• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    2 vlan using te same fog server

    Scheduled Pinned Locked Moved Solved FOG Problems
    7 Posts 4 Posters 3.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Gilberto FerrazG
      Gilberto Ferraz
      last edited by Joe Schmitt

      Hello!

      I use the ‘fog’ system in my work a long time.

      I installed 2 ‘vlan’ (172.16.17. * and 172.16.16. *) and use the pfsense.

      the fog server works perfectly on network 172.16.17. * with the ip 172.16.17.250

      For safety reasons the traffic between the two vlan are blocked.

      ie the network 172.16.16. * can not ping the server 172.16.17.250 fog, so far so good.

      I created a rule in the 172.16.16 network. * to be able to ping the server to fog (172.16.17.250). problem solved already come to the server fog.

      the problem is that the machines of the network 172.16.16. * can not get scheduled tasks on the server fog.

      I will show pfsense settings of the network 172.16.17. * It works perfectly.

      https://www.dropbox.com/s/secceut2ecwo3fh/imagem 1.png?dl=0

      The network 172.16.16. * I can ping the ‘fog’ server with the rule I created this network.

      the settings are these

      https://www.dropbox.com/s/35c9p14o9oau5ef/imagem 2.png?dl=0

      If you schedule a task in fog for a machine connected to the network 172.16.16. * The machine gives error in the DHCP starter ‘ipxe’.

      ok I can understand the error. Ie the fog does not assign IP gateway’s because they use different 172.16.16.251 for the network 172.16.16. * And 172.16.17.251 for the network 172.16.17. *

      I had an idea then. How have the fire installed in a virtual machine ‘VMWARE’ decided to allocate more a virtual network card to the network 172.16.16.250.

      Now the network 172.16.16. * can ping the server and changed the settings for the pfsense

      https://www.dropbox.com/s/htducvwark2zgk8/imagem 3.png?dl=0

      Now the network machines already assigned IP address.
      what happens is that now the machine gives two errors.

      PXE-E53: in the boot filename received
      PXE-M0F: Exiting Intel Boot Agent

      If you change the fog of configurations using browser

      https://www.dropbox.com/s/5klswz9r1r3xnkj/imagem 4.png?dl=0

      For

      https://www.dropbox.com/s/jua2tljgsur9eft/imagem 5.png?dl=0

      Does not solve the problem.

      settings of my /var/www/fog/lib/fog/Config.class.php file
      are

      private static function init_setting()
              {
                      define('TFTP_HOST', "172.16.17.250");
                      define('TFTP_FTP_USERNAME', "fog");
                      define('TFTP_FTP_PASSWORD', "43df7b");
                      define('TFTP_PXE_KERNEL_DIR', '/var/www/fog/service/ipxe/');
                      define('PXE_KERNEL', 'bzImage');
                      define('PXE_KERNEL_RAMDISK',127000);
                      define('USE_SLOPPY_NAME_LOOKUPS',true);
                      define('MEMTEST_KERNEL', 'memtest.bin');
                      define('PXE_IMAGE', 'init.xz');
                      define('PXE_IMAGE_DNSADDRESS', "172.16.17.251");
                      define('STORAGE_HOST', "172.16.17.250");
                      define('STORAGE_FTP_USERNAME', "fog");
                      define('STORAGE_FTP_PASSWORD', "43df7b");
                      define('STORAGE_DATADIR', '/images/');
                      define('STORAGE_DATADIR_UPLOAD', '/images/dev/');
                      define('STORAGE_BANDWIDTHPATH', '/fog/status/bandwidth.php');
                      define('UPLOADRESIZEPCT',5);
                      define('WEB_HOST', "172.16.17.250");
                      define('WOL_HOST', "172.16.17.250");
                      define('WOL_PATH', '/fog/wol/wol.php');
                      define('WOL_INTERFACE', "eth0");
                      define('SNAPINDIR', "/opt/fog/snapins/");
                      define('QUEUESIZE', '10');
                      define('CHECKIN_TIMEOUT',600);          define('USER_MINPASSLENGTH',4);
                      define('USER_VALIDPASSCHARS', '1234567890ABCDEFGHIJKLMNOPQRSTUVWZXYabcdefghijklmnopqrstuvwxyz_()^!#-');
                      define('NFS_ETH_MONITOR', "eth0");
                      define('UDPCAST_INTERFACE', "eth0");
                      define('UDPCAST_STARTINGPORT', 63100 );                                         // Must be an even number! recommended between 49152 to 65535
                      define('FOG_MULTICAST_MAX_SESSIONS',64);
                      define('FOG_JPGRAPH_VERSION', '2.3');
                      define('FOG_REPORT_DIR', './reports/');
                      define('FOG_UPLOADIGNOREPAGEHIBER',true);
                      define('FOG_DONATE_MINING', "0");
      

      It seems to me that the problem might be I have to use 2 DNSADDRESS

      define ('PXE_IMAGE_DNSADDRESS “,” 172.16.17.251 "); to a network and 172.16.16.251 for another vlan.

      Any idea ?

      how I solve the problem?

      2vlan is possible for the same fog? with different DNS?

      1 Reply Last reply Reply Quote 0
      • Tom ElliottT
        Tom Elliott
        last edited by

        What you’re running into is what I suppose could be called scope problems.

        Your setup of separate vlan’s should work with a SINGLE DHCP server, which if i read everything is already the case.

        However, the VLAN of the .16 network needs to know where to look at the DHCP server. This is most often done through the use of ip helpers on the switch. As you’ve allowed communication between the vlan’s, doing this should correct the problem for you.

        You would need to set the ip helper to for the .16 vlan to redirect dhcp requests to the .17 vlan.

        In the current state, the IP’s are being assigned, and you are defining the gateway’s (from what I can tell) appropriately for both vlan’s. The First issue you “fixed” was proof that it was initially a problem and is no longer a problem:

        @Gilberto-Ferraz said:

        If you schedule a task in fog for a machine connected to the network 172.16.16. * The machine gives error in the DHCP starter ‘ipxe’.

        ok I can understand the error. Ie the fog does not assign IP gateway’s because they use different 172.16.16.251 for the network 172.16.16. * And 172.16.17.251 for the network 172.16.17. *

        I had an idea then. How have the fire installed in a virtual machine ‘VMWARE’ decided to allocate more a virtual network card to the network 172.16.16.250.

        Now the network 172.16.16. * can ping the server and changed the settings for the pfsense

        https://www.dropbox.com/s/htducvwark2zgk8/imagem 3.png?dl=0

        Now the network machines already assigned IP address.
        what happens is that now the machine gives two errors.

        Later on you go on to show the next issue (indicative that the .16 is not even reaching the DHCP server to get the associated next-server/Option 66 and filename/Option 67 parameters.

        PXE-E53: in the boot filename received
        PXE-M0F: Exiting Intel Boot Agent

        Hopefully this helps and makes some sense.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        1 Reply Last reply Reply Quote 1
        • george1421G
          george1421 Moderator
          last edited by george1421

          I understand there may be a language issue here but this is what I see.

          You have two subnets (I’m ignoring vlans since that fact is not important) which are 172.16.17. 0/24 and 172.16.16. 0/24. Your fog server is on the 172.16.17. 0/24 subnet. All devices within the 172.16.17. 0/24 subnet work perfectly with FOG.

          The issue is your clients on the 172.16.16. 0/24 can not communicate with the fog server on the 172.16.17. 0/24 subnet. Your firewall is blocking the communications. You need to open a series of ports between your clients on 172.16.16. 0/24 and the fog server (more than just ping). To pxe boot you need to enable the tftp protocol and the nfs and ftp protocols between the subnets. Without this enabled your clients on the 172.16.16. 0/24 subnet will never be able to pick up the ipxe boot kernel or image any machine. While if you need the restrictions you can work out the exact rules needed. But, the easiest solution is to create a general rule on your firewall of:
          source net 172.16.16. 0/24 to destination host 172.16.17.250 protocol any state allow
          And then flip the rule to allow the FOG server to talk to the clients
          source host 172.16.17.250 to destination net 172.16.16. 0/24 protocol any state allow

          These rules will say all clients can talk to the fog server only across this firewall and the fog server can talk to the remote subnet only. This is allowed communications.

          Unless I missed it, what device/network is hosting your DHCP server? You may have to setup the dhcp relay agent on your firewall/router to send the dhcp requests across your firewall

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

          1 Reply Last reply Reply Quote 0
          • Gilberto FerrazG
            Gilberto Ferraz
            last edited by

            Hello guys!

            Thanks to your help and my friend at work

            Problem solved finally get to boot with ipxe to my server ‘fog’ between different Vlans.

            after following the suggested roles of george1421:

            "source net 172.16.16. 0/24 to destination host 172.16.17.250 protocol allow any state
            And Then flip the rule to allow the FOG server to talk to the clients
            source to destination host 172.16.17.250 net 172.16.16. 0/24 protocol allow any state "

            and the tone of suggestion
            “the get the associated next-server / filename and Option 66 / Option 67”

            It was enough to put in pfsense side vlan 172.16.16. *

            Additional BOOTP / DHCP Options

            Number type Value

            66 IPAdresse or host 172.16.17.250

            67 Text undionly.kpxe

            Thank works in perfection all

            They can close the topic as resolved to help more people

            \GF

            1 Reply Last reply Reply Quote 1
            • george1421G
              george1421 Moderator
              last edited by

              Good job getting this all to work. While its not hard to get it setup across multiple segments there are a few bits that need to be in place.

              Marking this issue solved.

              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

              1 Reply Last reply Reply Quote 0
              • Wayne WorkmanW
                Wayne Workman
                last edited by

                Can we summarize what was done? What config? What files? What networks? What interfaces?

                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
                Daily Clean Installation Results:
                https://fogtesting.fogproject.us/
                FOG Reporting:
                https://fog-external-reporting-results.fogproject.us/

                george1421G 1 Reply Last reply Reply Quote 0
                • george1421G
                  george1421 Moderator @Wayne Workman
                  last edited by

                  @Wayne-Workman If I understand the OP’s post there were two actions that were needed.

                  1. Since there is a firewall between the two subnets, 2 rules needed to be crafted to allow communication between the devices on the subnet where the fog server was not.
                  2. On the subnet where the fog server was not he had to update the dhcp to include the next server and boot file settings. On this one I gather (guess) that each subnet has its own dhcp server.

                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                  1 Reply Last reply Reply Quote 1
                  • 1 / 1
                  • First post
                    Last post

                  150

                  Online

                  12.3k

                  Users

                  17.4k

                  Topics

                  155.8k

                  Posts
                  Copyright © 2012-2025 FOG Project