Netboot/Netinstall using MS DHCP

Similar Messages

• Can i use Internal DHCP on WLC Guest Anchor (5508) with Foreign HA 5508

  DHCP Proxy is required in order to use local WLC DHCP Pool (Guest Anchor), however reading Wireless Q&A (http://www.cisco.com/image/gif/paws/107458/wga-faq.pdf) states that both foreign and guest anchors must have :
  In a Wireless guest access setup, the DHCP proxy setting in the Guest Anchor controllers
  and the internal controller must match. Else, DHCP request from clients are dropped and you
  see this error message on the internal controller......
  However if you have N+1 you cannot use internal DHCP, does this also "grey" out the DHCP Proxy global setting? If so will the Guest Anchor still work with a internal DHCP pool even though foreign and guest controllers have a mismatch in DHCP Proxy (global) setting?
  Many Thanks
  Kam

  Well it should still work... dhcp proxy is required on the WLC that has a dhcp scope.  With the newer code versions, you can enable dhcp proxy on a per interface do this doens't have to be global.

• How do NetBoot/NetInstall clients report connection & progress to server

  We've got rather tight access controls on our networks at my uni and one things I've noticed is we don't get the Connection and Progress information from NetBoot/NetInstall clients that you normally see in Server Admin. Does anyone know how is info is sent back to the server so we can reconfigure our access controls. My guess is its some sort of multi-cast but I need more info.

  It's a Bonjour broadcast.
  bnesse5:~ brian$ dns-sd -B netbootclient.tcp .
  Browsing for netbootclient.tcp
  Timestamp A/R Flags if Domain Service Type Instance Name
  11:38:45.329 Add 2 4 local. netbootclient.tcp. NetBoot011

• NetBoot & NetInstall across subnets

  I've recently begun deployment of our NetBoot servers within our organization. Everything is working as expected, but I'd like to be able to NetInstall across subnets without having to add a helper address to the routers. Basically we're in a large organization and getting rules added to the routers is a lengthy and unlikely scenario. That said, I've seen a few articles regarding the ability to NetBoot across subnets using OF or EFI.
  http://www.bombich.com/software/nbas.html
  I've verified NetBoot is working on the same subnet, but I've encountered an issue when NetBooting from different subnets. I've tested three systems (iBook G4, PowerMac G4, & Intel MacBook), but only the Intel system is able to communicate. If I look at the server logs, the MacBook is able to consistently communicate, but there are no log entries for any of the PPC attempts. Thus, PPC systems time out when attempting to access the server.
  I'm not using any NetBoot, DHCP, or MAC address filtering, so I'm not sure what the problem is. I'm pretty much using an out-of-box configuration with all the larest updates (10.4.7). As far as the client, I've used the NBAS tool, as well as manually configured the systems using Terminal (sudo nvram boot-device="enet:10.x.x.x").
  Anybody have any additional input regarding the ability to NetBoot across subnets? Any idea why an Intel system would NetBoot, but PPC would not? Again, filtering has not been enabled.

  Yes, each system points to the appropriate image based on architecture (PPC, Intel). The problem is that the server never seems to acknowledge the PPC systems. If I boot an Intel system, I can see the communication data in the server logs. The PPC systems never even register an entry in the logs. It appears as though they never commmunicate at all. Even if a PPC image is specified and an Intel systems boots to the NetBoot server, the commmunication is still logged.
  I need to run some additional tests, as well as a packet capture. Perhaps a packet capture will yield some useful information.

• NetBoot/NetInstall settings in Server Admin buggy as ****?

  Hi,
  I administer a Mac pool in College. We recently updated to all new iMacs (except for one, which still is a 2006 C2D iMac) and Leopard Server running on a PowerMac G4 (Dual 1GHz, 1.5 GB RAM).
  Except for a few initial quirks with Directory Services, Leopard Server runs fine and snappy on the G4 and seems highly reliable. But then again, there's this BIG problem with NetInstall.
  We setup one of the new iMacs as the master computer with all the neccesary software installed, and then created a NetInstall image from it using System Image Utility. It took a while, but went fine.
  We then placed the image in the proper directory (Library/NetBootSP0), and configrured and launched NFS and NetBoot services in Server Admin. It found the image and offered configuration for it. But somehow, the most essential settings are not saved, when clicking "Save" in server admin, no matter whether the service is still running or being stopped before settings are changed.
  These settings are saved by Server Admin:
  Default image
  Enable this image
  Diskless (while not being available)
  Architecture (Universal, Intel or PPC)
  Protocol (NFS or HTTP)
  While these settings *are not* saved by Server Admin whatsoever:
  Model property filtering ("Allow any Apple Computer" vs. "Allow only specified models")
  MAC Address filtering ("Allow only listed clients and deny others" vs. "Deny listed clients and allow all others")
  (These settings appear when selecting an image from the list an clicking on the Edit-button (with a pen on it))
  Whenever I make a change to this and click "Save", Server Admin simply ignores this and reverts it to the default settings, which are "Allow any Apple Computer" an "Allow only listed clients and deny others" with no clients listed.
  When I leave the setting on "allow listed and deny others" (Whitelist), an add a clients MAC Address and save, this is ignored by Server Admin.
  When I change the setting to "deny listed and allow others" (Blacklist), and save, this is ignored by Server Admin too. No matter whether I add MAC Addresses to the blacklist or not.
  That way, the NetBoot service will *not send my NetInstall Image to any client*, because it thinks it has a whitelist configured, that is permanently empty. Clients not added to the whitelist are denied, which is good, but it is not possible at all, to even add a client to that whitelist. Blacklisting some machine and allowing all others doesn't work either.
  Editing the approproate NBImageInfo.plist manually showed me, that Server Admin is able to:
  read settings for specified types of models properly, but unable to change this setting
  and *unable to even read settings about whitelisted or blacklisted MAC addresses* from the plist (keys "EnabledMACAddresses" or "DisabledMACAddresses") properly.
  And so, it also cannot write these settings into the plist, it seems.
  I have to NetInstall the classroom until thursady, and because of this bug, I cannot get it to work as it should, since all my cients are denied the image. This is very frustrating.
  What can I do?
  Message was edited by: jamespsullivan

  MAC address filtering at the server level works, just not filtering at the image level. Depending on exactly what you are trying to achieve, this might help. But, I'm not clear on exactly what you are trying to achieve with the filtering.
  The 1,0 syntax is mostly irrelevant. It is simply a reference to the NIC on the connecting system. If you have a machine with multiple NIC's (such as a Mac Pro) you might see something like 2,0:xx... instead. Regarding the rest of it, I believe the Server admin will accept accept any MAC address in the format of xx:xx:xx:xx:xx:xx with or without leading 0's (i.e. 00:0a:1b vs. 0:a:1b).
  Model filtering information is stored in the NBImageInfo.plist, and can be manually tweaked with an appropriate application of force. You can manually move system types that you want enabled into the EnabledSystemIdentifiers list (and, of course, remove them from the DisabledSystemIdentifiers list).

• How can I create a NetBoot image using command line tools?

  Is it possible to create a NetBoot image entirely using command line tools?
  (That is, without using the SystemImageUtility)
  If so, are there reasonable instructions posted somewhere?
  I don't believe I can use SystemImageUtility with my current setup,
  but I would be happy to hear how I could:
  I have a set of Xserve clusternodes but without optical drives or video cards.
  One node acts as the head, running DHCP, DNS, OpenDirectory, Xgrid.
  They are wired to a gigabit switch.
  I have a PowerBook connected on the subnet which has ServerAdmin Tools installed.
  I don't think when I run SystemImageUtility on my PowerBook that I can successfully image one of the clusternodes disks over the network.
  I have tried to start one node in target(Firewire) mode, connect it via Firewire
  to the head node, and run hdiutil from the head node to make a complete disk image of the clusternode's drive.
  But a NetBoot image requires the whole nbi file, right?
  Could I then use copy this disk image to my PowerBook and use SystemImageUtility on my PowerBook to create a NetBoot image from it?
  I really have tried to read the PDFs, but I found the section on System Imaging in the Command Line Reference rather unhelpful.
  Thanks for anyones help.
  dmaus
    Mac OS X (10.4.4)  

  To create a NetBoot image, you could just put the cluster node in target mode and attach it to your PowerBook. Then use SIU to create the NetBoot image.
  If you're trying to create a backup image of the disk, use hdiutil, or put in in target mode and create the image with Disk Utility.

• Netboot doesn't work; DHCP issue?

  I'm setting up NetBoot for the first time on my Leopard Xserve, trying to do NetInstall on some G4 clients.
  Imaging seemed to work fine and the client boots as far as the grey apple screen - but then the client crashes with "You need to restart your computer now".
  The log looks like this:
  May 19 03:42:29 blue bootpd[64401]: can't open /etc/bootptab
  May 19 03:42:29 blue bootpd[64401]: server name blue.pvpa.com
  May 19 03:42:29 blue bootpd[64401]: interface en0: ip 192.168.1.15 mask 255.255.255.0
  May 19 03:42:29 blue bootpd[64401]: subnets: Failed to convert 'router': Invalid IP address
  May 19 03:42:29 blue bootpd[64401]: bsdpd: re-reading configuration
  May 19 03:42:29 blue bootpd[64401]: bsdpd: shadow file size will be set to 48 megabytes
  May 19 03:42:29 blue bootpd[64401]: bsdpd: age time 00:15:00
  I'm not running DHCP service on my Xserve - DHCP is coming from the router. The client does seem to be getting an IP address, according to Server Admin --> NetBoot --> Clients. Do I need to do something different with DHCP on the Xserve, and if so what?
  Also, I tried creating /etc/bootptab by hand but that didn't make a difference either.

  May 19 03:42:29 blue bootpd64401: subnets: Failed to convert 'router': Invalid IP address
  This might be an issue... I've never seen this log before. Is your server on a different subnet then the clients you are attempting to boot? NetBoot doesn't work across subnets without some extra work.

• I use Cisco DHCP I can not get the IP from manual binding.

  Good day,
  I am using a Router Cisco 1841 as DHCP Server and I trying to configure a manual binding but is not working, here is the configuration:
  Router#sh run
  Building configuration...
  Current configuration : 1026 bytes
  version 12.3
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname Router
  boot-start-marker
  boot system flash c1841-adventerprisek9-mz.123-11.T10.bin
  boot-end-marker
  mmi polling-interval 60
  no mmi auto-configure
  no mmi pvc
  mmi snmp-timeout 180
  no aaa new-model
  ip subnet-zero
  ip cef
  ip dhcp excluded-address 172.16.12.1
  ip dhcp pool Test
  host 172.16.12.254
  hardware-address 0100.016c.cbaf.31
  client-name Test01
  ip ips po max-events 100
  no ftp-server write-enable
  no crypto isakmp ccm
  interface FastEthernet0/0
  ip address 172.16.12.1 255.255.254.0
  speed 100
  full-duplex
  interface FastEthernet0/1
  no ip address
  shutdown
  duplex auto
  speed auto
  interface ATM0/0/0
  no ip address
  shutdown
  no atm ilmi-keepalive
  dsl operating-mode auto
  interface Serial0/1/0
  no ip address
  shutdown
  no fair-queue
  clockrate 2000000
  ip classless
  ip http server
  no ip http secure-server
  control-plane
  line con 0
  line aux 0
  line vty 0 4
  login
  end
  Router#sh ver
  Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.3(11)T10, RELEASE SOFTWARE (fc4)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2006 by Cisco Systems, Inc.
  Compiled Fri 03-Mar-06 17:40 by dchih
  ROM: System Bootstrap, Version 12.3(8r)T9, RELEASE SOFTWARE (fc1)
  ROM: Cisco IOS Software, 1841 Software (C1841-ADVSECURITYK9-M), Version 12.4(3c), RELEASE SOFTWARE (fc1)
  Router uptime is 4 minutes
  System returned to ROM by power-on
  System image file is "flash:c1841-adventerprisek9-mz.123-11.T10.bin"
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  Cisco 1841 (revision 6.0) with 236544K/25600K bytes of memory.
  Processor board ID FTX1013W27Q
  2 FastEthernet interfaces
  1 Serial(sync/async) interface
  1 ATM interface
  1 Virtual Private Network (VPN) Module
  DRAM configuration is 64 bits wide with parity disabled.
  191K bytes of NVRAM.
  62720K bytes of ATA CompactFlash (Read/Write)
  Configuration register is 0x2102
  Router#
  Thank You Very Much
  Regards
  HG

  Hello Hernan,
  The provided MAC address contains an ethernet media type. Try changing the ethernet media type to .66 as per documentation.
  hardware-address 0100.016c.cbaf.31
  -------------------------------------------^
  Alternatively you can remove the last three characters ".31" from the configuration.
  http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hiad_c/ch10/hipdhcps.htm#wp1074511
  Use "debug ip dhcp server" to see what happens during DHCP negotiation with client/server.
  HTH
  --Leon
  * Please rate posts.

• Solaris 10 x86 PXE and jumpstart using Linux DHCP server !!

  Hi,
  I am trying to get a my Solaris 10x86 jumpstart rolling.
  I have created the images for the OS, but the only issue I have ahead is using a Linux box as a DHCP server for my X86 box to get the image.
  Is it possible to have a linux host that serves as a dhcp server to jumstart X86 host with Sol 10 x86
  or do I need to have a solaris host that runs DHCP service on it.
  Any advice on this issue.
  Thanks.

  Well, if you don't think the online Documentation helpful, then the better way is reading step-by-step instructions from a book. Get to local bookstore, i.e Barne&Nobles or Border or any big local bookstore, there should be pretty good book for Unix Administrator (Solaris version).
  If you have time and think you can memorize then, read on the spot; otherwise, buy the book for future reference.
  If that's not what you had in mind, then this link of free online book might help : http://www.oreilly.com/catalog/solaris8/chapter/ch04.html
  Normally, oreilly online bookstore offers free books to accredited universities, colleges, and organizations. However, if that option isn't for you, it might even offer free sample chapters that might just suit your needs.
  hoep it helps.
  -van.

• Using firestarter, dhcp..very slow

  help,
  I have one internet connection that I am wanted to share with a second computer. I am now using firestarter to do this.
  The second computer connects via dhcp, and it almost works, only, the connection is very slow; it can connect to google, for example, but the google logo does not load completely (or maybe its just so slow to load).
  the internet speed is fine on the router computer.
  do you have any ideas on solving this?
  thank you so much.

  Galdona wrote:(and it is also very slow even when i use the ip address instead of url, eg 216.239.39.99)
  when DHCP is slow sounds like packets are getting delayed or not being let through at all. try modifying your firestarter/iptables configuration.

• Does option 43 matter ? WLC5508 ver 7.2 using internal DHCP server

  I am using a WLC 5508 and its internal DHCP server. I cant find anywhere I can setup option 43. However, the access points are connected in just fine. Do I need to worry about setting up a seperate DHCP server to get option 43 setup properly ?
  Thank you.

  Sorry I didnt make my question clear.
  I am using a WLC 5508 and its internal DHCP server. I cant find anywhere I can setup option 43.
  When I connect a CAPWAPP Access Point to the network, it receives IP address from the WLC 5508 DHCP service just fine. It shows up in the access points list and users can connect to it no problem.
  Do I need to worry about setting up a seperate DHCP server to get option 43 setup properly ?

• Using internal DHCP in WLC 4112

  Hi Guys,
  I want to make my wireless place into different network. So i define the 3 internal dhcp scope inside WLC. My WLC LWAPP set to layer 2. My problem is, the clients are not able to get the IP address into WLC dhcp scope. Please help me what to do
  thanks,
  Jong

  hi jong,
  as far as I know the WLC isn't a router but I think you have a router somethere in your network(layer3 switch for example) where you need a virtual interface for each VLAN and the ip of this interface is your default-router for the corresponding clients.All ports of the WLC are Trunkports but you can also use one as an access port for an specified vlan. I would recommend to configure the controller as follows,
  ap-manager and management interface same vlan but different ip addresses, dynamic interfaces for each WLAN with different vlan ID's, map all interfaces to a physical port of the WLC, make sure the switch where the WLC is connected is configured as trunk with the needed VLAN's, make sure you have each VLAN also configured in your network infrastructure,
  hope this will help you.
  regards,
  Rocco

• Keep alive using plain DHCP

  Hi. My ISP assigns IPs using DHCP and then requires a manual login via an HTML form. After that you will be automatically logged out after some time of inactivity.
  I'm looking into buying the WRV200 and wonder if I can set it up to remain connected despite user inactivity. I see it has keep alive for PPPoE etc, but I can't use PPPoE.
  Is there any other way to keep the connection alive? By creating a VPN tunnel and set a key lifetime lower than my ISPs timeout??? Or does the VPN disconnect after some inactivity too...?
  Thanks in advance.

  I keep the same IP for months at a time, so that is not the problem.
  The problem is that after 1 hour (or so) with no traffic sent from my IP, all the traffic from my endpoint is blocked until I manually log in again via a web form that, I am redirected to whatever URL I enter in the browser.
  So if there is any way to make the router send a package every x minutes, I would stay logged on.
  (IPSec key exchange would be such a package, if those are sent even when the tunnel is not in use from any computer on my LAN.)
  There is software avalable for the PC that sends these keep alive packages, but I want the router to send them so that I can check my e-mail using my WLAN enabled cell phone even though I have had the PC turned off for hours.

• Web based utility won't let me use automatic dhcp setup

  Hi I use an mac osx with cable internet. i can plug in the wrt54g router correctly and the airport appears, but when I try to use the web-based utility it won't give me the option for automatic dhcp! Help me Dianne
  Message Edited by dsowings on 12-25-2007 09:18 PM

  are you talking about the options in the "internet connection type" on the router's web interface ??
  if yes, then ensure that the firewall on the computer is disabled.
  Revert with the results ...

• Technical: QoS setup for STB when NOT using Actiontec DHCP

  This is way over the heads of the phone support people so I thought I would post here and see how it goes.
  I run a Server 2003 domain at home.  When I had FIOS TV installed we were not able to get the STBs working properly without reseting the Actiontec to defaults and using it for the DHCP server.  This caused many problems with my domain member PCs and I ended up having to statically address them.  Unfortunalty, the DHCP server in the Actiontec is terrible and Ive had to reboot the unit several times when my PS3, PSP, Wii, and other non-domain/non-static devices connect,  (It also affects the STBs at times and both the router and the STBs end up needing reboots.)
  After a bit of looking and a bit of experimenting I was able to disable the DHCP on the Actiontec and go back to DHCP on the Windows Server.  My domain is working great again.  The STBs are working great (although you HAVE to create reservations that give them IPs starting with 100 or the will NOT work).  All the other devices get IPs quickly and work everytime.  Yeah!
  Now for my question.  When the Actiontec was assigning the IP, the STBs seemed to automagically get a QoS setup in the Actiontec router.  When the Windows Server assigns the IP there is no QoS setup to be found.  While I understand why this occurs, I really don't know if there will be an adverse side affect.  On demand seems to be working fine, but I don't use it much and don't know if I'll have issues when the "network" is experiencing congestion.  If the QoS setup is important, can anyone give me the details on how to implement the setting manually in the router?
  Thank you...
  -ak 

  tsk,
    Yup....that explains how it know to address them with 100-110, but also explains why I saw a QoS setup for them when using the AT for DHCP.  This weekend Im going to switch back to AT DHCP and make note of what I see.  I know Im not crazy, there was something there, I just didn't think to write it down before I made the changes.
    I am also in agreement that these change most likely will NOT affect VOD unless something else has gone wrong.
  -Andy