DHCP required for NetBoot?
Stupid question here I think....
The subnet that we have our Kace servers on does not have DHCP. We have NetBoot enabled on our K2000 and followed all the steps in the admin guide for deploying to Macs. On the test machine we are using, it is configured with a static IP address on the same subnet as the Kace server and can ping the k2000. However, it does not see the k2000 in System Preferences > Startup Disks.
Before we do any more troubleshooting... is DHCP required for NetBoot? Do I need to set up scope options similar to what I did for PXE booting?
BTW, our Macs are all on Mountain Lion and the k2000 is on 3.5.
Edit: I'm not a network administrator... but from what I understand, even with the client and server on the same subnet, the router has no idea what server to send bootp requests to unless you have a scope option telling it to send bootp requests to the Kace server. Is that right?
Answers (4)
I just enable the dhcp on the k2000 when I need to capture a mac and turn it back off after they boot.
Comments:
-
I hold down the N key to boot them. They use BSDP not pxe broadcasts so it works without having to configure anything else but the kbox as above. - SMal.tmcc 11 years ago
-
are you deploying or capturing? - SMal.tmcc 11 years ago
-
Well we will be capturing and then deploying the image to multiple Macs as we get them in. We don't see the kbox whether we go to system prefs > startup disk or when we hold down the N key while booting. Everything I've read says BSDP is an extension of DHCP, so I really just want to know if that means DHCP is required on the subnet I'm using. We absolutely do not want to enable the kbox's DHCP server. If DHCP is required, I will just create a DHCP scope for that subnet. I just didn't want to do that and find out it wasn't necessary and still have the same problem. - ashlea 11 years ago
-
Our kbox resides on the server subnet. The policy is there is no DHCP server setup on that subnet since no device on that subnet should ever need it. I only use that subnet to capture. So I temporarily enable dhcp on the kbox, as soon as the mac I need to capture boots and starts loading I disable it again.
I set up a k2000 extender on our in-house IT subnet to deploy to macs, I only sync the mac info from the main kbox to it. - SMal.tmcc 11 years ago-
actually found out the server crew also created 2 other virtual servers for kbox extenders on the 2 subnets that the mac classrooms are on so we will deploy to them thru those extenders. - SMal.tmcc 11 years ago
-
ust spoke to the Kace Management and Developer Team. They do not fully support netbooting across subnets using iphelper. They also do NOT have it in the que for a future feature release. They believe that using an RSA on every vlan is adequate. The only way they will consider this important is based on votes. I found out we have to vote on things like this. I can't believe they consider booting outside of your imaging servers vlan as a "feature". Oh well, it's their rules, we just pay for them....
Please vote here: http://kace.uservoice.com/forums/82717-k2000/suggestions/1687565-mac-netbooting-across-subnets
Without the votes, it WILL NOT happen. - lkalis 11 years ago
-
have you tried
sudo bless --netboot --server bsdp://Kbox.ip.address.here --nextonly - SMal.tmcc 11 years ago -
bless does not work with 10.8. We do not want more than one DHCP on our network, so using the on-board one, even with limiting the address pool, is not something we are comfortable doing. Setting up a k2000 RSA is quite a bit more work than setting up the DHCP scope for that subnet - we are in the process of testing that right now. - ashlea 11 years ago
-
that is not entirely correct. Netboot does not work across subnets since the introduction of the EFI update that has lion internet recovery in its code. It is hardware based not OS based.
I just tested
sudo bless --netboot --server bsdp://Kbox.ip.address.here --nextonly
and it works on the subnet if the BSDP server is on that subnet ie K2000.
You cannot hard set an IP since this does not happen till the OS loading, you need a simple dhcp server. If you have your k2000 configured correctly holding the option key will show the server and either sudo bless or the N key will take you there. - SMal.tmcc 11 years ago
-
I updated this down below - but anyway still no luck with bless. We're at a loss now to why this is not working, and not sure what to try next other than using 10.8 media to capture netboot, rather than 10.8.3. - ashlea 11 years ago
You can try setting up ip helpers on your routers to pass the tftp netboot request to the K2000: http://www.kace.com/support/resources/kb/article/discussion-on-booting-using-macboot-from-a-subnet-other-than-where-the-k2000-appliance-resides
You can also try this tool to edit the Mac boot information (this tool was designed to help with netboot across subnets but should also help in your situation): http://mac.softpedia.com/progDownload/NetBoot-Across-Subnets-Download-10838.html
Additional reading: http://macadmincorner.com/3-ways-to-netboot-across-subnets/
Comments:
-
Thanks for these sources - I did read several articles/discussions using the same workarounds but it was unclear on which ones actually worked with 10.8. I think we will start by just creating the DHCP scope on that subnet and see if that's the issue. I will definitely report back with what happens. - ashlea 11 years ago
-
IP helpers work with any version of OS X. If the K2 showed as a valid boot source then I would think your netboot environment was the culprit, but since the client doesn't even show the K2 as a boot option I would think your routing is the issue. I would definitely try running the netboot across subnets tool I linked above and see if you can get the K2 to show as a boot source when holding down the Option key at boot. - mpace 11 years ago
-
Just spoke to the Kace Management and Developer Team. They do not fully support netbooting across subnets using iphelper. They also do NOT have it in the que for a future feature release. They believe that using an RSA on every vlan is adequate. The only way they will consider this important is based on votes. I found out we have to vote on things like this. I can't believe they consider booting outside of your imaging servers vlan as a "feature". Oh well, it's their rules, we just pay for them....
Please vote here: http://kace.uservoice.com/forums/82717-k2000/suggestions/1687565-mac-netbooting-across-subnets
Without the votes, it WILL NOT happen. - lkalis 11 years ago
Ok so update. Even with DHCP enabled we still can't netboot. Cmd+V doesn't even bring up the log when trying to netboot so we can't see where it's getting stuck. Checking system.log when looking in sys prefs > startup disks doesn't give us anything either. We're starting to think our whole netboot environment is just hosed so we're starting over.
Comments:
-
how did you capture your netboot?
when you hold down the option key during boot do you see the server in the list? - SMal.tmcc 11 years ago -
When I uploaded my netboots for both 10.7 and 10.8 I used this process
Start with previous version of OS on mac.
Download the upgrade app from the store.
copy that app to desktop and use this app to create a USB boot stick for the version.
http://www.itninja.com/link/lion-diskmaker-build-an-os-x-boot-disk-the-really-easy-way
Use the media manager and upload the USB as the target to the kbox. - SMal.tmcc 11 years ago -
Ok so my coworker was the one that created the netboot environment yesterday. I decided to take a look at it with him and I wanted to start over from the beginning. When he was walking me through what he had done, he got several errors, and had to use workarounds to get around them. He also had to turn off time sync to get it to work even though the media was not older than the current OS. This was a huge red flag for me. He was using the dmg file that someone else had downloaded for him from the Mac app store, and that person had changed some file names around and had extracted some files from the .app package (in an attempt to be helpful). My coworker mounted the .dmg file rather than creating a boot disk. I wanted to eliminate the way he was capturing it being the issue, so I created a bootable USB disk for 10.8.3 following the steps here: http://www.macworld.com/article/1161069/make_a_bootable_lion_installer.html
So far, everything looks MUCH better. No errors. It's building the netboot right now so hopefully we'll have success this time around. - ashlea 11 years ago -
So during the capture, kace_netboot mounted and we saw it pop up on the desktop, which did not happen before. However, we are still having the same issue. I even deactivated the dhcp scope for that subnet, turned the onboard dhcp server on kace JUST to see if it would work. Still nadda. Tried your bless command as described above and it just skipped trying to netboot entirely.
And yep, we know simple dhcp is required to netboot from startup using N - we just figured that we could always boot up in the OS using a static IP and deploy from within the OS. But since we've had so many issues, we've tried it both ways.
So to summarize. We recreated the netboot environment, didn't get any errors, still having same issues. We took the Mac client off the static IP and obtained an IP from our MS dhcp server. Still don't see anything in sys prefs > startup disk and pressing N while booting just sits on the globe for a couple minutes and then boots to OS. I deactived the dhcp scope for the subnet on the MS server, enabled the kbox on-board dhcp server, tried again. Still nothing. This is making absolutely no sense to us. - ashlea 11 years ago -
We are starting over again. If this still doesn't work, should we try using 10.8 media rather than 10.8.3? - ashlea 11 years ago
-
Use the option key and you should see the local hhd and the server if it is advertising. If the server shows and still does not boot it is your upload - SMal.tmcc 11 years ago
-
The server does not show up there. - ashlea 11 years ago
-
I've been on the phone with Kace support for an hour. They can't figure it out either. - ashlea 11 years ago
-
Make sure you are using the 10.8.3 media that is available from the app store. Also, whenever you build a netboot environment the source media needs to match the host OS. So in this case your host Mac needs to be running 10.8.3. - mpace 11 years ago
-
that is just what I did for lion and mt lion, made sure the mac and the source media were same version. worked like a charm.
I started with one machine at 10.6.x downloaded and saved the lion app, upgraded, uploaded lion to kace. Then repeated the process for mt lion. - SMal.tmcc 11 years ago
-
Yep we are using 10.8.3 from the app store (we even downloaded it twice from two different computers to make 100% sure nothing was wrong with the download itself). The Macs we are using all have 10.8.3 as well. They escalated my ticket and in the meantime they are having me do an "integrity check" as outlined here to eliminate network issues as the cause: http://www.kace.com/support/resources/kb/article/the-k2000-appliance-integrity-check - ashlea 11 years ago
-
let us know what is the fix, sounds like you have done everything right - SMal.tmcc 11 years ago
Here are the steps I took
Upgraded the kbox to 3.5.76460
Started with an Imac 10.7.5
downloaded the Install OS X Mountain Lion app from the app store. do not install. copied the app to my desktop and removable.
ran the install app and took system to 10.8 and did all updates to it.
downloaded the liondiskmaker app http://liondiskmaker.com/
and created 8 gig boot usb.
opened safari and downloaded media manager from the k2000 and uploaded netboot env into the library
Comments:
-
So the only things we've done different is we started with Macs that were shipped with 10.8.3. Since they don't come with media of course, we downloaded 10.8.3 from the app store. Instead of using liondiskmaker, we created a bootable usb drive following these steps: http://www.itninja.com/blog/view/osx-10-8-usb-boot-device. We have tested that the usb drive is indeed bootable. Downloaded media manager from kbox (already version 3.5.76460, we updated it as soon as it was available) and uploaded netboot. Made sure that it was default boot environment for Mac. Still no bueno. Off to do integrity check now! - ashlea 11 years ago
-
You should also try to disable netboot. save, enable netboot, save,restart.
I have seen sometimes toggling things off and back on reset a glitch in the system.
We have been booting I-mac's, Mac mini's and a powerbook with a thunderbolt Ethernet dongle successfully here. - SMal.tmcc 11 years ago-
Now with the k2000 and macbook hooked up directly on a simple 8 port switch and kbox dhcp turned on, when I go to System Preferences > Startup Disk on the macbook, I see the kace netboot server. However, I cannot fully boot to it. Regardless of whether I select the netboot server here and restart, or if I hold down N while restarting, the spinning globe comes up, and then after that I get an Apple logo with a mini spinning globe directly beneath it. After that it's the apple logo with the spinning circles right below it. It hangs on this screen and won't do anything - even if I leave it for an hour. I have to hard reboot to get out of it.
This is further than we've gotten before. Before, it was just the large spinning globe and then it would boot normally after not finding the netboot server. I've been trying to troubleshoot the new problem but haven't found anything yet (though I haven't been looking very long yet). - ashlea 11 years ago
-
the smaller globe transitioning to the spinning walmart logo means the OS started loading but crapped out due to some software load problem. Could be anything to something was not created properly on the boot stick or during the upload. what size does your boot env show?
mine shows 6.02 gig on the kbox - SMal.tmcc 11 years ago