Sean Lee <[EMAIL PROTECTED]>:
> Hi
>
> I have a problem which I believe is related to RH 7.2 (firewall)
> security
> settings.
>
> Setup:
> o Server: RH 7.2 with the latest LTSP and TFTP server running (RealTek
> 8139C)
> o Client: Intel 100ProB (of course, no OS, just rom-o-matic-created
> bootable floppy)
> o DHCP Server: RH 7.2 with (originally) "High Security" Firewall Setup
It could be the firewall settings are playing some part here. Try turning the
firewall off completely. Verify with ipchains -L or iptables -L, all policies should
be ACCEPT.
> and
> two NICs
>
> So I did everything like the book says, installed LTSP, etc., created a
> PXE-bootable floppy.
> Now the problem:
> 1. Boot the client - everything goes fine, DHCP found (192.168.0.1), IP
> address obtained (IP~.12), TFTP (IP~.22) is properly contacted and then
> "........" or " / | \ -", depending on my preference :-)
> 2. On the LTSP/TFTP server I used tcpdump and found out that:
> a) my LTSP/TFTP server gets requests for the right image via DHCP server
>
> (=router) and sends them to the DHCP Server which is supposed to forward
>
> them to the thin client.
> =>(incoming from the client) ltsp.internal.com.tftp RRQ 26 (Image
> "/lts/vmlinuz.ltsp") <---or something like that.
> b) the DHCP server cannot contact the proper port on the client PC
> =>Error (from DHCP/router) ICMP: client.internal.com.... udp tftp port
> unreachable (tos 0xc0)
>
> Clues:
> 1. I can't ping the client's IP address from any of DHCP Linux or
> Windows
> clients on the same subnet, but I can ping both LTSP/TFTP Server and the
>
> DHCP server. Why?
Probably because the NIC is not set up yet, or it will not accept incoming
packets for some reason. I think you need to specify how far the client gets
when it is booting and what error message you get.
> I am also sure that the boot disk is correct because I tried to another
> (commercial) disk with same result and also it can boot and request the
> image from the LTSP server.
> Why the client can't be pinged? Since it can contact other computers,
> one
> would expect its IP should be online/pingable.
> 2. RH 7.2 DHCP server had High Security in Firewall Settings, now it
> still
> has two NICs (eth0 and eth1), maybe TFTP packets get blocked due to some
>
> setting(s) there. I don't understand why TFTP requests go one way (to
> the
> LTSP server) but can't be sent back. If it's a firewall problem (or a
> route
> problem), shouldn't it be both ways (both incoming and outgoing TFTP
> port
> would be blocked)?
No. That depends entirely on the rules set you have.
> 3. Intel Express 460T switch - maybe there's some special config that
> prevents the packets from going thru?
>
> I think I should first make sure I can ping the client (the fact that I
> can't is weird) or maybe just try to make a direct cross-over LAN cable
> connection between the LTSP server and the client?
> Originally I had everything on the server (LSTP, DHCP, TFTP) but since
> that
> didn't work (same problems), I moved DHCP to gateway which didn't help.
>
> Sorry about the length of this message, I hope most of you prefer this
> than
> "HELP!!! It doesn't work"...
>
> Thanks for any suggestions..
--
Mvh Ragnar Wisl�ff
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.openprojects.net
