PXEBoot Next Server Resolving To Wrong IP

rholloway · July 28, 2019, 12:08pm

Problem:
When trying to PXE boot a server with the default configuration, the dhcp lease gets next-server set to external IP for domain rather than the correct internal IP. It appears when the proxy attempts to guess next server (resolves the name of the proxy) it’s not using the correct name server?

Does anyone know how the PXE boot / TFTP server IP address actually gets resolved prior to putting it into the dhcp lease? I see there is an option to override it in tftp.yaml under proxy settings, but I’m curious why it’s unable to get the correct resolution for the proxy domain name. If I manually try to resolve proxy FQDN from the proxy host or any other host on the internal network it provides the correct IP, so it seems pxeboot process/tftp next server guessing is forcing resolution through a specific name server such as 8.8.8.8 or something, idk.

Expected outcome:
Internal IP of proxy server is provided by resolving through gateway for subnet, rather than resolving against a public name server such as 8.8.8.8

Foreman and Proxy versions:
1.22

Dirk · July 29, 2019, 7:26am

I never used a DNS name for the next-server instead of an IP address because for me DHCP comes before DNS. Why do you want to use a name?

rholloway · July 29, 2019, 10:40am

Under the hood it is always an IP, the wrong IP is being used though.

To clarify, I have a smart proxy running TFTP with internal IP 192.168.1.2 being set by internal name server, but public name server has a wildcard for the domain and assigns public IP 1.2.3.4.

When the smart proxy (proxy.domain.com) creates a DHCP lease using default settings (not overriding tftp server address in tftp.yml) it puts IP 1.2.3.4 as next server, not 192.168.1.2. I’m not sure why though since if I resolve proxy.domain.com from the host or subnet it properly returns 192.168.1.2 so the internal name server works as expected. It seems that when selecting the IP for the proxy it is hard coded to query some public name server and not use the default for the subnet.

lzap · July 29, 2019, 11:37am

Hey, you can set this setting via installer which drops /etc/foreman-proxy/settings.d/tftp.yaml file option named tftp_servername. However if you don’t provide it, Foreman server (not proxy) attemts to reverse resolve Smart Proxy URL to an IP and that one is used as a fallback mechanism.

So either fix your DNS or explicitly set TFTP server name option to solve that out.