Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
737
Views
1
Helpful
9
Replies

PXE Boot Requests Fail across VLAN's

IKNOOR
Level 1
Level 1

‎03-28-2025 08:58 AM

I have a PXE server ( Windows ) in VLAN 70 and PXE Client ( a Laptop) in VLAN 30. But the PXE boot is failing.. Both these are ( PXE Server and PXE Client) is connected to L3 Switch which is C9300 Catalyst

VLAN 70 subnet : 10.10.4.248/29
IP to PXE Server : 10.10.4.250

VLAN 30 Subnet : 10.10.4.0/25
IP to PXE Client : 10.10.4.8

 defined below 
!
ip dhcp pool 30
network 10.10.4.0 255.255.255.128
default-router 10.10.4.1
option 66 ip 10.10.4.250
option 67 ascii boot\x64\wdsnbp.com
!
interface vlan 300
ip address 10.10.4.1 255.255.255.128
ip helper-address 10.10.4.250
no ip redirects
ip directed-broadcast
!

ip routing

I am able to ping the PXE server ( vlan 70) from VLAN 30 the issue showing on the debug is FSM state change INVALID

 

 

Labels:
0 Helpful
9 Replies 9

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎03-28-2025 09:31 AM

I recall (???) you may need to "inform" the helper with additional information to support PXE booting across subnets.

At this moment, I don't have the time to research this, but if the forgoing is true, it may help you or others to find the specific configuration needed.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Joseph W. Doherty

‎03-28-2025 10:54 AM - edited ‎03-28-2025 10:55 AM

This may be what I vaguely recalled:

https://www.manishbangia.com/ip-helper-address-configuration-for-pxe-boot/

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎03-28-2025 09:57 AM

If the clients are coming from VLAN 30, and what PXE boot server windows ? (i suggest to why not use same Windows server as DHCP Also- check below guide for windows PXE and DHCP Server)

 

then your configuration should vlan 30 not 300

interface vlan 30
ip address 10.10.4.1 255.255.255.128

ip helper-address 10.10.4.250
no ip redirects
ip directed-broadcast

check this post can help you :

https://community.cisco.com/t5/switching/uefi-pxe-boot-with-quot-cisco-switch-dhcp-quot-and-wds-server-on/td-p/3764149

 

Check Windows Server :

https://knowledgebase.macrium.com/display/KNOW80/Installing+and+Configuring+DHCP+for+PXE+Boot+on+Windows+Server+2016+2019+2022

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

IKNOOR
Level 1
Level 1
In response to balaji.bandi

‎03-28-2025 09:59 AM

That is typo its 30 not 300 on my config

0 Helpful

IKNOOR
Level 1
Level 1
In response to balaji.bandi

‎03-28-2025 12:47 PM - edited ‎03-28-2025 12:47 PM

PXE server is in VLAN 70 and PXE client is in VLAN 30 

When trying ping PXE server using source VLAN 30, its pinging which means reachability is there. The failure on the debug shows for TFTP communication issue between Server and Client

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to IKNOOR

‎03-28-2025 02:57 PM

I believe that BB is on the right track in suggesting that you need in your configuration "ip directed-broadcast". But he suggests that it be on the interface where the client is. But it is not needed in that interface (ip helper address on that interface takes care of the broadcast packet in that vlan/subnet). It is needed on the interface where the server is.

HTH

Rick

balaji.bandi
Hall of Fame
Hall of Fame
In response to IKNOOR

‎03-29-2025 07:48 AM

post the Logs here and what PXE boot server ?

suggest to post the complete configuration.

i do not see any information related to this - TFTP communication

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to balaji.bandi

‎03-29-2025 11:13 AM

The OP says "I am able to ping the PXE server ( vlan 70) from VLAN 30" and that does demonstrate that the issue is not IP connectivity. The OP mentions some debug output and it might be helpful to see that debug output.  The OP also says "The failure on the debug shows for TFTP communication issue". I am not clear what TFTP has to do with PXE boot.

I believe that this is the issue: client sends a request to the server which is sent as a broadcast. The ip helper-address on the client vlan interface takes the broadcast and forwards it to the vlan of the server. By default the vlan interface of the server does not forward broadcasts. Using ip directed-broadcast on the server vlan interface wouild resolve the issue.

HTH

Rick
0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎03-29-2025 12:00 PM

Doing a quick review of the literature. . .

Regarding using directed-broadcast, from a quick review, IP helper-address should be the subnet broadcast, not a host IP. That noted, as you only have one PXE server, I don't see the benefit using a directed broadcast.

I read that you shouldn't need DHCP options 66 and 67 with IP helper address.  Either alone should work, although as I wrote earlier, IP helper-address might not be forwarding the necessary UDP port by default.

Of the two approaches, there seems to be a preference for using just IP helper-address.

0 Helpful
Customers Also Viewed These Support Documents