Need help setting up isolated setup :)

[Ally Biggs]

Update

Hi guys I am trying to setup a Clonezilla server but am having trouble getting DHCP to work when setting up DRBL. I am using Ubuntu Server 16:10

I am using a Dell Optplex 390 with only one network card. When I initially setup the machine I connected it to our company network via DHCP to update the server and install DRBL.

I want to keep the setup isolated from our other DHCP server on our network.

Once I had installed all the required DRBL packages I then disconected the ethernet and reconnected it into my isolated setup which consists of the following:

Optiplex 390 > Switch > Router

I have manually configured the router to hand out DHCP to anything connected to the switch. currently am using a 192.168.2.0 range.

I have tested the switch and computers get a I.P address from the router so technically the DHCP service on the router is working.

however when I run through the drblpush -i and get to the DHCP setup I get a wanring about only having one network card, When I finish the process the DHCP setup cannot be detected and fails.

Where am I going wrong folks? need some guidance from the wizards :)

Can all of this be acomplished with only one Network card?

[Steven Shiau]

Another possibility is you can use the "lite server" mode in Clonezilla live. It allows you to reuse the existing DHCP service in the LAN.

Steven

[Arthur Tromp]

DRBL does expect two network ports (well, at least the drblpush configuration script does). One for Internet access and one for the Clonezilla network. You could work around this by defining a virtual interface on the eth0 interface. The following doc describes the procedure a bit more: http://www.geekyprojects.com/cloning/setup-a-clonezilla-server-on-ubuntu/

The writer of that procedure uses the virtual interface for his Clonezilla network. Of course you could use it for your (fake) internet connection to fool the drblpush script. The drblpush script does however create its own DHCP service on the DRBL server. So if you want to use the DHCP service running on your switch instead you will have to disable it after configuration. Just make sure that the DHCP service running on the switch points to your DRBL server as being the boot server (tftp), otherwise your clients won't be able to boot from the DRBL server using PXE (if that is what you want).

By the way, it can be handy to have a second network interface for Internet access, since the DRBL server can be setup as a NAT server (also using the drblpush script). That way your clients will have immediate Internet access after a restore, so you can run for example Windows Updates, download drivers if needed, etc., without having to connect them to a different network. Also, the drblpush script will configure the DHCP service running on the DRBL server for the Clonezilla network only (it will only listen for DHCP requests on that network port, not for requests on the Internet network port), so it won't interfere with your production network at all. So you could decide not to use the DHCP service on your switch.

I hope this helps.

[Ally Biggs]

Does anybody have a setup of instructions or a easy to follow guide that explains how to setup Clonezilla Server with one nic, using a virtual I.P.

On my current network setup we have a router that is connected to a SME server that is handling DHCP for the whole buildings network, We also have on the network a Serva32/64 box which is running PXE.

I basically want to have the Clonezilla setup avoiding clashing with the DHCP / current PXE.

Using one ethernet card and a virtual I.P is this possible? how does it work I don't fully understand thank you.

[Ally Biggs]

Scrap that I have completely changed my layout the system I will be working with is the following:

[Proposed Configuration]

Dell Optiplex I have two nics installed:

1st ethernet will be connected to the main network and internet 192.168.1

2nd Network card I will assign the address 192.168.2.-

The 1st network card will be connected to a network port and the second one will be connected directly to a Switch.

---

However some caveats remain and I need help with the following:

Another PXE/TFTP server exists on the .1 subnet it is a serva32/64 box serving up Windows ISO various utilites such as memtest.

Will my [proposed Configuration] work? Without conflicting with this server? I wanted any nodes that I plug in on the seperate swtich (.2 network) to start the clonezilla process.

Regarding the Whole subnets thing from what I gather our main gateway only has a 192.168.1 subnet setup for the whole building....... If I just assing a .2 for the second ethernet card statically would the whole configuration still work? Or would I have to do some router wizadry?

Go easy on me I do not really understand subnets

[Arthur Tromp]

We have a similar setup here. When you run your drblpush script to configure DRBL you will be asked which network port is used for internet access. Choose your first network port with the 192.168.1.x address. The script will then configure DHCP/PXE to be used with your second network port, the one with the 192.168.2.x address. It will also ask you for a range of IP address to be used for your Clonezilla clients. Make sure the static 192.168.2.x address isn't included in that range, or you will likely get an IP address conflict when that address is served to one of the clients. The drblpush script also gives you the opportunity to setup NAT on the DRBL server, so clients connected to your isolated imaging switch will have Internet access as well, using the DRBL server as gateway. This works only one-way, so only for your clients connected to your imaging switch. Systems connected to your production network (192.168.1) will not have access to your 192.168.2 network, so won't see the DHCP/PXE service listening to the 192.168.2.x port. And clients connected to your imaging system won't be able to see any DHCP/PXE service on your 192.168.1 network (DHCP requests won't be passed by the DRBL server). Don't worry about any routing. The NAT service on the DRBL server will take care of any routing your clients on the imaging network need to have internet access. So you don't have to configure any gateway for your second network port, just the static IP address (192.168.2.x) and the subnet mask (255.255.255.0).

I hope this helps.

[Ally Biggs]

Hi there thank you for the response, My DHCP is still not working.

I have the machine setup with two ethernet cards,

192.168.21.53
255.255.255.0
Our routers Gateway - this is the public facing ethernet

Second ethercard is

192.168.23.1
255.255.255.0

I said yes to allow NAT, and the secondary card has a i.p range of

192.168.23.30 - 192.168.23.40

Everything setup fine during drblpush -i

I got a message at the end saying connect your clients and put from PXE. So I attempted a boot and nothing.

I am not that good at networking, I am using a Dell PowerConnect 5324 switch the 2nd network card is plugged directly into port 24 at the end, And I am connecting up clients on port 1 on the switch I attempt a PXE boot it comes up with the mac address and attempting to contact the DHCP then nothing.

I am now stumped. Tried restarting the DHCP service this didn't work

much help appreciated.

[Arthur Tromp]

You could try it without the switch, so connect a client directly to the second network card of your DRBL server. Just to make sure it isn't the switch blocking DHCP requests. And if the client has two network ports, try both. Even something as simple as giving your DRBL server a reboot might help.

[Arthur Tromp]

If you want to test if at least your DHCP works, try the following:

• Login on your DRBL server and open a terminal window.
• Give the following command and leave the terminal windows open:

sudo tail -f /var/log/syslog

• Try to boot a client from the network.

If your DHCP service is working, you should see messages like the following appear in your terminal window:

Sep 22 08:26:55 clonezilla01 dhcpd: DHCPDISCOVER from 3c:d9:2b:79:c5:db via eth1
Sep 22 08:26:56 clonezilla01 dhcpd: DHCPOFFER on 192.168.51.10 to 3c:d9:2b:79:c5:db via eth1
Sep 22 08:26:59 clonezilla01 dhcpd: DHCPREQUEST for 192.168.51.10 (192.168.51.100) from 3c:d9:2b:79:c5:db via eth1
Sep 22 08:26:59 clonezilla01 dhcpd: DHCPACK on 192.168.51.10 to 3c:d9:2b:79:c5:db via eth1

[Ally Biggs]

How do you restart the clonezilla service if you restart? or does it do it manually

[Arthur Tromp]

Everything should be started automatically during the boot of the server.

If you suspect that some drbl related service isn't running, you can use the drbl-all-service script to stop/start/restart all drbl related services. See: http://drbl.org/management/techrpt.php?c=drbl-all-service&t=Start,%20restart%20or%20stop%20DRBL-related%20services

On my server a restart looks as follows (run the script as root):

# drbl-all-service restart
Now add the service:  isc-dhcp-server rpcbind nis nfs-common nfs-kernel-server tftpd-hpa drbl-clients-nat
Force to add isc-dhcp-server service in this Debian DRBL server...
Force to add rpcbind service in this Debian DRBL server...
Force to add nis service in this Debian DRBL server...
Force to add nfs-common service in this Debian DRBL server...
Force to add nfs-kernel-server service in this Debian DRBL server...
Force to add tftpd-hpa service in this Debian DRBL server...
Force to add drbl-clients-nat service in this Debian DRBL server...
Now start the service:  isc-dhcp-server rpcbind nis nfs-common nfs-kernel-server tftpd-hpa drbl-clients-nat
Now stop 'drbl-clients-nat' service in systemd-like environment...
Now start 'drbl-clients-nat' service in systemd-like environment...
ip_forward is already on.

There shouldn't be any errors, otherwise you will have to solve them.

[Ally Biggs]

I still cannot get DHCP working I have tried plugging clients directly into the switch and connecting the 2nd network card into the client.

When I check the isc-dhcp-server status I am getting a warning saying failed. bad configuration.

Not sure where to go from here I have posterd up detials of my configuration. Thank you for help It means alot.

Ethernet settings:

auto enp2s0
iface enp2s0 inet static
auto enp2s0
address 192.168.21.67
netmask 255.255.255.0
gateway 192.168.21.1
dns-nameservers 8.8.8.8

enp3s0
iface enp3s0 inet static
address 192.168.3.1
netmask 255.255.0
gateway 192.168.21.67

---

/etc/default/isc-dhcp-server

INTERFACES="enp3s0"

my dhcpd.conf

# Generated by DRBL.
# Do NOT modify this file unless you know what you are doing!

default-lease-time                      300;
max-lease-time                          300;
option subnet-mask                      255.255.255.0;
option domain-name-servers              8.8.8.8
127.0.0.53;
option domain-name                      "drbl.org";
ddns-update-style                       none;
server-name                             drbl;

allow booting;
allow bootp;

option arch code 93 = unsigned integer 16;
option space pxelinux;
option pxelinux.magic      code 208 = string;
option pxelinux.configfile code 209 = text;
option pxelinux.pathprefix code 210 = text;
option pxelinux.reboottime code 211 = unsigned integer 32;

site-option-space "pxelinux";
if exists dhcp-parameter-request-list {
    # Always send the PXELINUX options (specified in hexadecimal)
    option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list,d0,d1,d2,d3);
}
# Ref:
# http://www.syslinux.org/wiki/index.php/PXELINUX
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720589
# //NOTE// From DRBL 2.15, bootia32.efi and bootx64.efi could be the one from
# (1) syslinux (scripts/sbin/prepare-files-for-PXE-client)
# or
# (2) grub (drbl-gen-grub-efi-nb)
if option arch = 00:06 {
    filename "bootia32.efi";
} else if option arch = 00:07 {
    filename "bootx64.efi";
} else if option arch = 00:09 {
    # For iPXE uEFI client. Ref: http://ipxe.org/cfg/platform
    # Thanks to Danny Russ for providing this.
    filename "bootx64.efi";
} else {
    filename "pxelinux.0";
}

## Uncomment the following "if block" when you have some buggy PXE NIC card (such as annoying sis900 NIC). Remember to modify the MAC vendor prefix and restart dhcpd se
rvice!!!
## This is a workround for some network card with BAD PXE code in firmware.
## It will only affect those clients with MAC vendor prefix you assigned.
## Ref: http://syslinux.zytor.com/archives/2005-August/005640.html

#if substring (option vendor-class-identifier, 0, 3) = "PXE" {
#     # **************************************************************
#     # ***MODIFY*** the MAC vendor prefix of client network card here.
#     # **************************************************************
#     # For annoying sis900 network card, maybe it is 00:07:95, 00:0C:6E...
#     if substring (hardware, 1, 3) = 00:0C:6E {
#         # sis900.zpxe is specially for sis900 NIC, you can download it from
#         # http://rom-o-matic.net/etherboot/etherboot-5.4.4/contrib/rom-o-matic
#         filename = "sis900.zpxe";
#     }
#}

# Uncomment the following to get the debug/verbose messages in system log. The messages like the following will be shown:
# PXEClient:Arch:00009:UNDI:003016
# Begin of log command
#log ( info, vendor-class-identifier ) ;
# End of log command

# Uncomment the following to get the debug/verbose messages in system log. The messages like the following will be shown:
# Client 0:c:29:3b:34:fb requests 1:2:3:5:6:b:c:d:f:10:11:12:2b:36:3c:43:80:81:82:83:84:85:86:87 - PXEClient:Arch:00000:UNDI:002001 - no dhcp-client-id
# Client 0:c:29:3b:34:fb requests 1:3:6:c:f:1c:28:29:2a - DRBLClient - no dhcp-client-id
# Begin of log command
#log(info, concat("Client ",
#        binary-to-ascii(16, 8, ":", substring(hardware, 1, 6)),
#        " requests ",
#        binary-to-ascii(16, 8, ":", option dhcp-parameter-request-list),
#        " - ",
#        pick-first-value(option vendor-class-identifier, "no vendor-id"),
#        " - ",
#        pick-first-value(option dhcp-client-identifier, "no dhcp-client-id"))
#   );
# End of log command

# This class 'DRBL-Client' defines 3 kind of clients: PXE, Etherboot (1st stage) or DRBL client (2nd stage, i.e. in network initrd/initramfs (mkpxeinitrd-net)) to lease
 IP address.  This will only affect 'range' statement only, not the 'host' statement.
# Note! The following line(s) in the pool statement: 'allow members of "DRBL-Client";' is/are commented to disable this mechanism by default.
# If you do want to use this mechanism, uncomment all 'allow members of "DRBL-Client";', then only PXE, etherboot and DRBL client can lease IP address from this DHCP se
rvice.
# ///NOTE/// In summary, two cases you can turn on this mechanism:
# (1) This DRBL server is not used as a clonezilla server.
# (2) This DRBL server is used as a Clonezilla server, with the following conditions:
#     (a) 'range' statement is used in this DRBL service.
#     (b) There is an existing DHCP service which can provide IP address leases to the restored OS (either GNU/inux or MS Windows) in the client. Otherwise if you uncom
ment 'allow members of "DRBL-Client";', restored OS won't be able to lease IP address.

# The DRBL client class: PXE, Etherboot or DRBL client
class "DRBL-Client" {
  match if
  (substring(option vendor-class-identifier, 0, 9) = "PXEClient") or
  (substring(option vendor-class-identifier, 0, 9) = "Etherboot") or
  (substring(option vendor-class-identifier, 0, 10) = "DRBLClient") ;
}

# If you want to use special port for DHCP service, edit here:
# For more info, ref: http://drbl.sourceforge.net/faq/index.php#path=./2_System&entry=37_coexist_with_existing_dhcp.faq
# local-port 1067;
# remote-port 1068;

subnet 192.168.3.0 netmask 255.255.255.0 {
    option subnet-mask  255.255.255.0;
    option routers 192.168.3.1;
    next-server 192.168.3.1;

    pool {
      # allow members of "DRBL-Client";
      range 192.168.3.2 192.168.3.31;
    }
}****

[Ally Biggs]

can anybody help? I am going to try FOG Server as this software is driving me mad.

[Arthur Tromp]

If above really is the contents of your /etc/dhcp/dhcpd.conf file, then the issue most likely is the last line:

}****

Remove the 4 asteriks after the last closing accolade and restart your DHCP service:

sudo /etc/init.d/isc-dhcp-server restart

Regarding your network configuration, you don't need to define a gateway on your Clonezilla network port, so you can change the entry

enp3s0
 iface enp3s0 inet static
 address 192.168.3.1
 netmask 255.255.0
 gateway 192.168.21.67

in just

enp3s0
 iface enp3s0 inet static
 address 192.168.3.1
 netmask 255.255.0

But that has nothing to do with you DHCP configuration.

[Ally Biggs]

Thank you I will investigate, I also noticedi in the DNS resolv.conf

For some reason I had a entry 127.0.0.53

Which I have resolved by following instructions here:

https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1624320