I use wireshark on my boot listener to look for traffic.
And...do you just search for communications on the following ports (when using default values)?
- tcp/udp 67 and 68
- udp 69
- tcp 1610, 1611, 1613
I am lazy... I search for the IP address of the target. That way I can filter on that and see everything.
1 of 1 people found this helpful
Try this or see if you can provide more info using the logs.
1. Try disable the firewall on the boot listener
2. Don't try this in virtualbox using NAT
3. Confirm that your network are not using DHCP options 66 and 67
4. Confirm that your network are not using IPHELPER, but if it does, that is pointing to the network boot listener
5. Try to designate another machine as network boot listener besides the server. Very important!
If I remember more things I'll edit the post.
I now trying to create the exact list of ports required by clients, network listener and osd manager, because I'm getting lost and the documentation is pretty vague on this topic.
In a "closed environment" where a firewall blocks all except authorized traffic, the network administrators require a complete list of ports to be opened with source, destination, traffic type and port.
Source Destination Bi-directional Type Port Description Client Network Listener ? UDP 66 DHCP Client Network Listener ? UDP 67 DHCP Client OSD Manager? Image Repository? ? UDP 69 TFTP Client Network Listener ? UDP 4011 PXE Boot Client Network Listener or OSD Manager? Yes TCP 1610 Client Network Listener or OSD Manager? Yes TCP 1611 Client Network Listener or OSD Manager? Yes TCP 1613
Am I missing something? Any correction?
At the end I will create a document for the Community, because IMHO this is a hot topic.
I'm working in an environment where the OSD Manager is the master, then I defined a Boot Listener in the same network of the client.
On the BL the internal DHCP gateway is enabled. On the client the firewall is not enabled by default, and I also disabled the Antivirus.
On the BL, with wireshark I see some traffic coming from the target, but it seems that the BL does not return anything.
Querying the DHCP on port 67/68 does not return anything, but I will ask to network admins for confirmation.
Disable the OSD Manager and Network Boot Listener firewall
Can the Network Listener work even if not all network ports are correctly open between it and the OSD Manager?
I mean, is a target "intercepted" even in that case? Obviously the boot could not proceed correctly because the image could not be reachable, but at least the target should receive the boot informations