CloneDeploy Proxy DHCP: Working?

  • Cheers,

    I'm trying to get my CloneDeploy Proxy DHCP operating properly so I may test the ability of booting a Macintosh machine I'm told is running El Captain. I'm attempting to implement this on an Ubuntu 16.04 LTS virtual server.

    [b]Here's what I've done to troubleshoot my network:[/b]

    [b]- I am able to boot a Windows machine using the iPXE and server options 66 set to my CloneDeploy (CD) server for TFTP and option 67 set to be the pxeboot.0.[/b]

    This was to get things going. I did have some interesting complications to get things mapped to a remote distribution point (having to do with chmod and chown for the cd_sharewriters group) but have successfully uploaded an image. On that note, thanks to all your documentation and these forums.

    [b]-I am also able to boot a Windows machine using the iPXE and server options 66 set to my CloneDeploy (CD) server for TFTP and option 67 set to be the /proxy/bios/pxeboot.0.[/b]

    I did this after updating the settings in the Admin >> PXE >> Using Proxy DHCP settings to "Yes" in the Web Interface and then clicking the "Create Boot Files" in the Admin >> Boot Menu also in the Web Interface. And it too succeeds.

    I am [b]not[/b] able to boot the Apple computer using the above methods (except changing option 67 to /proxy/efi32/pxeboot.0 or /proxy/efi64/pxeboot.0 ) and from my reading, that seems to be valid without the CloneDeploy Proxy DHCP running (although I decided to troubleshoot it too, just in case).

    I proceeded to remove the option 66 and 67 (and make sure option 60 was not set) on both of the two Windows Server 2012 64-bit running split scopes of DHCP that I've been doing the above troubleshooting on. I also transferred over CloneDeployProxyDHCP into my home directory (~/clonedeployProxyDHCPInstall/cd_proxyd$) to my Ubuntu 16.04 LTS acting as the server and ran the 'mono' command on "cd_proxyd.exe" file (after unzipping the zip file). The 'mono' command did tell me to use mono-service and so I did ("mono-service cd_proxyd.exe"), not showing any errors or notes after typing the command.

    At the moment I am trying to vet the CloneDeployProxyDHCP using the same Windows machine that was able to access it before the options were removed. Ideally I'm trying to conclude with imaging Apple computers. I'm under the impression I may have not started the service properly, in the correct place, my two DHCP servers may be doing something funny but not comedic... or otherwise. Additionally I did read up on NetBooting the Apple computers but from that same reading it seems that the Apple computers can simply boot using ipxe once CloneDeployProxyDHCP is functioning as I intended. The CloneDeployProxyDHCP version I unzipped said it was 2.0.1. Any insight I may test appreciated - although at the moment I can get things working from a Windows imaging environment I have been aiming from conception to use this for Apple machines as both are a part of our environment.

    Additional Things to know:
    [i]I am using Subnets and VLANs and have set the dhcp ip helper address in my switches to point. I believe that is functioning because I can see logs captured by my firewall (which monitors the traffic in my case and is allowing the access) that have a destination of my CD server IP address and the bootpd protocol.[/i]

  • Lets take 1 step at a time.
    Option 67 and 68 must NOT be set or proxy won't work.
    If running proxy on linux you should run with debug flag at first
    mono cd_proxyd.exe --debug
    then change to --daemon to run in service mode after it is working, don't use the mono service mode, I added the daemon mode to avoid that.
    Next do you want to use the linux environment or the mac environment or both with your Macs?

  • Thanks clonedeploy for your response.

    I'm looking to use the [b]linux environment[/b], but honestly I do not know what the difference would be except graphically and according to what I've been reading with the extra effort in getting NetBoot to operate and generating an Apple ID. [b]If you recommend using the mac environment[/b] please let me know since at the moment I'm looking to simply get cloning MACs possible regardless of the procedure which I can write up documentation and train anyone on. I would be interested in the mac environment if it is more reliable with MACs or saves some headache in the future as I personally would like to get things setup correctly more than simply functional.

    I have no problem taking it one step at a time. Here is my two Windows Server 2012 64-bit servers with the split scopes just so you can see the values for option 67 and 68 are non-existent.

    I have just run the "[b]sudo mono cd_proxyd.exe --debug[/b]" with the debug parameter and have gotten it to function from my Windows machine. The first time I attempted running the --debug it mentioned not being able to bind because I did not use elevated permissions.
    (Then with elevated permissions)
    And it appears to be picking up the bootpd protocol from the Windows machine.
    [i]Note: I've identified similar IPs using the colors. So the green blocks are the same IP, the lighter green block is the gateway and white blocks are simply identified as extraneous by me.[/i]

    I tested the Apple computer and it shows the following:


    The following may be getting ahead of myself on this...

    This appears to suggest to me that I need to revisit the Admin >> Boot Menu >> Apple NetBoot configurations and change the config.ini to match the generated apple-vendor-specific-information-key.
    I'm a little confused as to what is meant to go into the blue circle. I simply put fluff in, but when I navigate away from the page and come back the fluff (i.e. 55555 , NetBootName) is no longer there. Also do I need more than one NetBood ID and NetBoot Name?
    I then put the Apple-vendor-specific-information key in the config.ini
    And reran the "sudo mono cd_proxyd.exe --debug" command and retried booting the mac through the network by holding the [b]"N" while pressing the power button[/b] until I got a globe. The globe blinks and I do not see any "No Vendor ID Class Supplied" error as in the previous. From my searching I'm told the globe is meant to spin when it connects successfully to transfer the boot file.

    Thanks for any more insight.

    [i]As a quick note: I technically did not copy and paste the vendor-specific-information key but instead re-typed it using my eyes. I verified it, but know typing and copying can sometimes be different or carry invisible elements.[/i]
    [i]Also if you require seeing something of my pictures please let me know. I'm simply cutting out what I am identifying as a specific IP address to my workplace. Typically the white-outs are messages from my router, but not always.[/i]

  • Everything looks pretty good. You just need to decide which imaging environment you want to use. I would recommend having the option to use both. When you generate the vendor specific information you just need to use and id of 3913 if you want to use the linux imaging environment, nothing else needs done. All other numbers will assume the osx imaging environment, in which you need to follow the os x imaging environment guide to setup. The id's can be anything you want, it's just an identifier for your netboot image. None of those values get saved anywhere, they are only used to generate the vendor string. I would also use the option key to boot with instead of N, so you can see your netboot id's that you created.

  • Thanks again CloneDeploy,

    I used the [b]3913 Netboot ID[/b] (as a note I believe elsewhere you mentioned it is possible to use 39131) and inserted the generated vendor specific information into the "config.ini" file located in the ProxyDHCP folder I have located at "~/clonedeployProxyDHCPInstall/[b]cd_proxyd[/b]/".

    I've been having mostly success with the Apple machines however before marking this conversation as answered I'm getting one iPXE problem on boot-up.

    I'm experiencing three "minor" problems with iPXE:
    1. The "net1"ethernet device is attempted to be configured during the "Configuring (net1..." process of iPXE. At the moment it has only happened to MacBook Pros and from some searching I'm under the impression that it is most likely due to the split scopes of my domain controllers not operating (somewhere) correctly.
    2. The TFTP connection times out. I think this may be similar to below.
    3. The TFTP connection will hang on the "tftp:///proxy/efi64/pxelinux.cfg/default.ipxe..." line. I believe there is one too many slashes in the "tftp:///" portion.

    The following is what I'm most interested in trying to rectify before moving onto mac OS imaging environment setup. At the moment it does not always happen.

    I believe in my "config.ini" ProxyDHCP file I had accidentally set a slash in front - although I do not remember tweaking the efi64 settings. I've since removed the "/" in the front and will re-test and get back to this conversation with my results.

    Your support has been wonderful!

  • The efi64-bootfile is only used on PC's. The apple-efi-boot-file is the one you want, but it doesn't matter. The slash isn't your issue. Your tftp string is missing the ip of your CloneDeploy Server,It looks like the variable is being populated.
    tftp://${next-server}/proxy/efi64/pxelinux.cfg/default.ipxe is what it looks like, but for some reason the next-server variable is blank resulting in tftp:///proxy. I'm not sure why the next-server would be blank though, you said only some machines do this?

  • Correct,

    It is not a unified response from all my machines; only a small minority of machines are doing this (2 of 10 at the moment).

    I'm going to make certain the ports are active in my server room but I've already switched a known working Apple machine's Ethernet with one that is returning the three slashes and received the same results.

    Of the two machines the MacBook Pro laptop was able to get it properly after a couple retries but the iMac desktop still showed the three slashes after every retry. I have yet to re-test the devices (and get back with my results).

  • Well I haven't been having the same trouble since removing the '/'. Inconclusive evidence and at this time I'm not investigating. Marking CloneDeploy's correct answer. Thank you for your assistance. If I run into other difficulties I will be sure to post a new conversation.