IP Helpers and Netboot across subnets

jarednichols
Honored Contributor

Has anyone set these up to enable netbooting across subnets without a bless command? I'd like to get these set up but don't know enough about it. A key piece of info may be that our DHCP and Netboot server are different boxes. Not sure if this precludes me from going this route.

Thanks!

1 ACCEPTED SOLUTION

jesmith
New Contributor II

We are currently Netbooting across several subnets with servers that are sitting in a central location. If you are using Cisco equipment for your networking equipment, the command to setup a helper address is very simple. I am not sure if you are the one who deals with that piece. The command on the router to enable the helper address is ip helper-address x.x.x.x. Just change the x's with the IP address of your Netboot server or DHCP server. You can have more than one helper address per VLAN on the router. I would guess that there are already helper addresses in place on your network unless you have Netboot servers and DHCP servers at each of your sites.

View solution in original post

9 REPLIES 9

gregp
Contributor

We have that set up on many subnets.

Our Cisco routers give out the DHCP addresses and our Netboot server is sitting in the data center.

Don't know what the command is for the routers, that's handled by another group.

Every subnet that will need to Netboot like that will need to have its router updated.

tlarkin
Honored Contributor

my network dude says just setting up a simple IP helper would work...sorry didn't get any specifics. Our SuSe Linux boxes control DHCP so they hand it out over the whole network.

jesmith
New Contributor II

We are currently Netbooting across several subnets with servers that are sitting in a central location. If you are using Cisco equipment for your networking equipment, the command to setup a helper address is very simple. I am not sure if you are the one who deals with that piece. The command on the router to enable the helper address is ip helper-address x.x.x.x. Just change the x's with the IP address of your Netboot server or DHCP server. You can have more than one helper address per VLAN on the router. I would guess that there are already helper addresses in place on your network unless you have Netboot servers and DHCP servers at each of your sites.

ernstcs
Contributor III

We use windows based DHCP servers separate from our NetBoot servers. I'm told we just use DHCP relay to netboot across subnets here. Like many network guy answers that was all I got even though I asked for more details.

donmontalvo
Esteemed Contributor III

In a few environments we asked our Cisco engineer to set it up and he did so pretty quickly. I remember one environment where the in-house networking guy was afraid to make the change because he's never had to do it, and he was too afraid to open a ticket with Cisco.

So we escalated and got the ticket open for him. Once he got the ticket he still resisted, so we opened a conference call with our Cisco engineer and in a couple minutes it was done. It was a little embarassing for the in-house networking guy but he admitted it was easier than he thought.

http://www.cisco.com/en/US/docs/ios/12_3t/ip_addr/command/reference/ip1_i1gt.html#wp1169356

I'm not a networking guy, but just watching it didn't seem too difficult. The Cisco guy did say in some circumstances enabling IP Helper wouldn't be possible...but I got lost in all the Greek speak...

Don

--
https://donmontalvo.com

John_Wetter
Release Candidate Programs Tester

We've had it going on our old gear from HP and new gear from another vendor as well. One thing we're getting close on is we're hitting our max for the number of helpers. By the time we get Netboot, DHCP (from primary and secondary), PXE, and one other, we're almost out of spots, so that could be one item the network folks mention.

Cem
Valued Contributor

Same experience here. It takes 2 minutes to get it going. But it requires layer 3 switches. I think, that all network engineer is doing is just putting the IP address.

BSDP is virtually the same as DHCP, if your DHCP is already configured on all Layer 3 device then it should be very straight forward.

A good technical overview of all this is provided here:
 
http://www.bombich.com/mactips/bootpd.html

henryarias011
New Contributor

The Cisco router command is:

ip helper-address 10.1.1.100 # insert the address of the DHCP server
You apply this to the incoming interface where the clients requiring addresses reside.

david_yenzer
Contributor II

We were able to netboot without bothering with IP Helpers or bless commands. Those may work but we were able to work around them for now. We are still new to JAMF and learning the ropes, trying to figure things out. So far this seemed to work for us.

We have multiple buildings but currently only have two netboot servers, both in our main location. However, we have several labs of machines that needed to be imaged at different locations. What we found to work is this:

(1) Leave netboot server #1 in place at central location for regular maintenance and imaging.
(2) Take netboot server #2 to other location.
(3) IP netboot server #2 to that location.
(4) Update netboot server #2 IP address in JAMF web Casper Admin setting for Settings > Servers > Netboot Servers to point to the new IP address. (Note: entry at bottom for "boot-device" updates automatically.)
(5) Update DNS entry for server #2 to new IP address. We deleted the existing DNS entry and added a new one.
(6) Option-boot or Netboot a machine, select the Netboot option that appears.
(7) We did not do prestaging, but you might be able to. We just manually entered info and selected the distribution point to be server#1 (note: that is server #1 at our central location!).

For whatever reason, it doesn't want to image from the netboot server located at the new location. Instead it seems to act as some sort of gateway back to the netboot server in our main location. It's a bit slower but it works. We came back the next day and they were all done. Repeated at next building lab. Unfortunately these were older macs so only had thunderbolt display ports, so we couldn't use our thunderbolt drives to one-off image them. We had to find a way to netboot.