6 Replies Latest reply: Jul 30, 2007 7:15 AM by Nicholas Shaff
Nicholas Shaff Level 1 (10 points)

I've been working to set up a netboot and Open Directory server in school district. We have the network segmented into VLANs by campus with different subnets for each. The changes have been made to the router to allow bootp/bsdp (IPHelper address set and relay agent on) to communicate across subnets, but I am still unable to netboot/netinstall across subnets.

Watching the logs on the server when I attempt to, it seems to be communicating partially as seen here:

Jul 19 12:48:37 axposeidon bootpd[1822]: BSDP DISCOVER [en1] 1,0:16:cb:8e:50:a6 NetBoot035 arch=i386 sysid=MacBookPro1,1
Jul 19 12:48:37 axposeidon bootpd[1822]: BSDP OFFER sent [1,0:16:cb:8e:50:a6] pktsize 369
Jul 19 12:48:37 axposeidon bootpd[1822]: BSDP DISCOVER [en1] 1,0:16:cb:8e:50:a6 NetBoot035 arch=i386 sysid=MacBookPro1,1
Jul 19 12:48:37 axposeidon bootpd[1822]: BSDP OFFER sent [1,0:16:cb:8e:50:a6] pktsize 369

Unfortunately it fails to actually boot the machine. Im not positive what's going on but it seems like its sending a response back to the netbooting machine but the machine is not getting it and its resending?

The OS X Server is an Intel Xserve running 10.4.10 (though we've been experiencing this issue since as far back as I've been trying with 10.4.8), the image was created in 10.4.8, and works on the local subnet (including multicast ASR). The booting machine is, as noted above, a Macbook Pro.

As a side note, when booted into the OS, the machines can see the server in the Startup Disk preference pane.

Any suggestions or ideas? Let me know if there's more information I can give that will help.

Xserve - OS X Server 10.4.10, Mac OS X (10.4.10)
  • Leif Carlsson Level 5 (4,950 points)
    I'm no netboot expert but since using en1 on the server where is the default gw/router on the server setup, on en0?

    Is ipforwarding on (SA NAT config)?

    Server is running VLANs?

    Are you using LACP to aggregate both en0 and en1?
  • Nicholas Shaff Level 1 (10 points)
    The Xserve is just a stand alone server on the network. We have it configured to use netboot on en1 with all other services running on en0 (this was recommended to us by Apple).

    Since it's just a standalone server it is not running NAT or handling the VLANs at all, it simply resides on the primary VLAN with the rest of our servers.

    The links are not aggregated and are using separate IP addresses. en0 is on a public subnet, en1 is on a private. We've tried running netboot from both of these interfaces across subnets to no avail so this doesnt seem to be the issue, but I could be missing something. Both the private and public IP subnets it is attached to are on the same physical network. As a side note we are unable to boot from the private subnet to the public one on the same physical network as well.
  • Leif Carlsson Level 5 (4,950 points)
    If you have the server on both a public IP and on a private IP network you can still only have one default gateway/router (on the public IP network interface).

    So do you have only one public IP subnet and only one private?

    If you have multiple private IP subnets you need to setup routing (ipforwarding ON in SA NAT config - no NAT - and static routes) in the OS X server so it can reach the other private subnets.

    I obviously don't know how your switches are configured but with VLAN settings in the server you can make each ethernet interface belong to a specific VLAN.

    If I'm right the Netboot respons is going out the wrong interface and/or doesn't know the way back to the Netboot client.
  • PatGmac Level 3 (510 points)
    Can you netboot from a Mac that is on the same subnet as your server? This should at least indicate if the netboot setup on the server is working.
  • Nicholas Shaff Level 1 (10 points)
    Yes, it works great when I switch the netboot server over to the public subnet (which is what DHCP hands out first).
  • Nicholas Shaff Level 1 (10 points)
    In our district there are multiple public and private subnets. The public and private combination I have the server on currently just happen to be on this physical network, so they are sharing the same router.

    I think Im getting a little lost on what you're asking so I'll explain our network structure a little further. The district runs a VLANed network with a different public and private subnet for each campus (the private subnets function mostly as IP address overflow when the public subnet IP limit is exceeded). The network is predominantly PC based and implements active directory servers. The Xserve simply operates as a standalone server currently just handling some web serving tasks and a netboot server.

    The issue, regardless of the public and private subnet interfaces on the server, is that I am unable to get anything to boot from another subnet than the one the xserve is running on. If I run it on the public interface, local machines boot perfectly, but I a log like the one above if I try and boot from another campus (ie another VLAN or subnet). To test it locally I've been running it on the private subnet interface (on the same physical network segment) to boot machines on the local public subnet (which fails with the above log).

    According to Apple and other sources, all that should need to be configured is our CISCO routers need to be set to pass BOOTP information across VLANs/Subnets, which we have configured (using the IP helper-address and DHCP relay agent), but as stated, the connection is still not succeeding.

    I'm checking with our network engineer on a few specifics on how the routers are configured to make sure they are set properly for the forwarding, but he's not available at the moment.

    I applogize if this doesnt address the information you're needing, but please let me know if it does not, and I will try my best to get you the needed information.