Configuration Manager 2007 OSD - PXE Boot across Subnets
In this blog, i will discuss about "How to allow a DHCP broadcasts across subnets or VLAN's to PXE boot clients"
As far as subnets or VLAN’s are considered, it should allow DHCP broadcasts at port 67 to the WDS / RIS Server for the PXE client to indicate the RIS / WDS Server that it is looking to be serviced. If this doesn’t happen the WDS will not be able to reply back to the PXE client with the boot file. Alternatively if broadcasts cannot be allowed to RIS / WDS, the DHCP should inform the PXE client and make it aware of where the RIS/ WDS Server is located and where it can obtain the boot files from.
Note: If a DHCP Server is running on the Windows Deployment Services Server, WDS must be configured to not listen on port 67 and DHCP option tag 60 must be added to all DHCP scopes on your DHCP Server. Non-Microsoft DHCP Servers require manual configuration of the DHCP option tag 60.
These settings can be defined from the WDS Server properties -- DHCP tab.
How the PXE Remote Boot Technology Works
Pre-Boot execution Environment (PXE), provides companies with the ability to use their existing TCP/IP network infrastructure with the Dynamic Host Configuration Protocol (DHCP) to discover remote installation servers on the network. Net PC/PC98-compliant systems, and computers equipped with network interface cards (NICs) supported by the RIS remote boot disk can take advantage of the remote boot technology included in the Windows 2003 operating system.
When a PXE-enabled client computer is turned on, the PXE-based ROM (NIC) requests an IP address from a DHCP server using the normal DHCP discovery process. As part of the initial DHCP discover request, the client computer also identifies itself as being PXE-enabled, which indicates to the remote installation servers on the network that it is looking to be serviced. Any available RIS / WDS server on the network can respond by providing the client with its IP address, and the name of a boot file the client should request if that client wants service from that server.
Test Performed in LAB
To demonstrate the flow of packets when a bare metal machine PXE boots and how it locates the ConfigMgr PXE point, the following lab test was done and a network trace was taken at the time of deployment.
SCCM Server with PXE role configured
NetBIOS: SCCM2007-01
IP Address: 52.0.0.9
Domain Controller, DHCP Server
NetBIOS: CorpBDC01
IP Address: 52.0.0.1
PXE Client
IP Address : 52.0.0.12 assigned by DHCP.
SCCM Server (Network trace)
2 9.218750 52.0.0.9 255.255.255.255 DHCP DHCP: Boot Reply, MsgType = OFFER, TransactionID = 0x5E4F2506
3 9.218750 0.0.0.0 255.255.255.255 DHCP DHCP: Boot Request, MsgType = DISCOVER, TransactionID = 0x5E4F2506
4 9.218750 52.0.0.9 255.255.255.255 DHCP DHCP: Boot Reply, MsgType = OFFER, TransactionID = 0x5E4F2506
5 9.218750 52.0.0.1 255.255.255.255 DHCP DHCP: Boot Reply, MsgType = OFFER, TransactionID = 0x5E4F2506
6 13.234375 0.0.0.0 255.255.255.255 DHCP DHCP: Boot Request, MsgType = REQUEST, TransactionID = 0x5E4F2506
7 13.234375 52.0.0.1 255.255.255.255 DHCP DHCP: Boot Reply, MsgType = ACK, TransactionID = 0x5E4F2506
8 13.234375 52.0.0.12 52.0.0.9 DHCP DHCP: Boot Request, MsgType = REQUEST, TransactionID = 0x5E4F2506
9 13.234375 52.0.0.9 52.0.0.12 DHCP DHCP: Boot Reply, MsgType = ACK, TransactionID = 0x5E4F2506
12 13.828125 52.0.0.12 52.0.0.9 DHCP DHCP: Boot Request, MsgType = REQUEST, TransactionID = 0x5E4F2506
13 13.859375 52.0.0.9 52.0.0.12 DHCP DHCP: Boot Reply, MsgType = ACK, TransactionID = 0x5E4F2506
DHCP Server (trace)
2 12.671875 0.0.0.0 255.255.255.255 DHCP DHCP: Boot Request, MsgType = DISCOVER, TransactionID = 0x5E4F2506
3 12.671875 52.0.0.1 255.255.255.255 DHCP DHCP: Boot Reply, MsgType = OFFER, TransactionID = 0x5E4F2506
4 12.671875 52.0.0.9 255.255.255.255 DHCP DHCP: Boot Reply, MsgType = OFFER, TransactionID = 0x5E4F2506
5 16.687500 0.0.0.0 255.255.255.255 DHCP DHCP: Boot Request, MsgType = REQUEST, TransactionID = 0x5E4F2506
6 16.687500 52.0.0.1 255.255.255.255 DHCP DHCP: Boot Reply, MsgType = ACK, TransactionID = 0x5E4F2506
7 170.890625 0.0.0.0 255.255.255.255 DHCP DHCP: Boot Request, MsgType = DISCOVER, TransactionID = 0xA06341EC
8 170.890625 52.0.0.1 255.255.255.255 DHCP DHCP: Boot Reply, MsgType = OFFER, TransactionID = 0xA06341EC
9 170.890625 0.0.0.0 255.255.255.255 DHCP DHCP: Boot Request, MsgType = REQUEST, TransactionID = 0xA06341EC
10 170.890625 52.0.0.1 255.255.255.255 DHCP DHCP: Boot Reply, MsgType = ACK, TransactionID = 0xA06341EC
11 174.281250 52.0.0.12 52.0.0.1 DHCP DHCP: Boot Request, MsgType = REQUEST, TransactionID = 0xC1EF01A0
12 174.281250 52.0.0.1 52.0.0.12 DHCP DHCP: Boot Reply, MsgType = ACK, TransactionID = 0xC1EF01A0
Exploded view of frames 8-9, 12-13 of SCCM Server
Frame:
+ Ethernet: Etype = Internet IP (IPv4)
+ Ipv4: Next Protocol = UDP, Packet ID = 2, Total IP Length = 576
+ Udp: SrcPort = BOOTP client(68), DstPort = 4011, Length = 556
- Dhcp: Boot Request, MsgType = REQUEST, TransactionID = 0x5E4F2506
OpCode: Boot Request, 1(0x01)
Hardwaretype: Ethernet
HardwareAddressLength: 6 (0x6)
HopCount: 0 (0x0)
TransactionID: 1582245126 (0x5E4F2506)
Seconds: 4 (0x4)
+ Flags: 0 (0x0)
ClientIP: 52.0.0.12
YourIP: 0.0.0.0
ServerIP: 0.0.0.0
RelayAgentIP: 0.0.0.0
+ ClientHardwareAddress: 00-15-5D-4F-25-06
ServerHostName:
BootFileName: à Requesting for boot file
MagicCookie: 99.130.83.99
+ MessageType: REQUEST
+ ParameterRequestList:
+ MaxDHCPMessageSize: 1260 UINT8(s)
+ Generaloption: UUID/GUID based Client Identifier
+ Generaloption: Client System
+ Generaloption: Client Network Device Interface
+ VendorClassIdentifier: PXEClient:Arch:00000:UNDI:002001
+ End:
Frame:
+ Ethernet: Etype = Internet IP (IPv4)
+ Ipv4: Next Protocol = UDP, Packet ID = 10900, Total IP Length = 367
+ Udp: SrcPort = 4011, DstPort = BOOTP client(68), Length = 347
- Dhcp: Boot Reply, MsgType = ACK, TransactionID = 0x5E4F2506
OpCode: Boot Reply, 2(0x02)
Hardwaretype: Ethernet
HardwareAddressLength: 6 (0x6)
HopCount: 0 (0x0)
TransactionID: 1582245126 (0x5E4F2506)
Seconds: 4 (0x4)
+ Flags: 0 (0x0)
ClientIP: 52.0.0.12
YourIP: 0.0.0.0
ServerIP: 52.0.0.9
RelayAgentIP: 0.0.0.0
+ ClientHardwareAddress: 00-15-5D-4F-25-06
ServerHostName:
BootFileName: smsboot\x86\wdsnbp.com à PXE Client receives the first bootable file which is downloaded
MagicCookie: 99.130.83.99
+ MessageType: ACK
+ ServerIdentifier: 52.0.0.9
+ Generaloption: UUID/GUID based Client Identifier
+ VendorClassIdentifier: PXEClient
+ Generaloption: Continuation Option
+ End:
Frame:
+ Ethernet: Etype = Internet IP (IPv4)
+ Ipv4: Next Protocol = UDP, Packet ID = 60, Total IP Length = 327
+ Udp: SrcPort = BOOTP client(68), DstPort = 4011, Length = 307
- Dhcp: Boot Request, MsgType = REQUEST, TransactionID = 0x5E4F2506
OpCode: Boot Request, 1(0x01)
Hardwaretype: Ethernet
HardwareAddressLength: 6 (0x6)
HopCount: 0 (0x0)
TransactionID: 1582245126 (0x5E4F2506)
Seconds: 0 (0x0)
+ Flags: 0 (0x0)
ClientIP: 52.0.0.12
YourIP: 0.0.0.0
ServerIP: 0.0.0.0
RelayAgentIP: 0.0.0.0
+ ClientHardwareAddress: 00-15-5D-4F-25-06
ServerHostName:
BootFileName: à Request for second file
MagicCookie: 99.130.83.99
+ MessageType: REQUEST
+ VendorClassIdentifier: PXEClient
+ Generaloption: UUID/GUID based Client Identifier
+ Generaloption: Client System
+ Generaloption: Continuation Option
+ ParameterRequestList:
+ Generaloption: Continuation Option
+ End:
Frame:
+ Ethernet: Etype = Internet IP (IPv4)
+ Ipv4: Next Protocol = UDP, Packet ID = 10957, Total IP Length = 538
+ Udp: SrcPort = 4011, DstPort = BOOTP client(68), Length = 518
- Dhcp: Boot Reply, MsgType = ACK, TransactionID = 0x5E4F2506
OpCode: Boot Reply, 2(0x02)
Hardwaretype: Ethernet
HardwareAddressLength: 6 (0x6)
HopCount: 0 (0x0)
TransactionID: 1582245126 (0x5E4F2506)
Seconds: 0 (0x0)
+ Flags: 0 (0x0)
ClientIP: 52.0.0.12
YourIP: 0.0.0.0
ServerIP: 52.0.0.9
RelayAgentIP: 0.0.0.0
+ ClientHardwareAddress: 00-15-5D-4F-25-06
ServerHostName:
BootFileName: smsboot\x64\pxeboot.n12 à you get option to press F12 and gets the pxeboot.n12 file
MagicCookie: 99.130.83.99
+ MessageType: ACK
+ ServerIdentifier: 52.0.0.9
+ Generaloption: UUID/GUID based Client Identifier
+ VendorClassIdentifier: PXEClient
+ Generaloption: UNHANDLED DHCP OPTION CODE
+ WPAD: \SMSTemp\2008.08.28.18.45.27.06.{65B31783-614D-43BE-9CD0-A57B75F2ADBC}.boot.bcd
+ End:
How to allow a DHCP Server that is located in a different subnet to respond to a PXE client
So here is the answer:
If DHCP is installed on a server that is located in a different subnet, then you will need to do one of the following:
· (recommended) Configure your IP Helper tables. All DHCP broadcasts on UDP port 67 by client computers should be forwarded directly to both the DHCP server and the Windows Deployment Services PXE server. Also, all traffic to UDP port 4011 from the client computers to the Windows Deployment Services PXE server should be routed appropriately (these requests direct traffic to the server, not broadcasts).
· Add DHCP options 66 and 67. Option 66 should be set to the Windows Deployment Services server, and option 67 should be set to smsboot\x86\wdsnbp.com.
As suggested configure IP Helper tables to Allow all DHCP broadcasts on UDP port 67 to the SCCM PXE point
Or else
configure the Add DHCP options 66 and 67. Option 66 should be set to the SCCM PXE server, and option 67 should be set to smsboot\x86\wdsnbp.com.
Note: You can also configure IP Helper table along with DHCP option 66 & 67 together to allow redundancy.
Reference links
Step-by-Step Guide for Windows Deployment Services in Windows Server 2003
https://technet.microsoft.com/en-us/library/cc766320.aspx
Sample Operating System Deployment Task Sequence Scenarios
https://technet.microsoft.com/en-us/library/bb633208.aspx
Operating System Deployment in Configuration Manager
https://technet.microsoft.com/en-us/library/bb632767.aspx
Troubleshooting Operating System Deployment
https://technet.microsoft.com/en-us/library/bb632813.aspx
Log Files for Operating System Deployment
https://technet.microsoft.com/en-us/library/bb932135.aspx
Deploying Operating Systems by Using System Center Configuration Manager
https://technet.microsoft.com/en-us/library/bb978331.aspx
Operating System Deployment in Configuration Manager