dhcp server add option 66 67 TFTP open timeout

[ttcchl01]

packetfence godhcp server config option 66 67 for client cannot pxe boot , always TFTP open timeout, but use isc-dhcp alt. dhcpd works fine.

DHCP OPTION 66 67 TFTP open timeout

## add option command
curl -H "Content-Type: application/json" -d '[{"option":66,"value":"192.168.0.36","type":"string"},{"option":67,"value":"undionly.kpxe","type":"string"}]'  http://127.0.0.1:22222/api/v1/dhcp/options/network/192.168.0.0

show Golbal setting

curl http://127.0.0.1:22222/api/v1/dhcp/stats/eth0.8 | python -m json.tool

        "options": {
            "OptionBootFileName": "undionly.kpxe",
            "OptionTFTPServerName": "192.168.0.36",
            "optionDomainName": "inlinel2.local",
            "optionDomainNameServer": "192.168.0.1",
            "optionIPAddressLeaseTime": "24h0m0s",
            "optionRouter": "192.168.0.1",
            "optionSubnetMask": "255.255.255.0"

 tcpdump dhcp

 /usr/local/pf/addons/dhcp_dumper.pl -i eth0.8
================================================================================
2019-11-28 14:45:47
--------------------------------------------------------------------------------
Ethernet        src:    ---MAC MASKED---       dst:    ff:ff:ff:ff:ff:ff
IP              src:              0.0.0.0       dst:      255.255.255.255
UDP             src port:              68       dst port:              67
--------------------------------------------------------------------------------
DHCPDISCOVER from ---MAC MASKED---
vendor id: PXEClient:Arch:00000:UNDI:002001
93: 0,0
message type: 1
dhcp max message size: 4,236
94: 1,2,1
97: 0,68,69,76,76,56,0,16,88,128,55,200,192,79,88,66,88
requested parameter list: 1,2,3,4,5,6,11,12,13,15,16,17,18,22,23,28,40,41,42,43,50,51,54,58,59,60,66,67,128,129,130,131,132,133,134,135
OS/Device Ident: PXE
TTL: 20

================================================================================
2019-11-28 14:49:49
--------------------------------------------------------------------------------
Ethernet        src:    ---MAC MASKED---       dst:    ---MAC MASKED---
IP              src:           192.168.0.1       dst:          192.168.0.57
UDP             src port:              67       dst port:              68
--------------------------------------------------------------------------------
DHCPACK received for 0.0.0.0 (---MAC MASKED---)
dns servers: 192,168,0,1
bootfile: undionly.kpxe
message type: 5
router: 192,168,0,1
address time: 86400
domain: inlinel2.local
subnet mask: 255,255,254,0
servername: 192.168.0.36
dhcp server id: 192.168.0.1
TTL: 128

[nqb]

Hello,

It seems that option is correctly sent to your end-device no ? In DHCPACK:

[..]
bootfile: undionly.kpxe
[..]

[ttcchl01]

Hello,

It seems that option is correctly sent to your end-device no ? In DHCPACK:

[..]
bootfile: undionly.kpxe
[..]

nqb THX for reply more tcp dunp from end-device

packetfence dhcp tcpdump from end-device boot failure bad return

08:26:35.027975 ARP, Request who-has inline2.local tell 192.168.0.57, length 46 08:26:35.028066 IP 192.168.0.57.ah-esp-encap > inline2.local.tftp: 30 RRQ "undionly.kpxe" octet tsize 0 08:26:37.048513 IP 192.168.0.57.acp-port > inline2.local.tftp: 30 RRQ "undionly.kpxe" octet tsize 0 08:26:40.043575 ARP, Reply 192.168.0.57 is-at ---MAC MASKED--- (oui Unknown), length 46 08:26:41.058081 IP 192.168.0.57.msync > inline2.local.tftp: 30 RRQ "undionly.kpxe" octet tsize 0 08:26:47.044920 IP 192.168.0.57.gxs-data-port > inline2.local.tftp: 30 RRQ "undionly.kpxe" octet tsize 0 08:26:55.009121 IP 192.168.0.57.vrtl-vmf-sa > inline2.local.tftp: 30 RRQ "undionly.kpxe" octet tsize 0

isc-dhcp tcp dump boot success

08:32:35.552400 ARP, Request who-has inline2.local tell 192.168.0.57, length 46 08:32:35.552499 IP 192.168.0.57.ah-esp-encap > 192.168.0.36.tftp: 30 RRQ "undionly.kpxe" octet tsize 0 08:32:35.554422 IP 192.168.0.57.ah-esp-encap > 192.168.0.36.40682: UDP, length 17 08:32:35.554526 IP 192.168.0.57.acp-port > 192.168.0.36.tftp: 35 RRQ "undionly.kpxe" octet blksize 1456 08:32:35.555519 IP 192.168.0.57.acp-port > 192.168.0.36.35322: UDP, length 4 08:32:35.556128 IP 192.168.0.57.acp-port > 192.168.0.36.35322: UDP, length 4 08:32:35.556715 IP 192.168.0.57.acp-port > 192.168.0.36.35322: UDP, length 4

there strange in [ option 66 may not send correct value from packetfence dhcp to client .

curl -H "Content-Type: application/json" -d '[{"option":66,"value":"192.168.0.36","type":"string"}]' http://127.0.0.1:22222/api/v1/dhcp/options/network/192.168.0.0

192.168.0.57.ah-esp-encap > inline2.local.tftp: 30 RRQ "undionly.kpxe" incorrect

[nqb]

Hello @ttcchl01,

In your situation, pfdhcp doesn't set Next Server IP address to Option 66 value in header (not options) of DHCP ACK. In that case, you need to set option 67 to a full TFTP URI like this: tftp://tftp.example.lan/undionly.kpxe (see http://ipxe.org/err/3c0920#additional_notes). Option 66 is useless in that situation.

Command:

curl -H "Content-Type: application/json" \
-d '[{"option":67,"value":"tftp://tftp.example.lan/undionly.kpxe","type":"string"}]' \
http://127.0.0.1:22222/api/v1/dhcp/options/network/192.168.0.0

Could you check if isc-dhcp-server sets Next Server IP address to Option 66 in DHCP ACK header ?

Thanks.

[ttcchl01]

Hi nqb sorry for late reply and thank you very much for your help, but option 67 config still problem on pxe boot, ISC mybe alt.method

[nqb]

Hello,

Could you paste here configuration of your network with only 67 option ?