none
WDS server and DHCP server on two different servers

    Question

  • Hello guys,

     

    I'm testing Windows Server 2008 with WDS.

     

    My lab :

    - 1 server with the following roles and features : ADDS, DNS, DHCP

    - 1 server with the following role : WDS

     

    I have successfully add boot and install images. Now I'm trying to boot from a PXE server.

    I can see my DHCP server lease an IP address to the new server but I cannot access the WDS server.

     

    My question is : Do I have to install my DHCP server on the WDS server ? Is there no other way to run WDS with a different DHCP server ?

     

    Thanks for your help.

     

    blackjack

    Sunday, January 27, 2008 1:03 AM

Answers

  • Hi,

    My friend Jason and I actually did a differential analysis of the DHCP + WDS on the same server then separated them and analyzed the packets/configurations when they were on different servers.

    The results are documented here and here.

    Basically what we found was to do this you need to set the following DHCP scope options:
  • Predefined Option 43 - 010400000000FF
  • Custom-made Option 60 - String - PXEClient
  • Predefined Option 66 - IP or Hostname of the WDS Server (in our case 10.150.150.1)
  • Predefined Option 67 - boot\x86\wdsnbp.com
  • I did some more research and actually did a deployment following these steps in a production environment.

    One more thing to keep an eye on are open ports that need to be open to the WDS server:
    UDP - 67, 68, 69, 4011
    TCP - 135, 137, 138, 139, 5040

    Hope this helps,
    Tom

Thursday, July 31, 2008 8:22 PM

All replies

  • Guys,

     

    Just for your information, I have installed the DHCP role on my WDS Server. Now everything works fine. I can access my images.

     

    I'm still wondering if it's possible to not install DHCP role on the WDS Server...

     

    Thanks for your feedback.

     

    blackjack

     

    Sunday, January 27, 2008 3:06 PM
  • It is possible.

     

    I would look at the DHCP server that you had configured originally.  If you compare the two DHCP servers you might find the difference in configuration that is making things difficult.  Perhaps you are handing something out that is creating difficulties, or perhaps you are not handing out enough...

     

    Luck,

     

    Monday, January 28, 2008 1:49 AM
  • Hello colleague! (I'm working @Avanade France)

     

    Thanks for the tip, I'll follow your advice.

    I'll get back to you with some news once done.

     

    Smile

     

    Monday, January 28, 2008 1:28 PM
  • From the WDS documentation ~ hope this helps.

     

    Configuring When DHCP is on the Same Server

    The method of communication between the booting client and the server uses data fields (known as options) in DHCP packets. The Windows Deployment Services solution for booting over the network works well in many configurations. It works well when Windows Deployment Services is located on the same physical computer or on a different physical computer than the DHCP server. However, the default installation is that Windows Deployment Services and a DCHP server (Microsoft or non-Microsoft) are located on different physical computers. In this scenario, no additional configuration steps are required for interoperability between Windows Deployment Services and the DHCP server.

    However, if you are running Windows Deployment Services and DHCP on the same computer, in addition to configuring the server to not listen on port 67, you will need to use your DHCP tools to add Option 60 to their DHCP scopes. This allows booting clients to learn about the Windows Deployment Services PXE server from the DHCP response that is generated by the DHCP server. Setting DHCP option tag 60 has one side effect: clients booting from the network are always notified that the Windows Deployment Services PXE server is available, even if the server is not operational or has stopped. For instructions on configuring these options, see the DHCP section of How to Manage Your Server.

    Note

    There are some scenarios (particularly those that require running a DHCP server) that do not support adding custom DHCP option 60 on the same physical computer as the Windows Deployment Services server. In these circumstances, it is possible to configure the server to bind to UDP Port 67 in non-exclusive mode by passing the SO_REUSEADDR option. For more information, see Using SO_REUSEADDR and SO_EXCLUSIVEADDRUSE (http://go.microsoft.com/fwlink/?LinkId=82387).

    If DHCP is installed on a server that is located in a different subnet, then you will need to do one of the following configure your IP Helper tables (recommended) or add DHCP options 66 and 67. For more information, see Managing Network Boot Programs.

     

    And here are some procedures:

     

    To configure Windows Deployment Services to run on the same computer as Microsoft DHCP

       
    1. Right-click the server and click Properties.

    2. On the DHCP tab, select Do not listen on port 67 and Configure DHCP Option #60 Tag to PXEClient.

     

    This procedure does the following:

    • Sets HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDSServer\Parameters\UseDhcpPorts to 0.

    • Adds the option 60 PXEClient tag to all of your DHCP scopes.

    To configure Windows Deployment Services to run on the same computer as non-Microsoft DHCP

    1. Right-click the server and click Properties.

    2. On the DHCP tab, select the Do not listen on port 67.

    3. Use your DHCP server tools to set Option #60 Tag to PXEClient.



     

    This procedure sets HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDSServer\Parameters\UseDhcpPorts to 0.

    Saturday, February 16, 2008 12:11 AM
  •  

    Hello Trina,

     

    I already read WDS documentation and followed its recommendations.

    When installing the DHCP role on a Windows Server 2008 running WDS role, the PXE option 60 is installed automatically. And it's work.

     

    For my test, I had created this value on my DHCP server (non WDS) using netsh:

     

    Code Snippet
    c:\>netsh
    netsh>dhcp
    netsh dhcp>server \\server_name
    netsh
    dhcp server>add optiondef 60 ClassID String 0
    netsh dhcp server>set optionvalue 60 STRING PXEClient

     

     

    But this didn't work.

     

    The procedure you provided me mentionned installing DHCP on the same computer as WDS role.

    I'm trying to install my DHCP server on a server different from my WDS server.

     

    I will check your links to be sure I followed the correct procedure.

     

    Any other information is welcomed.

     

    Thanks for your help Trina.

     

    Regards,

    blackjack

     

    PS: just let me know if I'm not clear to you

    Saturday, February 16, 2008 12:55 AM
  •  

    By default, if you do not have the DHCP role installed on the same machine as the WDS Server, it should work fine.

     

    if you are uninstalling the DHCP role on the WDS Server after the WDS role has been configured, you should do the following.

     

    wdsutil /set-server /usedhcpports:yes

     

    Also, on your DHCP server you should remove the configured option 60. Option 60 should be set only if WDS is on the same machine as the DHCP server.

     

    Hope that helps!

    -Sudha Thirumoolan

    Tuesday, February 19, 2008 8:37 AM
  • I have a configuration where the WDS and the DHCP are on two seperate servers and i am unable to boot via PXE with clients.  Does anyone have an idea as to why this is not working?  We have VLANs setup, but i don't see why that would affect anything they client is set to be on the same VLAN as the WDS and DHCP server.  Any other ideas out there?
    • Proposed as answer by rus19297 Thursday, July 31, 2008 2:14 PM
    Monday, June 23, 2008 6:33 PM
  •  http://technet.microsoft.com/en-us/library/bb490327.aspx

    and 

    http://support.microsoft.com/kb/259670

    These two sort of contradict themselves. The bottom line is that if you plan on running on two servers, there should not be any additional configuration, however, if you do not use options 66 and 67 you will not get the correct answer from the PXE client. At least setup 66 as the WDS server and check your routing. If you need to look at basic routing concepts from your switch, please look and see if all broadcast messages are being receive properly. If you got this to work by putting both on the same server I'm assuming you moved away from listening on the same port by following the articles that show you how to reassign. If this was necessary, then you may want to look at how the original DHCP server was configured for the same port. Try using nmap or a network scan against the original DHCP server and confirm all ports are listening correctly. Was the server properly authorized? These items and many more can prohibit correct DHCP packet transmissions that WDS requires. VLAN's should not make a difference if you are not going outside of the same one (or your routing tables are correct). You may need to put a sniffer on the same switch as all three and see where the disconnect is coming from. Hope this helps.
    • Proposed as answer by rus19297 Thursday, July 31, 2008 2:24 PM
    Thursday, July 31, 2008 2:23 PM
  • Hi,

    My friend Jason and I actually did a differential analysis of the DHCP + WDS on the same server then separated them and analyzed the packets/configurations when they were on different servers.

    The results are documented here and here.

    Basically what we found was to do this you need to set the following DHCP scope options:
  • Predefined Option 43 - 010400000000FF
  • Custom-made Option 60 - String - PXEClient
  • Predefined Option 66 - IP or Hostname of the WDS Server (in our case 10.150.150.1)
  • Predefined Option 67 - boot\x86\wdsnbp.com
  • I did some more research and actually did a deployment following these steps in a production environment.

    One more thing to keep an eye on are open ports that need to be open to the WDS server:
    UDP - 67, 68, 69, 4011
    TCP - 135, 137, 138, 139, 5040

    Hope this helps,
    Tom

Thursday, July 31, 2008 8:22 PM
  • Tom, your post (or rather, the 2nd blog entry you linked to, though the info was actually in your post above) helped a lot, but probably what you were expecting. My issue was that I got the initial PXE/TFTP response/transfer, but then failed with a "Windows Boot Manager" error. "Windows failed to Start..." with a standard (Vista/2008) message about a recent hardware or software change and how to initiate a repair install. (Obviously not applicable in this case.) Followed by:

    File: \Boot\BCD

    Status: 0xc000000f

    Info: An error occurred while attempting to read the boot configuration data.

    I was pointing option 67 to "pxeboot.com" (or the .n12 variant) instead of wdsnbp.com

    Hopefully this will now be indexed by google and will help someone else out. Environment is WDS on a 2003 SP2 server, DHCP on separate servers. DHCP helper/forwarding was already set in our cisco switches, as we don't have DHCP servers in our seperate vlans.

    A couple comments/questions:
     I never had to use option 43. Also, accounts/advice on the web conflict, so I'm not surprised, but in my case setting option 60 actually *breaks* PXE booting...(No reply to TFTP request is ever recieved.)

    At some point in troubleshooting I modified option 67 to have a leading \ so it's "\boot\x86\wdsnbp.com" - anyone have any info for or against? It's working, so I'm leaving it alone.  Also, how will other architectures (i.e. x64) boot if we ever go down that path? (Edit, I see that last question is answered in a blog comment.)

    --Seek Truth, and you will find Joy!
    Wednesday, August 06, 2008 10:15 PM
  • I had to post this somewhere because after a couple months of looking i found nothing giving this advice to fix WDS and DHCP being on separate servers and i only found it by sheer dumb luck.

    if DHCP and WDS are on separate servers, make sure the "WinHTTP Web Proxy Auto Discover" service is started and set to automatic on the DHCP server. By default this service is set to manual, so it does need to be enabled because without it the WDS server will not receive the PXE requests properly. Also, you do NOT need to configure options 60, 66, and 67 on the DHCP, with the WinHTTP service it should all function and the WDS should manage the PXE clients properly. 
    • Proposed as answer by bluntTony79 Monday, June 18, 2012 1:46 PM
    Monday, March 16, 2009 5:20 PM
  • I was using the DHCP MMC on my workstation to authorise the WDS server. However when I checked the DHCP console on the DHCP server itself, I found that the WDS server was on twice (once with a static address and the second time with a previous DHCP address it had).
    I unauthorised the the 'rogue' DHCP IP address associated with is and refreshed. checked  only the WDS (with it's actual IP) and the DHCP server showed.

    Then I stoped getting 4011 errors.

    I popped in the 66 and 67 options. I didn't need a 60 option (maybe because everything is on one subnet?).

    Option 066 is the IP address of my WDS server
    Option 067 is \OSChooser\i386\startrom.com

    Hope that helps
    Tuesday, June 09, 2009 11:00 AM
  • I am having a DHCP/PXE related problem.
    We are running a Windows 2003 SP2 DCHP / DNS / AD and also supporting a wide selection of Unix and Linux systems on x86, x86_64 and IA64.

    We need to be able to boot these of PXE from our shiny new Windows based environment. For the x86 and x86_64 the PXE seems to be working alright but not for IA64 and elilo.efi systems.

    Configuration:
    Windows DHCP and PXE
    Linux TFTP server

    Before (long time ago), we had problems boot IA64 due to our tftp-server not supporting tsize. That issue has returned now on the IA64 platform.

    The "Option 60" is not configured on our server and I am wondering what implications that might have if I make it available as a selectable option, if that is possible. Can you on choose between enabling it on all scopes or just the systems needing it?

    Any help regarding this issue would be very welcomme.
    Thanks
    Tuesday, June 30, 2009 2:09 PM
  • Hi All,

    Can any one send the link or the steps to configure the AD in windows 2008 server.
    is it same as win 2003 or any change is there?

    Please help me on this.

    Regards
    Satish
    Thursday, December 03, 2009 9:22 AM
  • Hopefully this thread helps some people as it did me. However i had to fight a few things and pull info from a couple of different posts to get everything to work for me.

    My setup:

    2003 DHCP Server / Domain Controller
    2008 WDS Server

    In DHCP i have the following settings:
    Under Scope Options of the Scope/Subnet you want to PXE boot:
    Set Option 66 (Boot Server Host Name) to the IP address of your WDS server
    Set Option 67 (Bootfile Name) to the following path (NO SLASH AT BEGINNING) Boot\x86\wdsnbp.com OR Boot\x64\wdsnbp.com
    This file name for me corresponded to the following local path C:\RemoteInstall\Boot\x64\wdsnbp.com and c:\RemoteInstall\Boot\x86\wdsnbp.com
    NOTE AGAIN NO SLASH AT BEGGING OF THAT PATH FOR THE DHCP Option!!!

    Ok DHCP should be all set to go. Of course this is assuming you already had your DHCP server working to give addresses out, this is not a DHCP setup tutorial just for PXE/WDS DHCP booting on a seperate server.

    Lastly, i had to enable the service "WinHTTP Web Proxy Auto Discover" as Summer Glau mentioned above.  Although i've heard people get it to work without, for me it would only work once i enabled this service.  As Summer Glau mentions that service by default is marked as Disabled and Stopped, so you need to set the service to Automatic, and Start the service.

    Now for the WDS setup:
    Open the console, and expand Server.  Right-Click your server name and choose Properties
    Under the DHCP tab UNCHECK BOTH BOXES (Do Not Listen on Port 67) and (Configure DHCP option 60....)
    The first checkbox is to see if your DHCP server is on the local machine (MS or not) or elsewhere
    The second checkbox is to mark the local server as a MS DHCP server, which allows it to use Option 60 instead of having to set options 66 and 67.  Therefore we do not want to use this option!

    Ok that should do it.  For me my clients are on a different subnet than the servers, but both the DHCP and WDS server are on the SAME SUBNET.  Hopefully this does not affect things.  

    CapnDoody
    • Proposed as answer by CapnDoody Thursday, January 14, 2010 5:31 PM
    Thursday, January 14, 2010 5:31 PM
  • ... enable the service "WinHTTP Web Proxy Auto Discover" as Summer Glau mentioned above...

    ... was what I was looking for. Thanks forum
    Monday, March 08, 2010 12:58 PM
  • If someone could provide me with a network capture from the WDS server of the broken scenario that was fixed by enabling the "WinHTTP Web Proxy Auto Discover" service I would appreciate it.
    Tuesday, March 09, 2010 12:33 AM
  • This guy has it right, the only server options you need when dhcp is on different server would be 66 and 67.

    60 is only when wds and dhcp are on the same server.

    66 = FQN of the wds server 

    67 = boot\x86\wdsnbp.com

     

    Tuesday, April 20, 2010 8:00 PM
  • BUT, nobody ever menitions the SCOPE properties, as regards the "Advanced tab."

    Does PXE boot use 'BOOTP' or not?

    On Windows 2003, for example, right-click the top-most folder in DHCP admin called "Scope" and go to "Properties." Then click the "Advanced" tab.

    There you have 3 options for "Assign IP addresses dynamically to clients of:"

    1) DHCP only

    2) BOOTP only

    3) Both

    It is set to "DHCP only" in my case. Does this setting matter? If PXE is not using 'BOOTP' as its protocol/method, then I should not have to check the "Both" box.

    Does anyone know the details on that?

    Thanks in advance. (FYI, WDS & DHCP are on separate servers, but within the same subnet.)


    tnjman
    Friday, August 19, 2011 7:49 PM
  • I know this is an old thread, but summer glau has it correct - no need to be setting options on the DHCP server - if WDS and DHCP are on seperate servers, simply start the WinHTTP Web Proxy Auto Discover service on the DHCP server. Simple :)

    I too was having trouble finding this apparently simple bit of info - thanks!

    Monday, June 18, 2012 1:49 PM
  • I know this is an old thread, but summer glau has it correct - no need to be setting options on the DHCP server - if WDS and DHCP are on seperate servers, simply start the WinHTTP Web Proxy Auto Discover service on the DHCP server. Simple :)

    I too was having trouble finding this apparently simple bit of info - thanks!


    What id your DHCP server is not a Windows based DHCP server? We run *nix systems usng dhcpd annd have been trying to integrate WDS in that environment. Anyone else run across a fix?
    Thursday, June 21, 2012 4:29 PM
  • Just spent a couple of hours troubleshooting a problem along these lines and thought it would be worth sharing my experience.  There are many, many solution permutations that I've been reading, and my fix was remarkably easier than expected.  The problem for me cropped up when we migrated our DHCP server to a different box (previously it was with WDS).  In other words, my solution is relevant to a scenario where WDS and DHCP previously coexisted on the same box and are now being separated.  I would guess that something similar to the solution below would work for a fresh deployment.  All of our private VLANs are fully routable.

    Original Configuration

    • SERVER1: WS2008R2SP1 Std, on VLAN10 -- domain controller (all FSMO), Windows DHCP, WDS, NPS, DNS, WINS
    • DHCP Configuration: 060: PXEClient, 066: server1.domain.com (no 067 option defined)
    • ip helper-address pointing to SERVER1 only
    • WDS Configuration: "Do not listen on port 67" option checked

    New/Current Configuration

    • I migrated DHCP services off of SERVER1 to SERVER2, but everything else on SERVER1 was left intact.
    • SERVER2: WS2008R2SP1 Ent, 2-node cluster, on VLAN20
    • DHCP Configuration: 060 option removed, 066 option left as-is, 067 option set to "boot\x86\wdsnbp.com" (no leading back slash), no 043 option defined
    • ip helper-address points to SERVER2 only
    • To reiterate: I only have the 066 and 067 options configured.  043 and 060 are not there
    • WDS Configuration: "Do not listen on port 67" option unchecked

    Solutions Mentioned Above That DID NOT Work For Me:

    • enabling "WinHTTP Web Proxy Auto-Discovery Service" on the DHCP server
    • configuring the 043 option
    • Proposed as answer by BenMinehart Wednesday, July 11, 2012 8:29 PM
    Wednesday, July 11, 2012 8:29 PM
  • Hi,

    I'd like to respond in part blackjack's comment about:
    "trying to install my DHCP server on a server different from my WDS server."

    and BenMinehart's comment about:
    "a scenario where WDS and DHCP previously coexisted on the same box and are now being separated"

    I have experienced this and attempted to troubleshoot... I think myself pretty hot on both DHCP and WDS, but got stuck doing this today.
    We moved DHCP off a WDS system and placed on our DC as we intended.
    Everything in DHCP was working... apart from PXE.
    I spent about almost 2 hours playing with WDS/DHCP options and researching fixes, until eventually coming across the real solution.

    Stop the DHCP Server service on the WDS.

    We first had the server unauthorised, and then we eventually deleted the scope... but that isnt good enough. The service MUST be stopped/disabled.
    If DHCP Server service is running locally, but scope is not configured – WDS will not work with a remote DHCP server (unless it part of a split-scope server setup)

    You do NOT need option 060 for remote server DHCP
    You do NOT need option 067 for remote server DHCP

    Option 066 is optional, but I recommend setting it for peace of mind. Also means if you network is or expands beyond 1 subnet range you dont have to think about it.

    Hope this forms part of someone's solution down the line - I couldn't find anything definitive on this when I looked.



    • Edited by Melvatron Friday, July 27, 2012 2:17 PM poorly formatted
    Friday, July 27, 2012 2:13 PM
  • So the 067 option for MDT server use is the same as in Configuration Manager, Boot\x86\wdsnbp.com?  
    • Edited by yannara Tuesday, December 18, 2012 11:53 AM
    Tuesday, December 18, 2012 11:53 AM