Reply

IP-Helper breaks PXE in inter-VLAN setup

dialsc
Guide

IP-Helper breaks PXE in inter-VLAN setup

Hi

 

After searching and investigating for I-do-not-know-how-many hours I think I nailed the following problem down to an incompatible ip-helper implementation in the M5300 firmware.

 

The problem:

The ip-helper/UDP Relay implementation seams to have problems with DHCP Offer responses created by a Microsoft PXE enabled SCCM Distribution Point as well as with those created by Windows Deployment Services.

 

The point I nailed it down to:

The DHCP Offers sent back to the ip-helper address (on the M5300) are not getting forwarded as broadcast to the ip subnet the client is located at. The switch sends back an ICMP response with Destination unreachable (Port unreachable) to the PXE server.

 

DHCP Offer: 10.0.10.102 -> 10.0.20.254

ICMP DestUnreachable: 10.0.20.254 -> 10.0.10.102

 

The setup:

  • 2 VLANs:
    • VLAN10:
      Services: DHCP & PXE servers
      IP Network: 10.0.10.0/24
    • VLAN20:
      Services: DHCP clients
      IP Network: 10.0.20.0/24

  • The servers:
    • DHCP server 0: 10.0.10.100
    • DHCP server 1: 10.0.10.101
    • PXE server: 10.0.10.102

  • The switch:
    • VLAN10: 10.0.10.254
    • VLAN20: 10.0.20.254

 

Conclusion:

By simply setting up another router (Mikrotik) connected to the two vlans and configure the three ip-helpers needed on it things start to work because it is correctly fowarding the DHCP Offers from the PXE server to the client.

 

Would you agree on this might be a bug or is there anything I'm just missing.

 

Best,

dialsc

Model: M5300-28GF3 (GSM7328FSv2)|ProSafe 24F+4 Layer3 Gigabit Stackable managed switch
Message 1 of 5
DaneA
NETGEAR Moderator

Re: IP-Helper breaks PXE in inter-VLAN setup

@dialsc,

 

As far as I have checked, there is no issue logged for the M5300 switch series as per you have described on your post.  Kindly answer the questions below: 

 

a.  Is the Microsoft PXE enabled SCCM Distribution Point directly connected to the M5300-28GF3 switch?  Kindly post an image of your detailed network diagram.  

b.  Do you have another M5300-28GF3 switch?  If yes, did you observed the same problem.  

c.  On the conclusion part, is the Mikrotik router set as the main router in the network?  Kindly post an image of your detailed network diagram showing this as well.

d.  What is the current firmware version of the M5300-28GF3 switch? 

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 2 of 5
dialsc
Guide

Re: IP-Helper breaks PXE in inter-VLAN setup

 

@DaneA 

 

Thank you very much for your answer. Please find my answers to your questions below:

 

a.  Is the Microsoft PXE enabled SCCM Distribution Point directly connected to the M5300-28GF3 switch?  Kindly post an image of your detailed network diagram.

[Answer] No, the PXE as well as the DHCP servers and the clients are virtual machines where the virtualization hosts are attached to dedicated switches. Do you mind me sending the information about our network details as e.g. a PM? I do not want it to be posted to the world... 😉

 

b.  Do you have another M5300-28GF3 switch?  If yes, did you observed the same problem.  

[Answer] Yes and yes. Acctually we run two independend top of the rack switches, both of them are M5300 switches. The package path is managed by STP (MSTP).

 

c.  On the conclusion part, is the Mikrotik router set as the main router in the network?  Kindly post an image of your detailed network diagram showing this as well.

[Answer] No, it is not. It is not set as a router at all but only attached to the two VLANs thus it realizes the DHCP broadcasts from the client and forward them to the PXE server as well as forwarding the responses/DHCP Offers back to the client. Meanwhile I replaced the virtual Mikrotik with an older hardware one which is attached to the top of the rack M5300 switches, specifically to the VLANs in question. The result is still the same. The M5300 switches deny forwarding the DHCP Offers from the PXE server but the MT router does and therefore, as long as it is available, clients are able to boot via PXE.

 

d.  What is the current firmware version of the M5300-28GF3 switch? 

[Answer] The latest on all switches. For the top of the rack M5300, which also do routing (inter-VLAN) this means version 11.0.0.40

 

Regards,

 

dialsc

Message 3 of 5
DaneA
NETGEAR Moderator

Re: IP-Helper breaks PXE in inter-VLAN setup

@dialsc,

 

I apologize for the late response. 😞   Thank you for your answers.  

 

Do you mind me sending the information about our network details as e.g. a PM? I do not want it to be posted to the world... Smiley Wink

Sure, no problem.  Kindly send it to me via private message.  

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 4 of 5
dialsc
Guide

Re: IP-Helper breaks PXE in inter-VLAN setup

@DaneA,

 

Kindly check your PM inbox, you've got mail... 😉

 

Best,

 

dialsc

Message 5 of 5
Top Contributors
Discussion stats
  • 4 replies
  • 1618 views
  • 0 kudos
  • 2 in conversation
Announcements