TFTP open timeout talking to dual interface DHCP Server
 

Hi,

I have a Virtual host which runs my DHCP service. When running with one iface it worked fine, we recently added a new subnet range and I can't seem to get that working.

eth0 Link encap:Ethernet HWaddr 00:50:56:92:69:86
inet addr:10.2.254.70 Bcast:10.2.254.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:fe92:6986/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1632 errors:0 dropped:0 overruns:0 frame:0
TX packets:1744 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:210233 (205.3 KiB) TX bytes:336935 (329.0 KiB)

eth1 Link encap:Ethernet HWaddr 00:50:56:92:4B:49
inet addr:10.2.250.70 Bcast:10.2.251.255 Mask:255.255.254.0
inet6 addr: fe80::250:56ff:fe92:4b49/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2314 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:198993 (194.3 KiB) TX bytes:1008 (1008.0 b)

eth0 was my original subnet, eth1 is on the range I recently added. My dhcpd.conf looks like this:

ddns-update-style interim;
ignore client-updates;

shared-network name {

subnet 10.2.254.0 netmask 255.255.255.0 {
range 10.2.254.0 10.2.254.250;
option routers 10.2.254.254;
option subnet-mask 255.255.255.0;
option nis-domain "xxx.xx.com";
option domain-name "xxx.xx.com";
option domain-name-servers 192.168.x.xxx, 192.168.x.xxx;
}

subnet 10.2.250.0 netmask 255.255.254.0 {
range 10.2.250.0 10.2.251.250;
option routers 10.2.251.254;
option subnet-mask 255.255.254.0;
option nis-domain "xxx.xx.com";
option domain-name "xxx.xx.com";
option domain-name-servers 192.168.x.xxx, 192.168.x.xxx;
}
}

group {
next-server 10.2.250.70;
filename "/linux-install/pxelinux.0";
host testweb29 { hardware ethernet 00:50:56:92:19:f1; fixed-address 10.2
.250.29; }
}
group {
next-server 10.2.250.70;
filename "/linux-install/OEL/pxelinux.0";
host msdevdb01 { hardware ethernet 00:50:56:92:5A:31; fixed-address 10.2
.250.20; }
}

When I start up my new host to be built, I would expect communication to initially go through eth0 (primary iface) but then pass onto eth1 when it has its IP from dhcp, but the TFTP fails to load pxelinux.0. I couldn't cut and paste from console so I've attached a screenshot in jpg.

To muddy the waters even more (for me at least), I tried using tcpdump to look at what was going on:

tcpdump -i eth0 host 10.2.250.29
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
16:33:37.401486 arp who-has 10.2.250.70 tell 10.2.250.29
16:33:37.452107 arp reply 10.2.250.70 is-at 00:50:56:92:69:86
16:33:37.401707 IP 10.2.250.29.2070 > 10.2.250.70.tftp: 42 RRQ "/linux-install/pxelinux.0" octet tsize 0
16:33:38.073953 IP 10.2.250.29.2071 > 10.2.250.70.tftp: 42 RRQ "/linux-install/pxelinux.0" octet tsize 0

Questions:

Why does TFTP fail to continue booting?
Why does my tcpdump output say 'arp reply 10.2.250.70 is-at 00:50:56:92:69:86' when its not, this MAC is eth0's mac, not eth1's.

Please can someone give me some pointers.

TIA

Stuart.

Your second netmask puts the first subnet inside the same set as the second subnet:

That should cause you all kinds of problems. How you solve them is up to you.

Hi,

Thanks for the response, I'm a little confused. If the netmask is 255.255.254.0 that makes it a /23 subnet covering (in my case) 10.2.250.0 to 10.2.251.254. My other iface is on 10.2.254.70 on a /24 subnet.

If I'm using the wrong netmask, then what would it be for a /23 subnet?

Thanks,

Stuart.

Having checked with my network guys my netmask is right, also my DHCP would fail to work if the netmask was wrong, right?

My bad. I should have finished the math for the 10.2.250.x range before replying.
So there is no overlap.

I guess I need a picture of your network setup.
1. Are both eth0 and eth1 connected to the same switch?
2. Are the PXE boot machines connected to the same switch as eth0 and eth1?
3. Are you using a router instead of a switch?
4. What is the output of "route -n" on the machine with eth0 and eth1?

Also, I find this statement to be very strange:
What is "it" in the phrase "when it has its IP from dhcp"?

From your original post, it appears that ARP resolution is not doing the expected thing. The output of "route -n" will be interesting. Also, if you have any esoteric entries in iptables, that will be interesting to look at. If you are using a router instead of a switch, it will be interesting to know how the router is configured.

David,

Thanks for your help so far. As with all things corporate I had to move fast so decided to remove the 10.2.254 subnet out of the equation. The basis behind the setup was to allow our 10.2.254 subnet to be replaced by the 10.2.250 subnet whilst still offering the ability for both subnets to DHCP boot and kickstart. As it was getting overly complicated to implement, I've decided to drop 10.2.254.

Having reconfigured eth0 to use 10.2.250 subnet, (and after extensive changes to the VMware VLAN setup) I've got a client to boot.

Thanks for your help.

Stuart.

lol! I think I was more of an hindrance than an help. Glad you found a workaround.