What About Routing PXE Packets?
What About Routing PXE Packets?
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
bkelly
18 years ago
When PXE server has Proxy DHCP enabled, it functions similar to a regular DHCP server. But unlike a DHCP server, the Proxy-DHCP/PXE server doesn't have a pool of IP addresses to lease out . When the Proxy-DHCP/PXE server identifies a DHCP Discovery broadcast from a PXE client it sends back a DHCP offer without any IP address. Because the DHCP offer broadcast from the Proxy-DHCP/PXE server does not contain any IP address, a router will be unable to forward that broadcast to the client. The end result is that the PXE client is unaware of the Proxy-DHCP/PXE server and therefore makes no attempt to contact it.
If trying to use PXE in a routed environment you must do one of the following:
Alexandre SEITZ, Ingénieur Réseaux writes,
"I had to face this problem: routing PXE packet through 2 different IP vlans. The solution is to use a router plugged on the Clients PCs vlan. And to configure a IP helper address (DHCP server address). Then you can route PXE packets and let the PXE servers on another subnet than Clients PCs."
Lee Coward writes, "We got around this problem by changing the IP Helper Address on the VLAN to point to the Subnet Broadcast address instead of a single device.
Instead of using the command : ip helper-address 192.168.128.100
use the command : ip helper-address 192.168.128.255
(Where 192.168.128.0 - 255.255.255.0 is the network ID.)
This allows both the DHCP server and the RIS server to respond to the DHCP "Discover" broadcasts from the client..
This works on a Cisco Cat650x with MSFC.
To minimize forwarded broadcast traffic you may also want to disable forwarded protocols for UDP ports 69, 53,37,137,138 & 49 as these are enabled by default and the helper will forward them onto the destination subnet.
Use the command "no ip foward-protocol udp xx" (where xx is the UDP port number)."
Marc Erkens writes, "The problem is really a bug in the Cisco IOS software. This is what Cisco thinks is going on....
A Cisco router running Cisco IOS may not calculate a User Datagram Protocol (UDP) checksum for a Dynamic Host Configuration Protocol (DHCP) offer frame that it is forwarding. This situation seems to only occur when the offer does not contain an IP address for the client, which forces the router to broadcast the response. This problem does not affect normal DHCP traffic, since a real DHCP frame from a DHCP server offers an IP address. It will affect portable execution environment (PXE) clients that are using LCCM servers to gather their configurations files. There is no workaround.
Another member writes, "Another option is to use a DHCP relay agent (in my case, i'm using a Linux router, so i'm using the ISC dhcrelay daemon), and configure it to forward DHCP requests to both the DHCP server and the PXE server. After setting this up and allowing TFTP and a couple of associated boot protocols through the router, PXE and imaging across routers works fine for us"
If anyone has further information concerning this or knows of other options- please let me know!
If trying to use PXE in a routed environment you must do one of the following:
- Run the DHCP and PXE on the same computer
- Place the PXE server on the same subnet as the client PCs.
Alexandre SEITZ, Ingénieur Réseaux writes,
"I had to face this problem: routing PXE packet through 2 different IP vlans. The solution is to use a router plugged on the Clients PCs vlan. And to configure a IP helper address (DHCP server address). Then you can route PXE packets and let the PXE servers on another subnet than Clients PCs."
Lee Coward writes, "We got around this problem by changing the IP Helper Address on the VLAN to point to the Subnet Broadcast address instead of a single device.
Instead of using the command : ip helper-address 192.168.128.100
use the command : ip helper-address 192.168.128.255
(Where 192.168.128.0 - 255.255.255.0 is the network ID.)
This allows both the DHCP server and the RIS server to respond to the DHCP "Discover" broadcasts from the client..
This works on a Cisco Cat650x with MSFC.
To minimize forwarded broadcast traffic you may also want to disable forwarded protocols for UDP ports 69, 53,37,137,138 & 49 as these are enabled by default and the helper will forward them onto the destination subnet.
Use the command "no ip foward-protocol udp xx" (where xx is the UDP port number)."
Marc Erkens writes, "The problem is really a bug in the Cisco IOS software. This is what Cisco thinks is going on....
A Cisco router running Cisco IOS may not calculate a User Datagram Protocol (UDP) checksum for a Dynamic Host Configuration Protocol (DHCP) offer frame that it is forwarding. This situation seems to only occur when the offer does not contain an IP address for the client, which forces the router to broadcast the response. This problem does not affect normal DHCP traffic, since a real DHCP frame from a DHCP server offers an IP address. It will affect portable execution environment (PXE) clients that are using LCCM servers to gather their configurations files. There is no workaround.
Another member writes, "Another option is to use a DHCP relay agent (in my case, i'm using a Linux router, so i'm using the ISC dhcrelay daemon), and configure it to forward DHCP requests to both the DHCP server and the PXE server. After setting this up and allowing TFTP and a couple of associated boot protocols through the router, PXE and imaging across routers works fine for us"
If anyone has further information concerning this or knows of other options- please let me know!
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
so that the conversation will remain readable.