[Kea-users] Help! Kea 1.1 sends unicast, breaks iPXE

Attila Szalay mochrul at gmail.com
Fri Jan 6 07:07:43 UTC 2017 

I'm not around my machine, but if I remember correctly there is a flag in
the dhcp request that mandate using the broadcast in the answer. Without
that flag the unicast is favored. So, the question is if that flag is set
by the iPXE client? If yes, then it is definitely a bug in kea, otherwise
I'm not sure.

Ledochowski, Roy <roy.ledochowski at hpe.com> ezt írta (időpont: 2017. jan.
5., Csü 22:41):

> HI Klaus-
>
>
>
> I just built iPXE from source and tried undionly.kkpxe.  It failed in the
> same manner.
>
>
>
> *From:* Klaus Steden [mailto:klausfiend at gmail.com]
>
> *Sent:* Thursday, January 05, 2017 1:13 PM
> *To:* Ledochowski, Roy <roy.ledochowski at hpe.com>
>
> *Cc:* kea-users at lists.isc.org
>
>
> *Subject:* Re: [Kea-users] Help! Kea 1.1 sends unicast, breaks iPXE
>
>
>
>
>
> We're using kkpxe with ours, based on what's detailed here:
>
> http://forum.ipxe.org/showthread.php?tid=6989
>
> Like I said, between preseed and iPXE, Kea was seeing a different MAC in
> the request (changes in padding, 01: prefixed, etc.) which confused the
> heck out of it; this was what I found to work reliably with these clients
> simultaneously.
>
>
>
> On Thu, Jan 5, 2017 at 12:46 PM, Ledochowski, Roy <roy.ledochowski at hpe.com>
> wrote:
>
> Hi Klaus
>
>
>
> First, thank you for the reply.
>
>
>
> I should have mentioned that my test VM is loading undionly.kpxe.  The
> iPXE developer’s list confirmed that the root problem is that Kea is using
> the client’s unicast MAC address in the DHCP offer instead of the broadcast
> address; iPXE rejects it.
>
>
>
> Which exact file are you using for iPXE?  I can test it as well.
>
>
>
> Thanks again
>
> roy
>
>
>
>
>
> *From:* Klaus Steden [mailto:klausfiend at gmail.com]
> *Sent:* Thursday, January 05, 2017 11:33 AM
> *To:* Ledochowski, Roy <roy.ledochowski at hpe.com>; kea-users at lists.isc.org
> *Subject:* Re: [Kea-users] Help! Kea 1.1 sends unicast, breaks iPXE
>
>
>
>
>
> We're using Kea and iPXE to do cross-site provisioning so I'm not sure
> what's not working for you. One thing I did run into early in testing was
> having to use the kpxe shim (I think that's the suffix, it's one of the
> binary variants generated by the makefile and not the default one) because
> the DHCP request packet from iPXE and preseed were subtly different enough
> that Kea would create two leases ... but once we got that, it's been solid
> to the tune of several hundred devices ...
>
>
>
> I can share parts of my config if you're interested; I did end up using a
> beta version in our application because it had additional option parsing
> logic operators, but those have been merged into the released version in
> the meantime.
>
>
>
> cheers,
>
> Klaus
>
> Sent from my tri-corder
>
>
>
>
>
> On Thu, Jan 5, 2017 at 9:19 AM -0800, "Ledochowski, Roy" <
> roy.ledochowski at hpe.com> wrote:
>
> HI all-
>
>
>
> I am looking into replacing ISC DHCPd with Kea in our dev lab.  One of the primary requirements is iPXE chainloading - in other words, the PXE ROM on the NIC must be able to download and execute iPXE over the network.
>
>
>
> From packet dumps, it appears that Kea is using the unicast MAC address in the destination in DHCP offers.  This works for the NIC's PXE ROM, and loads iPXE but iPXE rejects the offers because it expects the broadcast MAC address.   As a result iPXE never gets an IP address and fails to execute.
>
>
>
> I've setup a simple test environment in VMware Workstation 12.5:
>
>
>
> | ---------------- |
>
> | Kea 1.1 VM     | ens37
>
> |  CentOS 7        |----------------------| Test VM
>
> | ---------------- |
>
>          | ens33
>
>          |
>
>          |
>
>     outside
>
>
>
> The interface configuration is
>
> "interfaces-config": {
>
>     "interfaces": [ "ens37" ]
>
> }
>
>
>
> I have the packet captures if anyone is interested.
>
>
>
> Any help is much appreciated and thanks ahead of time,
>
> roy
>
> _______________________________________________
>
> Kea-users mailing list
>
> Kea-users at lists.isc.org
>
> https://lists.isc.org/mailman/listinfo/kea-users
>
>
> _______________________________________________
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20170106/ad5cac6d/attachment.htm>

More information about the Kea-users mailing list