In a previous post (PXE Booting for Microsoft Deployment Toolkit) I mentioned that I would talk about how to set up PXE to deal with VLANs. To be honest I forgot all about it until someone on twitter reminded me – many thanks for the reminder!
A lot of what I’m going to go through in this post I learned from this YouTube video from BranchCache Bob, here’s the video. There are some differences, which I’ll point out below.
You have multiple VLANs, and have a mixture of devices with BIOS and UEFI and need to boot them from the network using PXE from a WDS server.
- A Windows Deployment Server.
- A Microsoft DHCP server (does not have to be running on the same server as WDS).
- Have the DHCP server’s IP as a helper address on your network switch for each VLAN you want to boot.
Defining DHCP Vendor Classes
The first thing to do is to define the vendor classes for the BIOS PXE Client x84 and x64 and the UEFI PXEClient x86 and x64. To do this:
- Go to DHCP, right-click on IPv4.
- In the DHCP Vendor Classes window, click Add.
- For the Name enter PXEClient (UEFI x86).
- For the Description enter whatever you want.
- Under the ASCII text enter PXEClient:Arch:00006 (you will not be able to paste this text, and it’s also case-sensitive.
- Click OK to add it to the list.
- Now repeat steps 2 – 6 for PXEClient (UEFI x64) with PXEClient:Arch:00007 as the ASCII value.
- Finally, repeat steps 2 – 6 for PXEClient (BIOS x86 & x64) with PXEClient:Arch:00000 (five zero’s) as the ASCII value.
You should now have three additional vendor classes.
Creating the DHCP Policies
Now we’re going to create policies in DHCP so that the correct files are served to the correct clients. You will need to do this for each DHCP scope.
- Go to DHCP and expand the scope you wish to create a policy for.
- Right-click on Policies and choose New Policy.
- Enter PXEClient (UEFI x64) for the name.
- Enter a Description, or leave it blank. Click Next.
- On the Configure Conditions for the policy screen, click Add.
- In the Add/Edit Condition window, click the Value: drop down menu.
- Choose the PXEClient (UEFI x64) vendor class you created earlier.
- Tick the Append wildcard(*) check box and then click Add and finally Ok.
- Click Next on the Configure Conditions for the policy screen.
- On the Configure settings for the policy screen, click No for the Do you want to configure an IP address range for the policy. Click Next.
- Please Note: if DHCP is on the same server as WDS, you will need to set option 060, if WDS is on a different server, you do not need to set option 060.
- On the Configure settings for the policy screen, scroll down until you see options 060 (if applicable), 066 and 067.
- Tick option 060 and enter PXEClient if applicable.
- Tick option 066 and enter either the FQDN or the IP address of the WDS server.
- Tick option 067 and enter boot\x64\wdsmgfw.efi – this is the x64 UEFI boot file for WDS. Click Next.
- On the Summary screen, if all the details are correct, click Finish.
- Now repeat steps 2 – 14 for PXEClient (UEFI x86) with boot\x86\wdsmgfw.efi as option 067.
- Finally, repeat steps 2 – 14 once again for PXEClient (BIOS x86 & x64) with boot\x64\wdsnbp.com as option 067 and leave option 060 empty.
Don’t forget to repeat the above for each VLAN you wish to PXE boot from.
Now in DHCP, if you expand the Scope Options folder you should see the new options you just created and under policy name should be the names of the policies you just created. You should be able to boot both a UEFI and BIOS devices from the network.
Please note, if DHCP is installed on the same server as WDS, you will need to check both the Do not listen on DHCP ports and Configure DHCP options to indicate that this is also a PXE server options. I do not currently have DHCP and WDS on the same server, so I cannot reliably test this on a multi VLAN network.
On my production network, I had previously added a helper address for the WDS server along with the DHCP server, so I have two helper addresses. I have not added policies for anything except PXEClient (UEFI x64) as my standard BIOS devices booted without issue, but my UEFI devices wouldn’t boot at all. I haven’t added PXEClient (UEFI x86) as all my devices boot x64 images and use x64 Task Sequences. So I have only one Policy in DHCP/IPv4/Scope x.x.x.x/Policies. My WDS server is running Windows Server 2016 and my DHCP server is Windows Server 2012 R2. An issue I currently have is that I cannot perform more than 2 or 3 PXE boots at a time, but no doubt it’s something to do with the “unique” configuration of my network. My point is that your mileage may vary, but hopefully this post helps you out in some way. If you’d like to get in touch with me please leave a comment or tweet me.
Follow Mike on Twitter: @Digressive