Jamf Nation Community

Please have a look at this link back to Rich's site.
http://derflounder.wordpress.com/2011/12/08/netbooting-across-subnets/

Do you have IP helper set up on the routers?

What we've seen is that older Macs will boot fine to the destination with or without the IP helper configured. The newer ones (incl the Macmini5,2, which I've got sitting next to me) need the IP helper due to the way their EFI tries to NetBoot.

I have an RFE open with Apple asking if they can "fix" NetBoot in current models so that we can direct them to a NetBoot server without having to use IP helper.

I say "fix" because in the BSDP spec, the new machines are following the spec and that's where the problem (in my view) is.

What happens on newer models with bless:
1. You bless & reboot. 2. EFI goes to the NetBoot server and the NetBoot server responds with a list of NBIs. 3. EFI picks an NBI and replies, but instead of replying to that server, it broadcasts (sends to 255.255.255.255). With IP helper configured, the routers will pass that to your server it works fine. Without that, the packet goes nowhere useful.

If you hold down Option then press N during boot or go to System Preferences, the machine will broadcast (to 255.255.255.255) looking for any NetBoot servers. Anyone who hears it will respond along with a list of NBIs and transmit back to the broadcast address.

Older machines worked fine as they went right back to the server they were communicating with. Why? Have to ask Apple. Guess it was technically "broken," but it worked.

One thing to try, is reboot and hold down Option. When you see your HD, also press N. At this point, EFI is broadcasting for NetBoot servers. I'm guessing you'll see none. If you see one, boot to it and see what happens. That will tell us a little more of what's going on.

Thanks for the responses. I've tried the steps shown on Rich's site to no avail, but thank you @jhbush1973. @gregp, I'm intrigued by your post, but its a bit over my head. I spoke with our network admin about IP Helper, but he wasn't quite familiar with what I was referring to. If there is any info you have related to IP Helper that would shed some light it would be helpful.

I had attempted to locally boot to the startup manager (option boot) and see if I could boot to the network that way. Unfortunately, the network restore images that are on the server were not seen. I do find it interesting that the server does see the individual machines attempting to boot to it when I use the bless command (as you can see in the logs I posted).

Is Netboot via OS X Server still the best tool to use for imaging in an enterprise environment or is there something else that works better?

Thanks for all the help!

Your NetBoot server did see the client initially when you used the bless command, as the initial packets got to the NetBoot server w/o problems. The NetBoot server replied and got back to the client. Its at this point where things "break" with the new machines- the client sent its choice of NBI, but instead sending it to your server directly, its sent to 255.255.255.255. Which will never get to your NetBoot server unless you're on the same subnet or the routers are set up to forward those packets.

We have ~1000 Macs in the US & in India and use NetBoot for imaging & troubleshooting. About 6 years ago before we has NetBoot, we had ~600 Macs and the upgrades were a pain (fortunately none in India at the time). We're still using our 5-6 year old 10.4.11 NetBoot server... someday we'll upgrade it, but it works fine. Today its hosting a couple of 10.8.2 images.

These days with NetBoot, we let our users click on an item in Self Service to start the process and its all automatic after that. Approx 30 mins later, they have a shiny new OS with new apps and all is well, and us that manage system don't have to do a thing (unless something goes wrong).

For us, its an indispensable tool that has greatly made things far better for the users and for us.

In talking with our router guys, they say the configuration is very quick & easy. At our main headquarters, we have them configured to send to our primary server. A couple of miles away, we have a little office on the far side of a T1 WAN, so they have their own NetBoot server. Our India division has a couple for their two sites out there. All of the routers have been correctly set up to forward to their specific NetBoot server and it works very, very well.

If you have Macs that are scattered all over the place and visiting each one isn't practical, then NetBoot is a great way to do it. If you are able to gather 'em all up in a big room and image them in person, then take a look at the target mode imaging. We haven't used that as NetBoot works great here, but have seen it and can definitely see some benefits with it.

If you have an opportunity to set up the routers & the server for NetBoot, by all means do it.

Ultimately it was the iphelper command that allowed the packets to travel across subnets. Once I partnered with our network admin and put in the ip address of the netboot server via iphelper it worked immediately. Thanks for all your help!