
Click here for the Sophos instruction. In their settings, they need both DHCP server and TFTP server. And looks like the DHCP server is defaulting the IP with
.1. The IP that could be changed is the one for the “TFTP server”, which is the setup I don’t have. Seems like now there’s a mismatch between the setup that Sophos expects and the FOG expects. How can we figure out this mismatch? It seems like I have to make the FOG server the “TFTP server”, and then set up another one as the DHCP server? -
@zguo said in Cannot PXE boot on Client PCs:
I don’t know why DHCP packets don’t exist. My router is Sophos. Anything could block the DHCP packets?
I agree looking at the pcap there are no broadcast messages period. That is abnormal for a busy network. I can’t understand how your network is working, but obviously it is because you have clients picking up dhcp based addresses, right?
When we have situations where soho routers are used or people have routers managed or are unchangeable by a third party, we would typically install DNSMASQ on the FOG server to supply the pxe boot info. This normally solves the pxe boot issue, but your pxe booting clients are not even getting a dhcp address, that is before pxe booting in the startup process.
I have a tutorial for installing dnsmasq on your fog server in under 10 minutes, but my confidence level is at 40% that it will solve your issue. Once your pxe booting clients can get a dhcp address, dnsmasq should take care of sending the right boot file to your pxe booting computers. https://forums.fogproject.org/topic/12796/installing-dnsmasq-on-your-fog-server
This may be a question for your networking admins, but are you running dhcp snooping on your network. This would be a feature of your network switches to block and or limit rouge dhcp servers on your network. I don’t know if that would restrict broadcast messages. You have something strange (something I haven’t seen before) going on in your environment.
-
@george1421 Bravo!
dnsmasqworks. Now I can capture the OS image. Thank you very much! -
@george1421 I am running into the PXE boot problem on the ASUS motherboard, but other PCs work well for capturing and deploying the OS images. Here in this attached picture, you see that the server IP is correct, and a message “NBP file downloaded successfully”. But after that, it’s not booting to the FOG but just booting into the hard drive. The secure boot is disabled. I found that this ASUS machine can only do PXE boot with UEFI, but not with legacy. Should I change something on
dnsmasq(ltsp.confin/etc/dnsmasq.d), or I should perform other changes?Edit: The main issue might be “NBP file size is 0 Bytes”, so it didn’t technically download the boot file
-
@george1421 The size of
ipxe.efiis 0 in the FOG server. So the booting page on the ASUS is not wrong. Is that normal?What I did with
dnsmasqwas just following your instruction. In/etc/dnsmasq.d/ltsp.conf, only edit<fog_server_IP>is edited
-
@zguo This issue is not related to dnsmasq. Something has zeroed out the byte size of that boot file. If you can the quickest way to fix this is to just rerun the FOG installer, it will recreate/fix file that were changed since its last run. I will not delete anything you added or changed in the UI. It will not touch dnsmasq either.
-
@george1421 The attached image is the other PC that is luckily working. This one is using
undionly.kpxe. This shows the iPXE booting page that we are familiar with, and it’s the same as the one on iPXE’s official website. But the ASUS PXE booting page looks so different so I have no idea.Can you specify “rerun the FOG installer”? Do you mean reboot or reinstall FOG? I rebooted the FOG server,
ipxe.efisize is still 0, and the ASUS PC is still not going into the FOG.
-
@zguo how did you install fog on this server? Did you use the tarball file or git and pulled from the repo? Either way there should be a fogproject folder, and I think bin/installfog.sh bash script to rerun the fog installer.
-
@george1421 Cool! After reinstalling FOG,
ipxe.efihas file sizes now so the ASUS PC can PXE boot withipxe.efi. Thank you very much!
