Re: pxe boot

 
SOLVED
Go to solution
Mario2014
Occasional Contributor

pxe boot

Hi,

 

I have a HP Procurve 5412zl acting as my gateway and I have multiple HP procurve 2810 (Client) and Procurve 3800 (Servers) uplink to it. I am trying to pass pxe traffic and it's not working. I have no problem on the same subnet.

 

Client - 2810

vlan 1
   name "DEFAULT_VLAN"
   untagged 1-46,Trk1
   ip address 172.20.0.222 255.255.252.0
   qos priority 7
   ip igmp
   exit

 

Servers - 3800

vlan 8
   name "Server"
   tagged Trk1
   untagged 1/7-1/21,1/24,2/7-2/21,2/24,Trk2-Trk5
   ip helper-address 172.20.8.11
   no ip address
   exit

 

5412zl - Gateway

vlan 8
   name "Server"
   tagged A17,Trk13
   untagged A7-A9,A11-A12,A14,B11,D17-D18,Trk12,Trk14
   ip address 172.20.8.1 255.255.255.0
   exit

 

Thank you

 

  

4 REPLIES 4
Chrisd131313
Trusted Contributor

Re: pxe boot

Hi Mario2014,

 

I assume that you are wanting to PXE boot from the client VLAN? If so, you need to set the ip-helper address on that VLAN to point to your PXE boot server.

 

HTH

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
Mario2014
Occasional Contributor
Solution

Re: pxe boot

Hi Chrisd131313,

 

I already have IP-Helper-Address configure on the switch.

 

I was able to get the client to pxe boot to the Server VLAN by adding globally to the 5412zl switch this line "ip-udp-bcast-forward".

 

problem fix

 

Cheers

Chrisd131313
Trusted Contributor

Re: pxe boot

Hi Mario2014,

 

Bty enabling ip-udp-bcast-forward you are allowing broadcasts to be routed across all your VLANs/interfaces. If you just setup the ip helper address ont eh client VLAN it will only forward broadcasts from the client VLAN. It will reduce your broadcasts between VLANs somewhat. But if your happy with having all broadcast traffic from all VLANs being routed then thats fine :)

 

Glad to hear you got it working.

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
joshcc83
Visitor

Re: pxe boot

Since each environment is a bit different you can take my feedback with a grain of salt.

However, we were able to allow Windows Deployment Services PXE booting that allows for legacy and UEFI BIOS to PXE boot (without using Option 66 and 67 ). This was done in an enviorment where DHCP snopping is enabled. So the use of IP Helper-Address command didn't work for us on our switches.

 

Hardware Being used

PA Firewall - Model: PA 3050 

HP 2920-24G Switch <-- Core switch

HP 2530-48G-PoEP Switch  <-- one of many POE Switches that connects back to the core switch

HP 2530-48G Switch  <--- one of many none POE switches that connect back to the core switch.

DHCP Snooping is enabled 

 

NOTE:  DHCP Scope Options 66 and 67 are not officially supported by MSFT and those options will not support Legacy and UEFI bios's PXE booting... You will have to choose between legacy or UEFI support or setup two different DHCP scopes just to support both.

 SO HOW DID YOU GET IT WORKING?

Take it easy - Here is the details: 

  • If you were running the same setup we were then you would want to first add the WDS servers IP address as a Relay DHCP server on your PA firewall for the VLAN's you want to broadcast too.

PA DHCP Relay

 NOTE: take a look at the capture.png attached to my resply for a example of the PA relay setup.

  • since DHCP snooping is enabled in the enviorment we deployed for security reasons of not allowing rouge DHCP servers you then have to run the following command on the core switch and all other access layer switches. 

dhcp-snooping authorized-server "your WDS or PXE Servers Address"

dhcp-snooping authorized-server 10.10.6.12

 

 NOTE: the IP address used in this tutorial are fictional but may look similar to other private IP address that exist in some networks. I don't sujest using my example ip address in place of your own. Enjoy!

Spoiler
Spoiler
Have Fun and Enjoy Life!