[Wapt] Déploiement d'OS wapt 2.2 - TFTP

David Matta sysadmin at lfib.ac.th
Mar 22 Mar 11:35:32 CET 2022 

Bonjour,



Je n’arrive pas à faire passer le TFTP en boot PXE, j’ai cette erreur :





Voici mon fichier de conf :

*# /etc/default/tftpd-hpa*

*TFTP_USERNAME="tftp"*

*TFTP_DIRECTORY="/var/www/wads/pxe"*

*TFTP_ADDRESS="172.16.3.14:69 <http://172.16.3.14:69>"*

*TFTP_OPTIONS="--secure"*



En en PJ le fichier de conf du DHCP.



J’ai suivi la doc wapt 2.2 :
https://www.wapt.fr/en/doc/wapt-wads-tftp-and-dhcp-server.html pour la mise
en place.



Mon serveur wapt redirige le port 80 vers le 443, j’ai donc essayé en http
et en https pour la conf du dhcp.

Le pare-feu autorise bien le port 69, 80 et 443 vers le client.

/var/www/wads/pxe est bien présent sur le serveur wapt.



Est-ce que quelqu’un aurait une idée pour me débloquer ?



Merci de votre temps.



Cordialement.





*Lycée Français International*

*Bangkok, THAILAND*

*David MATTA*
Responsable des SI / IT Manager



498, Soi Ramkhamhaeng (Thep Leela 1)

Wangthonglang - 10310 - Bangkok
Tél :     66 (0) 29 34 80 08
Fax :    66 (0) 29 34 66 70
sysadmin at lfib.ac.th
www.lfib.ac.th | LinkedIn
<https://www.linkedin.com/company/3861878?trk=tyah&trkInfo=tarId%3A1413177122685%2Ctas%3Alycee%20francais%20international%20de%20bangkok%2Cidx%3A1-1-1>
| Facebook <https://www.facebook.com/LFIBofficial> | Twitter
<https://twitter.com/LFIBinfo>

<http://www.lfib.ac.th/> <http://www.aefe.fr/>

<https://www.lfib.ac.th/sinscrire/?lang=en>

*This communication (including any files transmitted with it) is intended
solely for the person or entity to whom it is addressed, and may contain
confidential or privileged information. The disclosure, distribution or
copying of this message is strictly forbidden. Should you have received
this communication in error, kindly contact the sender promptly, destroy
any copies and delete this message from your computer system.*
-------------- section suivante --------------
Une pièce jointe HTML a été nettoyée...
URL: <http://lists.wapt.fr/pipermail/wapt/attachments/20220322/ff90e616/attachment.htm>
-------------- section suivante --------------
Une pièce jointe autre que texte a été nettoyée...
Nom: image001.png
Type: image/png
Taille: 10836 octets
Desc: non disponible
URL: <http://lists.wapt.fr/pipermail/wapt/attachments/20220322/ff90e616/attachment.png>
-------------- section suivante --------------
Une pièce jointe autre que texte a été nettoyée...
Nom: image002.jpg
Type: image/jpeg
Taille: 1618 octets
Desc: non disponible
URL: <http://lists.wapt.fr/pipermail/wapt/attachments/20220322/ff90e616/attachment.jpg>
-------------- section suivante --------------
Une pièce jointe autre que texte a été nettoyée...
Nom: image003.png
Type: image/png
Taille: 17309 octets
Desc: non disponible
URL: <http://lists.wapt.fr/pipermail/wapt/attachments/20220322/ff90e616/attachment-0001.png>
-------------- section suivante --------------
Une pièce jointe autre que texte a été nettoyée...
Nom: image004.png
Type: image/png
Taille: 27735 octets
Desc: non disponible
URL: <http://lists.wapt.fr/pipermail/wapt/attachments/20220322/ff90e616/attachment-0002.png>
-------------- section suivante --------------
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#

# option definitions common to all supported networks...
#option domain-name "ad.lfib.ac.th";
#option domain-name-servers master.ad.lfib.ac.th, slave.ad.lfib.ac.th;

default-lease-time 600;
max-lease-time 7200;

# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
#ddns-update-style none;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
#log-facility local7;

# No service will be given on this subnet, but declaring it helps the 
# DHCP server to understand the network topology.

subnet 172.16.3.0 netmask 255.255.255.0 {
#}

# This is a very basic subnet declaration.

#subnet 10.254.239.0 netmask 255.255.255.224 {
   range dynamic-bootp 172.16.3.61 172.16.3.81;
   option routers 172.16.3.1;
   option subnet-mask 255.255.255.0;
}

# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.

#subnet 10.254.239.32 netmask 255.255.255.224 {
#  range dynamic-bootp 10.254.239.40 10.254.239.60;
#  option broadcast-address 10.254.239.31;
#  option routers rtr-239-32-1.example.org;
#}

# A slightly different configuration for an internal subnet.
#subnet 10.5.5.0 netmask 255.255.255.224 {
#  range 10.5.5.26 10.5.5.30;
#  option domain-name-servers ns1.internal.example.org;
#  option domain-name "internal.example.org";
#  option routers 10.5.5.1;
#  option broadcast-address 10.5.5.31;
#  default-lease-time 600;
#  max-lease-time 7200;
#}

# Hosts which require special configuration options can be listed in
# host statements.   If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.

#host passacaglia {
#  hardware ethernet 0:0:c0:5d:bd:95;
#  filename "vmunix.passacaglia";
#  server-name "toccata.example.com";
#}

# Fixed IP addresses can also be specified for hosts.   These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
#host fantasia {
#  hardware ethernet 08:00:07:26:c0:a5;
#  fixed-address fantasia.example.com;
#}

# You can declare a class of clients and then do address allocation
# based on that.   The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.

#class "foo" {
#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
#}

#shared-network 224-29 {
#  subnet 10.17.224.0 netmask 255.255.255.0 {
#    option routers rtr-224.example.org;
#  }
#  subnet 10.0.29.0 netmask 255.255.255.0 {
#    option routers rtr-29.example.org;
#  }
#  pool {
#    allow members of "foo";
#    range 10.17.224.10 10.17.224.250;
#  }
#  pool {
#    deny members of "foo";
#    range 10.0.29.10 10.0.29.230;
#  }
#}
#<!-- global options -->
next-server 172.16.3.14;

option ipxe-url code 175 = text;
option client-architecture code 93 = unsigned integer 16;

#<!-- subnet mydomain.lan netmask 255.255.255.0 -->

if option client-architecture = 00:00 {
  if exists user-class and option user-class = "iPXE" {
    filename "http://srvwapt.ad.lfib.ac.th/api/v3/baseipxe?uefi=false";
  }
  else{
    filename "undionly.kpxe";
  }

} else {
  if exists user-class and option user-class = "iPXE" {
    option ipxe-url "http://srvwapt.ad.lfib.ac.th:80/";
    filename "http://srvwapt.ad.lfib.ac.th/api/v3/baseipxe";
  }
  else{
    filename "ipxe.efi";
  }
}

Plus d'informations sur la liste de diffusion WAPT