[41387] in Resnet-Forum
Re: NetBoot/PXE network configuration in the enterprise
daemon@ATHENA.MIT.EDU (Mike King)
Tue Sep 20 09:22:29 2016
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=001a114774484dfee8053ce774ca
Message-ID: <CANtPpk7KJOwdd=88D27ca5KY3KCXWwNB3c=_0sSJ60ricMnvmQ@mail.gmail.com>
Date: Mon, 19 Sep 2016 22:47:48 -0400
Reply-To: Resnet Forum <RESNET-L@listserv.nd.edu>
From: Mike King <me@MPKING.COM>
To: RESNET-L@listserv.nd.edu
In-Reply-To: <BN6PR01MB267617FBD2BC1F716F540D2CCBF30@BN6PR01MB2676.prod.exchangelabs.com>
--001a114774484dfee8053ce774ca
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
It was 5 years ago at a previous position, but we used Altiris (Now owned
by Symantec) across a VPN links to image machines across our entire
enterprise. I guess my point is that spanning a L2 link should be
un-necessary.
Which imaging platform are you targeting?
On Fri, Sep 16, 2016 at 10:57 AM, St. Onge, Justin <
Justin.St.Onge@oneonta.edu> wrote:
> We used DHCP options for years across VLANs with success with legacy BIOS
> but had to switch to IP helpers for UEFI.
>
>
>
> Justin
>
> SUNY Oneonta
>
>
>
> *From:* Resnet Forum [mailto:RESNET-L@LISTSERV.ND.EDU] *On Behalf Of *Dou=
ghty,
> Marc
> *Sent:* Wednesday, September 14, 2016 11:00 AM
> *To:* RESNET-L@LISTSERV.ND.EDU
> *Subject:* Re: NetBoot/PXE network configuration in the enterprise
>
>
>
> We're about to need to do something similar here. Instead of VLANs, I was
> hoping to get the DHCP servers to recognize the difference between Macs,
> legacy PCs, and UEFI PCs and feed them appropriate info for where to look
> next for a boot file. I think it's possible.
>
> http://d52floats.blogspot.com/2012/07/how-to-add-uefi-
> legacy-pxe-boot-to.html
>
>
>
> - Marc Doughty
> "If you aren't sure who is the give-way vessel, you are the give-way
> vessel."
>
>
>
> On Wed, Sep 14, 2016 at 8:13 AM, Osborne, Bruce W (Network Services) <
> bosborne@liberty.edu> wrote:
>
> Christopher,
>
>
>
> We have been doing PXE & NetBoot for many years here at Liberty
> University with Cisco layer 3 switching.
>
>
>
> On our Vlan SVI=E2=80=99s, we generally have 3 ip helper addresses =E2=80=
=93 DHCP server,
> PXE server, & NetBoot server. The DHCP server handles the IP address
> leases. The PXE server responds with the PXE options. The NetBoot server
> responds with the NetBoot options.
>
>
>
> The clients happily ignore what they do not need and everybody happily
> exists on separate vlans.
>
>
>
> If you wish to contact me off-list I can connect you with our network
> architects and our routing/switching team. Since I am working primarily i=
n
> wireless, I have not been heavily involved in these particular architectu=
re
> designs. I have had to troubleshoot problems, though.
>
>
>
> Best regards,
>
>
>
> *Bruce Osborne*
>
> *Wireless Engineer*
>
> *IT Network Operations - Wireless*
>
> *(434) 592-4229 <%28434%29%20592-4229>*
>
>
>
> *LIBERTY UNIVERSITY*
>
> *Training Champions for Christ since 1971*
>
>
>
> *From:* Burkhalter, Chris [mailto:chris.burkhalter@YALE.EDU]
> *Sent:* Tuesday, September 13, 2016 9:30 AM
> *Subject:* NetBoot/PXE network configuration in the enterprise
>
>
>
> Hi all!
>
>
>
> I've recently started to tackle the complex issue of enterprise level
> network booting and re-imaging for a large number of PC's and Macs en
> masse. We here at Yale have come to the preliminary conclusion that we'll
> need to configure a virtual LAN that will span all our subnets and layer
> 2/3 networks in order to provide sufficient co-existence for NetBoot and
> PXE to exist and work (along with isolated multicast). Since our clusters
> physically co-exist on networks with other systems we have a particularly
> difficult set of challenges in making this work.
>
>
>
> Being that I can't be the first person to have done or attempted this I
> wanted to reach out and hear about everyone's experiences. Furthermore, i=
f
> you've done this successfully how was your HP/Cisco/Juniper layer 2/3
> network equipment configured (if at all) to make this work?
>
>
>
> Our current plan in a nutshell:
>
>
>
> * Isolate all the systems and consolidate them in to between 4-6 subnets
> campus wide
>
> * configure I.P. helpers for the relaying of necessary DHCP/Bootp/PXE
> broadcasts
>
> * attempt to isolate routing for multicast (to avoid excessive routing
> traffic)
>
>
>
> Thoughts? Hoping to learn from other's experience :). We are interested i=
n
> hearing your experiences, especially those that dealt with the
> configuration of the network to help us understand how others have done
> this. I've found good resources on Google, but none point to specific
> implementations and their challenges.
>
>
>
> Many thanks, and looking forward to hearing from you!
>
>
> Best,
>
> Christopher M. Burkhalter =E2=80=93 ACSP, ACMT
> DSP - Public Computing Services,
> Office of Medical Education
>
>
>
> Yale University I.T.S.
> 203-500-3942
>
> ___________________________________________________ You are subscribed to
> the ResNet-L mailing list.
>
> To subscribe, unsubscribe or search the archives, go to
> http://LISTSERV.ND.EDU/archives/resnet-l.html
> ___________________________________________________
>
> ___________________________________________________ You are subscribed to
> the ResNet-L mailing list.
>
> To subscribe, unsubscribe or search the archives, go to
> http://LISTSERV.ND.EDU/archives/resnet-l.html
> ___________________________________________________
>
>
>
> ___________________________________________________ You are subscribed to
> the ResNet-L mailing list.
>
> To subscribe, unsubscribe or search the archives, go to
> http://LISTSERV.ND.EDU/archives/resnet-l.html
> ___________________________________________________
> ___________________________________________________ You are subscribed to
> the ResNet-L mailing list.
>
> To subscribe, unsubscribe or search the archives, go to
> http://LISTSERV.ND.EDU/archives/resnet-l.html
> ___________________________________________________
>
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
--001a114774484dfee8053ce774ca
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">It was 5 years ago at a previous position, but we used Alt=
iris (Now owned by Symantec) across a VPN links to image machines across ou=
r entire enterprise.=C2=A0 I guess my point is that spanning a L2 link shou=
ld be un-necessary. =C2=A0<div><br></div><div>Which imaging platform are yo=
u targeting?</div><div>=C2=A0</div></div><div class=3D"gmail_extra"><br><di=
v class=3D"gmail_quote">On Fri, Sep 16, 2016 at 10:57 AM, St. Onge, Justin =
<span dir=3D"ltr"><<a href=3D"mailto:Justin.St.Onge@oneonta.edu" target=
=3D"_blank">Justin.St.Onge@oneonta.edu</a>></span> wrote:<br><blockquote=
class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc soli=
d;padding-left:1ex">
<div lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif;color:#1f497d">We used DHCP options for years across=
VLANs with success with legacy BIOS but had to switch to IP helpers for UE=
FI.=C2=A0
<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif;color:#1f497d"><u></u>=C2=A0<u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif;color:#1f497d">Justin<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif;color:#1f497d">SUNY Oneonta<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif;color:#1f497d"><u></u>=C2=A0<u></u></span></p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:11.0pt;font-family:"=
;Calibri",sans-serif">From:</span></b><span style=3D"font-size:11.0pt;=
font-family:"Calibri",sans-serif"> Resnet Forum [mailto:<a href=
=3D"mailto:RESNET-L@LISTSERV.ND.EDU" target=3D"_blank">RESNET-L@LISTSERV.ND=
.<wbr>EDU</a>]
<b>On Behalf Of </b>Doughty, Marc<br>
<b>Sent:</b> Wednesday, September 14, 2016 11:00 AM<br>
<b>To:</b> <a href=3D"mailto:RESNET-L@LISTSERV.ND.EDU" target=3D"_blank">RE=
SNET-L@LISTSERV.ND.EDU</a><br>
<b>Subject:</b> Re: NetBoot/PXE network configuration in the enterprise<u><=
/u><u></u></span></p><div><div class=3D"h5">
<p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p>
<div>
<p class=3D"MsoNormal">We're about to need to do something similar here=
. Instead of VLANs, I was hoping to get the DHCP servers to recognize the d=
ifference between Macs, legacy PCs, and UEFI PCs and feed them appropriate =
info for where to look next for a boot
file. I think it's possible.<br>
<br>
<a href=3D"http://d52floats.blogspot.com/2012/07/how-to-add-uefi-legacy-pxe=
-boot-to.html" target=3D"_blank">http://d52floats.blogspot.com/<wbr>2012/07=
/how-to-add-uefi-<wbr>legacy-pxe-boot-to.html</a><u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal"><br clear=3D"all">
<u></u><u></u></p>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal"><br>
- Marc Doughty<br>
"If you aren't sure who is the give-way vessel, you are the give-w=
ay vessel."<u></u><u></u></p>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p>
<div>
<p class=3D"MsoNormal">On Wed, Sep 14, 2016 at 8:13 AM, Osborne, Bruce W (N=
etwork Services) <<a href=3D"mailto:bosborne@liberty.edu" target=3D"_bla=
nk">bosborne@liberty.edu</a>> wrote:<u></u><u></u></p>
<blockquote style=3D"border:none;border-left:solid #cccccc 1.0pt;padding:0i=
n 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<div>
<div>
<p class=3D"MsoNormal"><a name=3D"m_-4368959468990682891_m_-960998921646380=
912__MailEndCompose"><span style=3D"font-size:11.0pt;font-family:"Cali=
bri",sans-serif">Christopher,</span></a><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">=C2=A0</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">We have been=C2=A0 doing PXE & NetBoot for many=
years here at Liberty University with Cisco layer 3 switching.
</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">=C2=A0</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">On our Vlan SVI=E2=80=99s, we generally have 3 ip h=
elper addresses =E2=80=93 DHCP server, PXE server, & NetBoot server. Th=
e DHCP
server handles the IP address leases. The PXE server responds with the PXE=
options. The NetBoot server responds with the NetBoot options.
</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">=C2=A0</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">The clients happily ignore what they do not need an=
d everybody happily exists on separate vlans.</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">=C2=A0</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">If you wish to contact me off-list I can connect yo=
u with our network architects and our routing/switching team.
Since I am working primarily in wireless, I have not been heavily involved=
in these particular architecture designs. I have had to troubleshoot probl=
ems, though.</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">=C2=A0</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">Best regards,
</span><u></u><u></u></p>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">=C2=A0</span><u></u><u></u></p>
<div>
<p class=3D"MsoNormal" style=3D"background:white">
<b><span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-seri=
f;color:black">Bruce Osborne</span></b><u></u><u></u></p>
<p class=3D"MsoNormal" style=3D"background:white">
<i><span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-seri=
f;color:black">Wireless Engineer</span></i><u></u><u></u></p>
<p class=3D"MsoNormal" style=3D"background:white">
<b><span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-seri=
f;color:black">IT Network=C2=A0Operations - Wireless</span></b><u></u><u></=
u></p>
<p class=3D"MsoNormal" style=3D"background:white">
<span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-serif;c=
olor:black">=C2=A0<b><a href=3D"tel:%28434%29%20592-4229" target=3D"_blank"=
>(434) 592-4229</a></b></span><u></u><u></u></p>
<p class=3D"MsoNormal" style=3D"background:white">
<span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-serif;c=
olor:black">=C2=A0</span><u></u><u></u></p>
<p class=3D"MsoNormal" style=3D"background:white">
<b><span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-seri=
f;color:black">LIBERTY UNIVERSITY</span></b><u></u><u></u></p>
<p class=3D"MsoNormal" style=3D"background:white">
<i><span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-seri=
f;color:black">Training Champions for Christ since 1971</span></i><u></u><u=
></u></p>
</div>
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt;font-family:"Ca=
libri",sans-serif">=C2=A0</span><u></u><u></u></p>
<div>
<div style=3D"border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in =
0in 0in">
<p class=3D"MsoNormal"><b><span style=3D"font-size:11.0pt;font-family:"=
;Calibri",sans-serif">From:</span></b><span style=3D"font-size:11.0pt;=
font-family:"Calibri",sans-serif"> Burkhalter, Chris [mailto:<a h=
ref=3D"mailto:chris.burkhalter@YALE.EDU" target=3D"_blank">chris.burkhalter=
@YALE.<wbr>EDU</a>]
<br>
<b>Sent:</b> Tuesday, September 13, 2016 9:30 AM<br>
<b>Subject:</b> NetBoot/PXE network configuration in the enterprise</span><=
u></u><u></u></p>
</div>
</div>
<p class=3D"MsoNormal">=C2=A0<u></u><u></u></p>
<div>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">Hi all!</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">=C2=A0</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">I've recently started to tackle the complex i=
ssue of enterprise level network booting and re-imaging for a large number =
of PC's and Macs en masse. We here at Yale have come
to the=C2=A0preliminary=C2=A0conclusion that we'll need to configure a=
virtual LAN that will span all our subnets and layer 2/3 networks in order=
to provide sufficient co-existence for NetBoot and PXE to exist and work (=
along with isolated multicast). Since our clusters
physically co-exist on networks with other systems we have a particularly =
difficult=C2=A0set of challenges in making this work.</span><u></u><u></u><=
/p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">=C2=A0</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">Being that I can't be the first person to hav=
e done or=C2=A0attempted this I wanted to reach out and hear about everyone=
's experiences.=C2=A0Furthermore, if you've done this successfully
how was your HP/Cisco/Juniper layer 2/3 network equipment=C2=A0configured=
=C2=A0(if at all) to make this work?=C2=A0</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">=C2=A0</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">Our current plan in a nutshell:</span><u></u><u><=
/u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">=C2=A0</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">* Isolate all the systems and consolidate them in=
to between 4-6 subnets campus wide</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">* configure I.P. helpers for the relaying of nece=
ssary DHCP/Bootp/PXE broadcasts</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">* attempt to isolate routing for multicast (to av=
oid excessive routing traffic)</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">=C2=A0</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">Thoughts? Hoping to learn from other's experi=
ence=C2=A0:). We are interested in hearing your experiences, especially tho=
se that dealt with the configuration of the network to
help us understand how others have done this. I've found good resource=
s on Google, but none point to specific implementations and their challenge=
s.</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">=C2=A0</span><u></u><u></u></p>
<p style=3D"background:white"><span style=3D"font-family:"Calibri"=
;,sans-serif;color:black">Many thanks, and looking forward to hearing from =
you!</span><u></u><u></u></p>
<div>
<div>
<div>
<div>
<p class=3D"MsoNormal" style=3D"background:white">
<span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-serif;c=
olor:black"><br>
Best,<br>
=C2=A0<br>
Christopher M. Burkhalter =E2=80=93 ACSP, ACMT<br>
DSP - Public Computing Services,<br>
Office of Medical Education</span><u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"background:white">
<span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-serif;c=
olor:black">=C2=A0</span><u></u><u></u></p>
</div>
<div>
<p class=3D"MsoNormal" style=3D"background:white">
<span style=3D"font-size:10.0pt;font-family:"Tahoma",sans-serif;c=
olor:black">Yale University I.T.S.<br>
<a href=3D"tel:203-500-3942" target=3D"_blank">203-500-3942</a></span><u></=
u><u></u></p>
</div>
</div>
</div>
</div>
</div>
<p class=3D"MsoNormal">______________________________<wbr>_________________=
____ You are subscribed to the ResNet-L mailing list.
<u></u><u></u></p>
<p>To subscribe, unsubscribe or search the archives, go to <a href=3D"http:=
//LISTSERV.ND.EDU/archives/resnet-l.html" target=3D"_blank">
http://LISTSERV.ND.EDU/<wbr>archives/resnet-l.html</a> ____________________=
__________<wbr>_____________________
<u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class=3D"MsoNormal">______________________________<wbr>_________________=
____ You are subscribed to the ResNet-L mailing list.
<u></u><u></u></p>
<p>To subscribe, unsubscribe or search the archives, go to <a href=3D"http:=
//LISTSERV.ND.EDU/archives/resnet-l.html" target=3D"_blank">
http://LISTSERV.ND.EDU/<wbr>archives/resnet-l.html</a> ____________________=
__________<wbr>_____________________
<u></u><u></u></p>
</div>
</div>
</blockquote>
</div>
<p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p>
</div>
<p class=3D"MsoNormal">______________________________<wbr>_________________=
____ You are subscribed to the ResNet-L mailing list.
<u></u><u></u></p>
<p>To subscribe, unsubscribe or search the archives, go to <a href=3D"http:=
//LISTSERV.ND.EDU/archives/resnet-l.html" target=3D"_blank">
http://LISTSERV.ND.EDU/<wbr>archives/resnet-l.html</a> ____________________=
__________<wbr>_____________________
<u></u><u></u></p>
</div></div></div>
</div><div class=3D"HOEnZb"><div class=3D"h5">
______________________________<wbr>_____________________
You are subscribed to the ResNet-L mailing list.
<p>
To subscribe, unsubscribe or search the archives,
go to <a href=3D"http://LISTSERV.ND.EDU/archives/resnet-l.html" target=3D"_=
blank">http://LISTSERV.ND.EDU/<wbr>archives/resnet-l.html</a>
______________________________<wbr>_____________________
</p></div></div></blockquote></div><br></div>
___________________________________________________
You are subscribed to the ResNet-L mailing list.
<p>
To subscribe, unsubscribe or search the archives,
go to <a href=3D"http://LISTSERV.ND.EDU/archives/resnet-l.html" target=3D"_blank">http://LISTSERV.ND.EDU/archives/resnet-l.html</a>
___________________________________________________
--001a114774484dfee8053ce774ca--
