Tuesday, October 27, 2020

Unable to PXE Boot clients from WDS server across different VLAN’s, IP helpers enabled on Core L3 Cisco Switch

Hi Everyone,

I am facing some issues in PXE booting clients from our WDS server and wanted to get some advice on this. For WDS PXE booting we are not going to use DHCP options and instead go for IP Helpers on our switches yet we are facing an issue after making the configuration changes.

Our current Environment-

DHCP Server IP

192.168.99.200

WDS Server IP

192.168.99.177

1st Client on a test 224 VLAN

192.168.224.xxx

2nd test client on 192.168.99.xxx VLAN

In the first example (PSA),

Capturing DHCP packets from Wireshark I can see that the 1st client is not even getting through the L3 switch it seems (photo linked), I tried filtering packets for multiple clients and none of them are able to show their mac address as the source on the discover packet. It looks as though the Discover packet is coming from the L3 switch directly to the WDS server unless I am reading this wrong.

In the second example (PSA),

The client machine is routing through a host on the same VLAN as the DHCP and WDS server through a virtual client. From Wireshark, I can only see the client sending out a multicast Discover packet with no response. In this example, I can see the WDS server can recognize the mac address of the client machine, however.

Note:

We do not have DHCP options enabled on our DHCP server for boot file as recommended by Microsoft

Also,

On the WDS server we did not change anything in regards to the WDS options "PXE Response -Respond to all client computers" and "DHCP Authorization-Authorize this WDS server in DHCP" Can we leave those at the default option?

When we tried enabling those options we saw that the DHCP was having problems. Regarding DHCP settings on WDS server, I can assume this should not be touched as our WDS and DHCP are separate servers?

Two things I wanted to point out, I confirmed the boot image .wim runs properly when booting off a removable USB drive.

Secondly, the WDS server is sitting in a VLAN with no DHCP scope setup therefore we cannot test any clients on the same VLAN as WDS server if DHCP scope is required.

Please let me know where we are going wrong here. Thanks!



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)