Tftpd mac addresses not showing up

rainer_d · August 16, 2021, 4:06pm

Problem:
When I create a host, the MAC-addresses don’t show up in the /var/lib/tftpboot/pxelinux.cfg directory.

Similar to this:

I’ve built the “PXE Default” configuration on the Provisioning Templates page, so the tftpd smart-proxy is working, principally (I get the default boot menu)
However, I seem to be missing something.

My configuration: I have the main Foreman-server and a separate Smart Proxy. The new server(s) I want to provision are associated to a host-group that is associated with that Smart Proxy.

The PXE-boot subnet is also associated with the smart-proxy.

Expected outcome:

Is there some way for diagnosing this? Or some hammer command I can run

Foreman and Proxy plugin versions:
-bash-4.2# root@proxy-pxe02-prod tftpboot # rpm -qa |grep fore |sort
ansible-collection-theforeman-foreman-2.1.2-1.el7.noarch
foreman-debug-2.5.2-1.el7.noarch
foreman-installer-2.5.2-3.el7.noarch
foreman-installer-katello-2.5.2-3.el7.noarch
foreman-proxy-2.5.2-1.el7.noarch
katello-ca-consumer-foreman-app01-prod.dom.tld-1.0-1.noarch
proxy-pxe02-prod.dom.tld-foreman-proxy-1.0-1.noarch
proxy-pxe02-prod.dom.tld-foreman-proxy-client-1.0-1.noarch
tfm-rubygem-foreman_ansible_core-4.1.1-1.fm2_5.el7.noarch
tfm-rubygem-foreman_remote_execution_core-1.4.4-1.el7.noarch
tfm-rubygem-foreman-tasks-core-0.3.6-1.fm2_5.el7.noarch
-bash-4.2# root@proxy-pxe02-prod tftpboot # rpm -qa |grep katello |sort
foreman-installer-katello-2.5.2-3.el7.noarch
katello-ca-consumer-foreman-app01-prod.dom.tld-1.0-1.noarch
katello-certs-tools-2.7.3-1.el7.noarch
katello-client-bootstrap-1.7.6-1.el7.noarch
katello-debug-4.1.2.1-1.el7.noarch
katello-default-ca-1.0-1.noarch
katello-server-ca-1.0-1.noarch
Distribution and version:

CentOS 7

rainer_d · August 17, 2021, 4:57pm

OK, the tftpd actually needs to be running (had this problem before, but somehow forgot).

If I set the pxe-interface to managed, pxelinux.cfg files do show up.
However, dhcpd seems off.

It does boot into the menu, but seems to lose the IP immediately.

Aug 17 17:38:52 pxe.dom.tld dhcpd: DHCPDISCOVER from 00:50:56:87:7e:c4 via ens224
Aug 17 17:38:53 pxe.dom.tld dhcpd: DHCPOFFER on 10.38.166.85 to 00:50:56:87:7e:c4 via ens224
Aug 17 17:38:54 pxe.dom.tld dhcpd: DHCPREQUEST for 10.38.166.85 (10.38.177.180) from 00:50:56:87:7e:c4 via ens224
Aug 17 17:38:54 pxe.dom.tld dhcpd: DHCPACK on 10.38.166.85 to 00:50:56:87:7e:c4 via ens224
Aug 17 17:38:54 pxe.dom.tld in.tftpd[4189]: Error code 0: TFTP Aborted
Aug 17 17:38:54 pxe.dom.tld in.tftpd[4190]: Client ::ffff:10.38.166.85 finished pxelinux.0
Aug 17 17:38:54 pxe.dom.tld in.tftpd[4192]: Client ::ffff:10.38.166.85 finished pxelinux.cfg/01-00-50-56-87-7e-c4
Aug 17 17:38:55 pxe.dom.tld in.tftpd[4197]: Client ::ffff:10.38.166.85 finished menu.c32
Aug 17 17:38:55 pxe.dom.tld in.tftpd[4198]: Client ::ffff:10.38.166.85 finished pxelinux.cfg/01-00-50-56-87-7e-c4
Aug 17 17:39:02 pxe.dom.tld in.tftpd[4199]: Client ::ffff:10.38.177.180 timed out
Aug 17 17:39:04 pxe.dom.tld in.tftpd[4200]: Client ::ffff:10.38.177.180 timed out
Aug 17 17:39:05 pxe.dom.tld in.tftpd[4201]: Client ::ffff:10.38.177.180 timed out
Aug 17 17:39:06 pxe.dom.tld in.tftpd[4202]: Client ::ffff:10.38.177.180 timed out
Aug 17 17:39:06 pxe.dom.tld in.tftpd[4203]: Client ::ffff:10.38.177.180 timed out
Aug 17 17:39:07 pxe.dom.tld in.tftpd[4204]: Client ::ffff:10.38.177.180 timed out

It hands out a lease, but I cannot ping the address.
In tcpdump, I can see that the client still requests the boot/centos-7-base-x86_64-128-vmlinuz file and the tftpd-Server would deliver that.
Though it’s an empty file as it looks like.

The pxelinux.cfg file (for the MAC) looks like this:

# This file was deployed via 'Kickstart default PXELinux' template
DEFAULT menu
MENU TITLE Booting into OS installer (ESC to stop)
TIMEOUT 100
ONTIMEOUT installer

LABEL installer
MENU LABEL Kickstart default PXELinux
KERNEL boot/centos-7-base-x86_64-128-vmlinuz
APPEND initrd=boot/centos-7-base-x86_64-128-initrd.img ks=http://pxe.dom.tld:8000/unattended/provision?token=5cf11f3c-bd3e-4513-b536-af19d9701d3a  network ksdevice=bootif ks.device=bootif BOOTIF=01-00-50-56-87-7e-c4 kssendmac ks.sendmac inst.ks.sendmac ip=dhcp nameserver=10.38.177.180 rd.net.timeout.dhcp=7 rd.net.timeout.iflink=7 rd.net.timeout.ifup=7 rd.net.timeout.route=7 rd.net.timeout.ipv6dad=7 rd.net.timeout.ipv6auto=7 rd.net.timeout.carrier=7

IPAPPEND 2

lzap · August 20, 2021, 9:02am

Looks like your TFTP is not allright, are you aware this is stateless UDP protocol and it won’t work through NATs/firewalls without connection tracking?

rainer_d · August 21, 2021, 11:59pm

Yes. It’s the same network.
I see a lot of leases for the same MAC in the leases-file.

Should foreman create an entry for the MAC-address in the DHCP-configuration (dhcpd.hosts)?
Because that is not happening.

But I also realized that the initrd-images are somehow not sync’ed in the repo, which is certainly not helpful.

lzap · August 23, 2021, 7:44am

No, it will create a host entry in dhcpd.leases. Only if you associated your host with PXELinux or PXEGrub2 template and you set PXELoader to appropriate value.

rainer_d · August 23, 2021, 7:50am

Yes, I read that meanwhile.

However, as I found out it was simply missing the “images” folder in the downloaded repo, which needed an advanced sync (and then a “full sync” of the smart-proxy).

However, now I face a different problem…

lzap · August 23, 2021, 7:50am

Please create a new thread for that, thanks.

rainer_d · August 23, 2021, 7:54am

Yes, I was intending to.

As long as I’m not banned for asking too many dumb questions (and answering half of them on my own after a while).

lzap · September 1, 2021, 9:11am

Not gonna happen here, do not worry. We only ban inappropriate content and spam.