ConfigMgr

OSD – How make PXE work in ConfigMgr OSD, MDT and WDS work perfectly fine – Stop using DHCP Option 66 & 67

By on ( 6 Comments )

During the OSD class last week I did get some questions regarding the use of IP Helpers in the routers or using Option 66 and 67 in the DHCP server, since booth methods seems to be working.

That is kind of true, but in reality not…

The design for PXE is based on IP Helpers. That means that the client should broadcast and say:

– “Hi, I need some IP stuff and I need something to boot on”

image

How is it supposed to work?

Now, if the router is configured for IP helpers (it already have one that points to the DHCP server, so the only configuration you need to do is “add one more”) the broadcast will be picked up by the router, encapsulated and sent to both the DHCP server as well as the PXE (Windows Deployment Server). The DHCP server will grab a free IP and subnet, gateway addresses that fits the network the client is located on, send it to the router and tell the router to send the packet to the client. The PXE server will “after knowing what kind of computer it is (BIOS / UEFI / x86 / x64) pick the correct boot file and send that information to the router and tell it to send the packet to the client.

This means that the client will receive two different packages and the client will merge them into one, consume the packet and we are done.

What happens when Option 66 & 67 is involved?

Now, let us assume that we don’t have the IP address to the PXE server configured in the IP Helper but instead we have option 66 & 67 configured, well the first part is the same, but the DHCP server will also forward the option 66 & 67 to client, it should work, right?

Sometimes it does, but since the PXE client could not present itself it might or might not get the correct boot file, it basically means that you can either boot on BIOS machines OR you can boot on UEFI machines and the client will not receive two packages (which client expects) so, sometimes it does not handle that correct (depending on firmware, Network Adapter, Vendor and such. It would be possible to create DHCP filters, multiple scopes and such to make UEFI based machines boot on one range of IP’s and otter IP’s for other filters, but that is just pure pain to manage

The number ONE issue we work with at customer sites when it comes to PXE boot is the bloody Option 66 & 67.

So, the short story is very, very simple, just configure the darn routers correctly and have a happy life.

Some notes from others:

PXE booting with WDS – DHCP Scope vs IP Helpers:

http://techthoughts.info/pxe-booting-wds-dhcp-scope-vs-ip-helpers/

Microsoft TechNet: Managing Network Boot Programs:

https://technet.microsoft.com/en-us/library/cc732351(v=ws.10).aspx

In this document it says: Although Microsoft does not recommend this method, you can use the following DHCP options to direct PXE clients to an appropriate NBP to download

Microsoft Support: PXE clients computers do not start when you configure the Dynamic Host Configuration Protocol server to use options 60, 66, 67
https://support.microsoft.com/en-us/kb/259670

In this document it clearly says: Important: Microsoft does not support the use of these options on a DHCP server to redirect PXE clients

 

So, go to the network team, give them a bottle of nice Whiskey and ask the nicely. Problem solved

/mike

Categories: ConfigMgr, MDT, OS Deployment, OSD, Windows Deployment Services

Tagged as: , , , ,

6 replies »

  1. Pingback: Building new DHCP server, but how will this effect WDS/MDT??

  2. Here we have approximatly the same setup as you explain in your diagram exept that our WDS server is in the same segment as the client (same side of the router). So there is an IP-helper to get to DHCP server. As I understand, if WDS server is on the same segment, we should not add IP-helper to reach WDS server. The broadcast should be taken by the wds server and download the right boot image to the client after receiving an IP address from DHCP.

    I have remove all options related to PXE from the DHCP and try to PXEBoot from a client. The WDS server never answer and no boot image is downloaded to the client.

    Is my setup OK ?

    And how the WDS server should be configured.

    Reply

    • You do need an IP helper for the DHCP server, but not for the WDS server. If the WDS server is used without ConfigMgr it should be configured to response on PXE, with or without uknown support. If you are using ConfigMgr, the configuration is done in ConfigMgr

      Reply

      • This is exactly what I was thinking. Thanks for confirmation.

        So I’m not using SCCM, pure MDT, could you provide me with web site where I can see how to configure WDS server to answer PXE boot request ?

        Thanks

  3. Are there any tips/tricks to speed up PXE boot, specifically with SecureBoot/UEFI enabled? I am seeing PXE boot times of about 1m45s when Legacy boot is enabled, and 6m35s when SecureBoot/UEFI is enabled.

    Reply

    • It may be good to know, I am on SCCM 2012 R2 5.0.7958.1000. I will be testing current branch in a couple weeks with production deployment scheduled for end of May.

      Reply

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.