I have worked with this area of pxe booting on some pretty tough problems. So I have a few things I can tell you.
First for your dnsmasq if you can install / or have installed dnsmasq 2.76 or 2.77 your configuration will be a bit easier. I would first focus on getting on this release. I have not personally done this with Debian but I have a tutorial on how to compile dnsmasq 2.76 and I know it works on Ubuntu. https://forums.fogproject.org/topic/8725/compiling-dnsmasq-2-76-if-you-need-uefi-support
Before you go through all of that open a command window on your fog server (or dnsmasq server) and key in the following command dnsmasq -v
to get the dnsmasq version. If its less than 2.76 then consider compiling an update using my instructions.
If you are on 2.76 or later consider using my ltsp.conf from this end of this post [ https://forums.fogproject.org/topic/8725/compiling-dnsmasq-2-76-if-you-need-uefi-support/6 ]. I can say for absolute this configuration works perfectly. Make sure you change the <fog_server_IP>
to the IP address of your fog server. Don’t forget to restart dnsmasq after you make a change to the config file. Also ensure that when you reboot your fog server that dnsmasq restarts too.
I have seen what Sebastian said about home routers. They do send their IP address as the next server but no boot file. That isn’t very helpful if you want to pxe boot at home. So far I’ve been able to use dnsmasq to over ride home dhcp setups of all kinds. In my home right now my home router does exactly what we are talking about, sends itself as the next server with no boot file name. I’m running FOG and dnsmasq on a Raspberry Pi3 server and I can pxe boot both uefi and bios systems no problem. If we take my config file and make a small tweak to it, we should be able to override even a valid dhcp server sending out a proper next server and boot file.
The other thing that Sebastian mentioned was to capture the network traffic using wireshark or tcpdump. Since the pxe booting process needs dhcp and dhcp is communicated via broadcast messages we can have any computer on the same subnet eavesdrop at least on the dhcp process to understand what is going on. There is no need for a mirror port. If you use tcpdump running on the FOG server you can view the entire pxe booting process, even after the target computer switches over to unicast communication since it is talking directly to the fog server at that point. I do have a tutorial on that too: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue