FOG menu not showing up on some machines after DHCP server rebuild
I recently had to rebuild my DHCP server. It used to be on a Windows 2008 R2 server and now it is on a Windows 2012 R2 virtual server. I added the option 66 and 67 to it with undionly.kpxe since I am running FOG 1.2.0. When I boot some machine though it runs through the PXE boot process then just starts loading Windows, I don’t get the regular FOG menu where I can register or quick image machines. The last thing that shows up on the screen before booting Windows is:
Could not start download: operation not supported http://ipxe.org/3c092003
I am sure I am just missing a configuration option from the old DHCP server that I can’t access. I don’t know what it is though.
I have tried it on an HP DC7800 and 8200 Elite with the same results. Everything worked fine a couple of months ago with the old DHCP server.
Thanks in advance.
Thanks to all who participated in this thread. I killed the switch port that someone had a Netgear router hooked up to and everything is working fine now. FOG menu is showing up. I haven’t tried pulling down an image yet, but I have a good feeling. I will do my best to up-vote the proper answers even the earlier posts questioning the possibility of multiple DHCP servers. I had a feeling one was out there, but I didn’t think it would have a such a huge impact on FOG. Again thanks everyone for all the help!
Yes, I am pretty sure it belonged to the county health dept who has a satellite office in our district.
@Jay-Bosworth Rogue dhcp server is confirmed? You found it?
Also unrecognized, I am close to shutting down the port that the rogue DHCP server is on. I will update once that is done and I test some more.
Wayne Workman last edited by Wayne Workman
I have only ever setup one DHCP server.
Then you might have a rogue DHCP server somewhere.
The fact is - the only time anyone has ever reported having to manually enter a TFTP address for FOG network booting - is when there are 2 or more DHCP servers operating on that broadcast domain, and at least one is misconfigured. And we’ve had people ask about this many times. It’s always the same case.
This tool explained here would help you:
Or you can run wireshark on your desktop with the
bootpfilter to watch DHCP broadcasts.
@Jay-Bosworth How about
service dnsmasq status
I ran service --status-all and DHCP doesn’t even show up in the list so I don’t think it is the FOG server. It is somewhere else, still trying to figure out how I can track it down.
@Jay-Bosworth Are you sure there’s no DHCP running on your FOG server?
sudo service isc-dhcp-server stop
Ubuntu 14.04.5 LTS
I have only ever setup one DHCP server. As I stated it is a new build so the settings are exactly what is called for in the FOG setup.
Option 66 pointing to my FOG Server Option 67 pointing to undionly.kpxe
@Jay-Bosworth What OS and what version are you running?
Also, Wayne is right, so check that out asap.
it is asking for the address of the tftp server.
That tells me you have more than one DHCP server, and one or more are mis-configured.
I know this doesn’t technically go in here, but it is part of the process I am following to help resolve this… since I haven’t found what was causing the issues yet, I decided to take the plunge and upgrade to 1.3.0. So I am now running 1.3.0-RC-8 and when my computers boot they are stopping at a screen where it is asking for the address of the tftp server. When I type in the IP address of the FOG server it tries to connect to x.x.x.x/default.ipxe, but the connection is timing out. TFTP was working before the upgrade, is it possible the upgrade changed permissions? Any help is appreciated.
@Jay-Bosworth Its been nuts here this am so it took me a while to grab the screenshot.
- Target computer, wireshark computer, and DHCP server need to be on the same subnet to capture broadcast based traffic. If any of these are on a different subnet then you will need to setup wireshark on a mirrored port to the target computer.
- If your FOG server is on the same subnet as the target computer and dhcp server you can use tcpdump on your FOG server to capture the pcap file. (hint: wireshark is not needed).
- Start your pcap capture device. for your FOG server using tcpdump you can use the following command:
tcpdump -w issue.pcap -i eth0 port 67 or port 68 or port 69or with wireshark select Capture->Options then select the proper network adapter and key the following into the capture filter
port 67 or port 68
- Press the start button.
- PXE boot the target computer to the error
- Stop the wireshark/tcpdump capture.
- Analyze the pcap file.
No, the target system I am testing with right now is an HP DC7800 Microtower. Mac address ends in AB:02
Yes 10.60.82.15 is my FOG server. Not sure what 192.168.101.2 is, but the Health Department rents a room in our district and they have a VPN setup with a DHCP server for their machines. We also have a sonic wall in place for our phones that are on a separate vLan to give them addresses. Target right now is 16.155 but that Wireshark is from a day ago so it may not be the same address now as it was then.
.170 is my main DHCP server.
the .20 addresses belong to my ISD which is our ISP so I will check with them…
I am happy to pull another Wireshark if necessary just let me know the steps I should take.
OK I have a few questions:
- Is the target system an apple device?
- Is 10.60.82.15 your fog server?
- What is 192.168.101.2 and why is it sending a dhcp nak (dhcp rejection)
- Did the target get 10.60.16.119?
crud, that one was an iPhone.
I see another one that is a HP device with a mac address of 00:1b:78:a4:a0:6c
But that one looks like a dhcp renewal. What is interesting is that I seen dhcp ACK from 10.20.88.37 and NAKs from 10.60.82.170, 192.168.101.2 and 10.20.0.101
This tells me you have multiple dhcp servers attempting to respond to a dhcp request?
In wireshark, you can apply a filter, and then export the displayed packets.
Okay, thanks, I was afraid of that. I tried to filter it just to the MAC address of the client. I had a feeling it wasn’t enough though.
@Joe-Schmitt do you know why Jay can’t upload the same file that George can?
When I was younger, my mom called me “a unique person” quite often. Its probably that…
I removed the upload pcap file since it contained things that the general public should not see.