Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, November 2, 2016 8:12 PM
I have spent the last six hours reading lots of posts about this, but nothing seems to work.
I have two servers - PXE (WDS role on Windows Server) 192.168.20.89/24 and DHCP (Windows Server) 192.168.20.201/24
I have physical servers I am trying to deploy on network 192.168.10.0/24. I have set up the DHCP forwarders in my switches. (Cisco switches - ip dhcp relay address 192.168.20.201)
Pure DHCP requests seem to work fine. For example, I manually install Windows Server onto a system and I see the system get DHCP addresses. So it appears the DHCP forwarding is working correctly. But if I try to LAN boot the exact same server, it never gets an address. I sit on my DHCP server while the system is trying to boot and constantly refresh address leases. No leases are given out. PXE eventually times out and the system boots to the installed operating system. As soon as the operating system comes up, I see the leases on my DHCP server.
I have tried setting scope option 66 to the IP of my PXE (WDS) server. No difference. I have tried setting scope option 67 to root\x86\wdsnbp.com or root\x64\wdsnbp.com. No difference. Various combinations of 66/67 settings. No difference.
Everything works fine if the machine is on the same subnet as the DHCP and PXE servers.
Any ideas? Please don't point me to posts that say to set option 66 to the IP of the PXE server or option 67 to a program, unless there is something else I should put in there.
. : | : . : | : . tim
All replies (12)
Tuesday, November 8, 2016 2:36 AM âś…Answered
Hi,
>> If a server is booted on VLAN 20, it does not PXE boot - times out waiting for PXE server.
>> If I add DHCP relays to domain 1 for VLAN 20, system will not PXE boot whether on VLAN 10 or 20.
If my description of your physical connect in the previous reply is correct, then both of them suggests the same thing:
The DHCP message from your client can not through your trunk. Or broadcast message can not through your trunk. If the DHCP message is converted to unicast by the TOR of domain 2, then the unicast DHCP message is able to through the trunk.
All of these are my speculation, to confirm , still you need to perform the network capture.
Best Regards,
Steven Lee
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thursday, November 3, 2016 8:17 AM
Hi,
All your need is adding the WDS server into the ip help address list.
If the WDS server and DHCP server are not hosted on the same server, the DHCP option won't work. You need to forward the DHCP Discover message to the WDS server directly.
WDS server is listening on UDP port 67, so that it can respond to the DHCP Discover message. If the DHCP server and WDS server are hosted on the same machine, the UDP port 67 will be occupied by DHCP service, only in that case, the DHCP options are needed.
BTW, if you put your client into the same subnet of these two servers and perform a network capture on them (WDS and DHCP), you will find the normal process of the WDS server.
Best Regards,
Steven Lee
Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thursday, November 3, 2016 4:50 PM
Thanks for the reply, Steven. This is more information than I had found in all my reading. But I need some clarification.
What do you mean when you say "adding the WDS server into the ip help address list"? Are you saying this is something done on the switch? I currently have the switch configured with an DHCP relay entry pointing to my DHCP server. Are you saying there should be two entries, one pointing to the DHCP server and the other pointing to my WDS server?
And then you say "If the WDS server and DHCP server are not hosted on the same server, the DHCP option won't work. You need to forward the DHCP Discover message to the WDS server directly. " That seems to contradict your first response, where say "all that is needed ...".
I currently have my DHCP on a Domain Controller. It's not a big deal to put the WDS server into the domain, but I was just trying to keep it separate. I suppose if I put it into the domain and then move my DHCP services to the WDS server and remove it from my DC, it should all work - correct?
. : | : . : | : . tim
Thursday, November 3, 2016 8:43 PM
Well, I seemed to have gone backwards. I removed DHCP from my DC and moved it to my WDS server. Since WDS had been configured in standalone mode, I removed WDS, joined the server to the domain, installed DHCP and WDS. With a vanilla installation, a VM on the same network obtains an IP address, but it is not PXE booting. I see in DHCP that option 60 was automatically defined as PXEClient. I added option 66, entering the IP address of the WDS/DHCP server. Still no PXE boot. I added option 67, first time with root\x86\wdsnbp.com and then with root\x64\wdsnbp.com. Still nothing. I changed subnets and the VM does not get a DHCP address.
This is on a 2016 server. Going to build out a 2012 R2 server to see if it acts the same way.
It's got to be a configuration issue, but I have not been able to figure it out.
. : | : . : | : . tim
Friday, November 4, 2016 1:32 AM
Hi Tim,
>>What do you mean when you say "adding the WDS server into the ip help address list"? Are you saying this is something done on the switch?
>>Are you saying there should be two entries, one pointing to the DHCP server and the other pointing to my WDS server?
Sorry about my unclear description. Your understanding is correct. The DHCP relay agent needs to forward the DHCP message to both of WDS and DHCP server if they are hosted on different machines.
>>And then you say "If the WDS server and DHCP server are not hosted on the same server, the DHCP option won't work. You need to forward the DHCP Discover message to the WDS server directly. " That seems to contradict your first response, where say "all that is needed ..."
I was talking about two scenarios:
- If the DHCP and WDS are hosted on the same machine, then you need to put this machine into the ip help address list and configure the DHCP options.
- If the DHCP and WDS are hosted on different machines, then you need to put both of them into the ip help address list and there is no need to configure the DHCP option. The DHCP option doesn't work in this scenario.
According to your first post, you have put the DHCP server into the ip help address list, so I said "All your need is adding the WDS server into the ip help address list." In addition to my first suggestion, you also need to remove the DHCP options.
The DHCP options will mess up the deployment if you are using two machines. Because the DHCP option doesn't support redirect the client to a different machine. If the client receives the DHCP option, it will connect to the UDP port 4011 of the DHCP server. In brief, the DHCP options only work in scenario 1.
In the end, I would suggest you to host the WDS and DHCP on different machines, which is more flexible. You don't need to change the DHCP option when you make anything change on the WDS server.
Best Regards,
Steven Lee
Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Friday, November 4, 2016 2:57 PM
Thanks, again, Steven.
It appears that we are making some progress. When I did not have the DHCP relay defined on the switches, I would sit at the PXE prompt and it would show 2 dots of progress and then it would fail. I added the WDS server as a second DHCP relay on the switches. Now I see 6 dots of progress (had my hopes up because I see 8 dots when things work). But I still get a timeout failure on the boot itself.
DHCP server is now configured only with the 'typical' options of 003/router, 006/DNS, 015/DNS domain name.
Besides residing on different subnets, the client machine resides on one VLAN and the WDS and DHCP servers reside on a different VLAN. Straight DHCP to an machine with an operating system loaded works fine. It is just the PXE that is giving me the issue. Could VLANs be causing some issue? I can't see how if DHCP works to an OS, but I'm grasping at anything on this.
. : | : . : | : . tim
Monday, November 7, 2016 2:02 AM
Hi Tim,
>> Could VLANs be causing some issue?
Theoretically, no. VLAN blocks the broadcast packets and the ip help address list is designed for resolving this problem.
If you have followed my suggestion above and it still doesn't work, to troubleshoot this issue logically, you need to perform a network capture on the WDS server and DHCP server. This process is not encrypted, we are able to see the whole process in plain text.
Put the client into the same subnet with WDS and DHCP and perform the capture of a success process. Then reproduce your issue and perform another capture. Comparing the captured data will tell you the step that the process stuck in. Then you are able to find the possible cause.
Best Regards,
Steven Lee
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, November 7, 2016 4:34 PM
Did the wire capture. Now have it working on the LAN. It turned out that my switches were configured with some old DHCP relays to non-existent DHCP servers. These were configured on networks that were not being used, so I was assuming they would not make any difference. But when I went into the switches and removed all the extraneous DHCP relays, leaving only one on the non-local network, PXE started working from both networks.
Next step is to try to get it working between two different 'domains'. Not AD domains or network domains. I'm using the term to refer to two separate racks of servers, each with its own top-of-rack switch. Domain 1 is the one I just got working. Domain 2 is configured to use all the services - DNS, DHCP, routing, etc. - from Domain 1.
. : | : . : | : . tim
Monday, November 7, 2016 8:51 PM
Update.
I have successfully PXE booted a server across the racks. Interesting observations.
Configuration summary.
DOMAIN 1: WDS - 192.168.20.211, VLAN 20. DHCP 192.168.20.201, VLAN 20. Gateways 192.168.10.1 and 192.168.20.1. TOR network switches for this environment - DHCP relays configured for 192.168.20.201 and 192.168.20.211 on VLAN 10. No other DHCP relays configured in the environment.
DOMAIN 2: Physical servers connected to a TOR that is, in turn, connected to TOR of Domain 1. If a server is booted on VLAN 10, it properly PXE boots. If a server is booted on VLAN 20, it does not PXE boot - times out waiting for PXE server. If I add DHCP relays to domain 1 for VLAN 20, system will not PXE boot whether on VLAN 10 or 20.
. : | : . : | : . tim
Tuesday, November 8, 2016 2:13 AM
Hi,
>>These were configured on networks that were not being used, so I was assuming they would not make any difference. But when I went into the switches and removed all the extraneous DHCP relays, leaving only one on the non-local network, PXE started working from both networks.
Agree with you that additional DHCP relay entries should not affect the PXE process if all of them are failure. But if anyone of them are able to reply the client with an incorrect DHCP offer message, then the PXE process may be broken.
If you are sure about all of them are failure, then you should consult with Cisco about this wired issue.
>>Next step is to try to get it working between two different 'domains'. Not AD domains or network domains.
To me, it makes no difference how we change the physical connections. If the DHCP relay agent is configured properly and it has a routable path to the DHCP and WDS server, the PXE process should work.
>>If a server is booted on VLAN 20, it does not PXE boot - times out waiting for PXE server.
Wired, still you need to perform a network capture on the WDS and DHCP servers to check if it is a server side issue. If you enabled DHCP snooping, then please make sure that both of WDS and DHCP servers are marked as trusted.
>>If I add DHCP relays to domain 1 for VLAN 20, system will not PXE boot whether on VLAN 10 or 20.
These two TOR switches are connected with trunk and both of them have the gateway for VLAN 10 and VLAN 20?
Best Regards,
Steven Lee
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, November 8, 2016 4:49 PM
It turns out it was a configuration error on my server. Cisco UCS servers have a lot of flexibility in how to configure things. I had inadvertently configured my system to allow booting from any NIC, and I had multiple NICs in the configuration. I changed the boot policy to boot from a specific NIC, and everything works fine. I can PXE boot from the 'local' subnet or cross-subnet.
Thanks for sticking with me through this, Steve. It was helpful.
. : | : . : | : . tim
Wednesday, November 9, 2016 1:02 AM
Hi Tim,
Glad to hear that this issue has been resolved and thanks for the sharing!
Best Regards,
Steven Lee
Please remember to mark the replies as an answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].