Solved: Re: UEFI PXE boot with "Cisco Switch DHCP" and WDS Server on Same SubNet

Henry T · ‎12-14-2018

Hi all,

I am tasked to set up SCCM with WDS for OS deployment for our company and I am kind stuck here. For BIOS PC to run PXE boot it's all nice and smooth. But for UEFI PC to PXE boot only works the very first time it request DHCP and PXE. After the first it will not able to PXE boot any more.

Here is the setup:

Catalyst 3650 - DHCP service runs on this device

interface Vlan5
ip address 10.12.20.240 255.255.255.0

ip dhcp pool Vanc_Data
network 10.12.20.0 255.255.255.0
dns-server 10.12.20.231 10.13.33.6 10.3.11.48 10.3.11.110
netbios-name-server 10.3.11.48 10.3.11.110
netbios-node-type h-node
domain-name broadleaflogistics.com
default-router 10.12.20.254
option 252 ascii "http://vscwwpad.logistics.com/wpad.dat"
option 66 ip 10.12.20.234
option 67 ascii "\smsboot\x64\wdsnbp.com"
lease 4

WDS (Managed by SCCM) IP 10.12.20.234 on VLAN5

Client connect to interface VLAN5

I use wireshark did a DHCP track it shows if it's very first time the device request for DHCP and PXE it gets 2 offers. Once from DHCP and one from WDS. The Client then picks up the IP from CISCO DHCP and receiving boot file from WDS.

2 0.002622 10.12.20.240 255.255.255.255 DHCP 395 DHCP Offer - Transaction ID 0xf679787e

3 0.305481 10.12.20.234 255.255.255.255 DHCP 1066 DHCP Offer - Transaction ID 0xf679787e

If I attempt the PXE boot the 2nd time it receives 3 offers

26 616.304568 10.12.20.240 255.255.255.255 DHCP 395 DHCP Offer - Transaction ID 0xf6797888

27 616.620900 10.12.20.234 255.255.255.255 DHCP 1066 DHCP Offer - Transaction ID 0xf6797888

28 616.631694 10.12.20.234 255.255.255.255 DHCP 322 DHCP Offer - Transaction ID 0xf6797888

And the Client PC seems to be taking WDS's offer and trying to get IP from it.

30 619.829942 10.1.20.234 255.255.255.255 DHCP 342 DHCP ACK - Transaction ID 0xf6797888

I keeps on digging on Google regarding to this. A lot post is mentioning IP helper-address command will forward the request and solve this issue. What do they actually mean? Is it configuring VLAN 5 IP Helper-address to WDS or IP Helper-address to DHCP? Also why it worked for the first time only?

Could any one help me answer these questions?

Thank you,

Henry

Henry T · ‎12-28-2018

Hi Rick,

Figured it out. Like you mentioned since DHCP WDS and clients are all on the same subnet there is no need for IP Helper-address function.

What was wrong was the DHCP Options. It seems when Option 66 and Option 67 were used it kind tricked PXE client computer to think that the WDS server is a DHCP server and trying to get IP from it.

After removed Option 66 and 67, didn't add IP helper command, everything just all started working.

So I guess if DHCP, WDS and Client is all on the same subnet there isn't much configuration you need to do. It will just figure it self out when DHCP discovery broadcast was sent out. All the extra Options actually confuses the PXE client.

Cheers~

View solution in original post

Richard Burts · ‎12-15-2018

I am not clear why there seems to be a third offer and why the client is attempting to get IP from WDS and not from the switch. One thing is clear and that is that ip helper-address is for situations where the DHCP server is remote. In that case helper address will forward the request to the server. (remember that the DHCP request is sent as a broadcast and that broadcast messages are normally not forwarded off the local subnet) In your case DHCP is configured on the switch, so it is local and using helper address will not solve your issue.

HTH

Rick

HTH

Rick

Henry T · ‎12-17-2018

Hi Rick,

Thank you for the reply. Don't know what happened during the weekend now it only shows 2 DHCP offers now.

358 243283.450032 0.0.0.0 255.255.255.255 DHCP 389 DHCP Discover - Transaction ID 0x3b77883

359 243283.453804 10.12.20.240 255.255.255.255 DHCP 395 DHCP Offer - Transaction ID 0x3b77883

360 243283.681077 10.12.20.234 255.255.255.255 DHCP 1066 DHCP Offer - Transaction ID 0x3b77883

361 243286.999050 0.0.0.0 255.255.255.255 DHCP 395 DHCP Request - Transaction ID 0x3b77883

362 243287.286830 10.12.20.234 255.255.255.255 DHCP 472 DHCP ACK - Transaction ID 0x3b77883

363 243287.286887 0.0.0.0 255.255.255.255 DHCP 329 DHCP Decline - Transaction ID 0x3b77883

But it seems still trying to get IP from WDS instead of DHCP. Other thing I tried over the weekend was tell WDS "Do not listen on DHCP ports" but that simply just disabled WDS to respond to the PXE request, it gets the IP from the Switch DHCP though.

I am kind out of ideas where to look now. Have been stuck on this for a week now. Would you be able to suggest where I should be looking for this problem?

Thanks,

Henry

Richard Burts · ‎12-18-2018

Henry

As I started investigating this issue I treated it as a networking issue. I went through multiple iterations of looking at the config information, looking at the debug output, and trying to figure out why it was not working. Then I read the original post again and focused on the statement that PXE works the first time for UEFI but then does not work. This led to the realization that it is not a networking issue (network connectivity is ok, and devices connect to the resources that they need) but it seems to be an issue with setup of the WDS server.

I did some research on this and I did find (as you mentioned) multiple suggestions that it be implemented with ip helper rather than with DHCP options. I am not clear why that is suggested (don't see what ip helper would do differently - other than the fact that it would send the request as unicast rather than broadcast - and I do not understand why that might matter). And as I explained in my previous response ip helper would not work in your case since ip helper is designed for environments where the DHCP/PXE servers are remote and your servers are in the same subnet as the client. I did find a link that discusses doing both legacy BIOS and UEFI. I do not know enough about your environment to know if this fits or not, but hope that you will find it helpful.

https://marconuijens.com/2018/01/04/supporting-both-legacy-and-uefi-modes-in-your-sccm-environment/

HTH

Rick

HTH

Rick

Henry T · ‎12-28-2018

Hi Rick,

Figured it out. Like you mentioned since DHCP WDS and clients are all on the same subnet there is no need for IP Helper-address function.

What was wrong was the DHCP Options. It seems when Option 66 and Option 67 were used it kind tricked PXE client computer to think that the WDS server is a DHCP server and trying to get IP from it.

After removed Option 66 and 67, didn't add IP helper command, everything just all started working.

So I guess if DHCP, WDS and Client is all on the same subnet there isn't much configuration you need to do. It will just figure it self out when DHCP discovery broadcast was sent out. All the extra Options actually confuses the PXE client.

Cheers~

Richard Burts · ‎12-28-2018

Henry

Thanks for the update. Glad to know that you figured out the solution and that my suggestions were helpful. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick

HTH

Rick

pierredacres · ‎08-22-2019

Well this is what happens when you don't rtfm because the WDS setup instructions specifically say this is what will happen and why you should or should configure the adtional options in DHCP. Besides which it is much better and easier to set up dhcp on the WDS server as a single point of contact for the pxe host. it is much easier to troubleshoot.