Issues with Windows DHCP Server

AlexisPHC

Hi All,

I’ve recently deployed FOG into it’s own subnet - and things are working great there where FOG is allowed to run it’s own DHCP server.

However I’d like to start moving machines out onto other subnets, which we manage via Windows DHCP Server.

I’ve configured Option 66 and 67, as well as option 150 (hoping that would fix things!) but the machine boots from the network and gets to asking for a TFTP server. You specify one, and it times out, then says chainloading failed.

Pic here if you’re interested: https://photos.app.goo.gl/44BQhe3ArNk3ngGRA

Loving FOG so far by the way, but getting this to work will avoid us having to manually re-configure boot order options (as windows seems to happily chuck itself at the start of the boot order all the time!).

TIA

Alexis

george1421

@AlexisPHC Ok the pictures tells us a good story. Your dhcp server is working perfectly. Well its not working but its not your dhcp server’s fault at the moment.

from the 10.1.6.x subnet can you ping the FOG server?
Is there some some kind of screening router between your 10.1.6.x network and your 10.1.22.x networks?

On a computer on the 10.1.6.x subnet, take a windows computer, disable the windows firewall. Then install the tftp client on the windows computer. From a command prompt key in tftp get 10.1.22.1 snponly.efi and see if you can pull that tftp image.

10.1.22.1 is suspicious since typically the .1 or .254 is the default router for a subnet. It doesn’t need to be, but typically it is. Is the .1 address correct for the fog server?

I feel this is a routing issue between the two subnets.

AlexisPHC

@george1421 thanks - good steps to check.

Yes, I can ping from that subnet, and I can also tftp the file from one of my linux hosts on that subnet with no issues. There is a router in between, but it’s not filtering traffic to my knowledge. It is passing DHCP requests to our windows DHCP server for that subnet/vlan however.

And yes, the ip address is correct, the router is sat on 10.1.22.254.

george1421

@AlexisPHC OK the simple (and not so simple stuff) can be ruled out.

You said pxe booting worked when fog was the dhcp server, but there could be another issue especially if this is a new fog install. Confirm that on the fog server /tftpboot/default.ipxe file is there. I have seen people on a new fog install not get all three parts done correctly, if they missed the last step default.ipxe file would be missing.

The next part is not so easy but can be done. What we will do is install wireshark on a 2nd (witness) computer. Plug this computer into the same subnet as the pxe booting computer. Set the capture filter in wireshark to port 67 or port 68 and then start the packet capture. Now pxe boot the target computer until it fails. If it asks for the IP address of the fog server that has failed.

Now check the captured packets. If you set the proper capture filter you should only see the dhcp / pxe boot packets. What you are looking for is the DORA (Discovery, Offer, Request, Ack/Nack) dhcp process. The target computer will send out a Discover and (one or more dhcp servers) will send out an OFFER packet. This is what you need to investigate. First verify you recognize all dhcp servers that are sending an OFFER packet. Now inspect the OFFER packet, in the header there should be two fields (next-server which should match dhcp option 66) and boot-file (which should match dhcp option 67) then scroll down, you should see the dhcp options expand option 66 and 67 and verify they are set correctly. I’m expecting something to be wrong with one or more OFFER packets, because this is where the pxe booting client is getting unhappy.

AlexisPHC

@george1421 Bizarrely, came in this morning and it was working happily! not the foggiest what was wrong, but does seem to have sorted itself out somehow!

george1421

@AlexisPHC If it magically stops working again, then I would check to see if you have two dhcp servers on your network. If it continues to work, then move on to the next issue. But in general I don’t like it when stuff just starts working, because the tides can shift the other direction with out notice too.