Hi I am new to BIOS and UEFI firmware. I am using PXE to download boot images for UEFI and BIOS.
I found that when I do network boot using BIOS, it broadcast UDP packets and my PXE server can process it.
But with same configuration if I do network boot using UEFI, target system does not broadcast UDP packets.
I have created a target system (bare metal system) on VMware ESX 5.5.
I am using wireshark to debug. I can see that In case of EFI based boot target does not get the ip address. Even though my DHCP server broadcast DHCPOFFER packets, target continuously sends the DHCPDISCOVER packets. I mean at some point in time target has to send DHCPREQUEST packet. But same thing works fine if I boot through BIOS.
Above problem get solved If I add bootfile name and nextaddress in dhcp.conf (DHCP Server is in Linux). But as per my requirement I can not hard code the nextAddress and bootfile name, it will be added on fly in PXE server.
Edit 2: So in my case I am adding all the required parameters at PXE side like next server address, boot file name etc.
But if I do that I am not getting reply (DHCPREQUEST) back from client (UEFI based client) . But if configure same parameter at DHCP server it works well.
In case of BIOS in same environment, I have configured all parameters in PXE server and I am getting reply back (DHCPREQUEST) from client.
Just a pointer do we need to enable something at UEFI client to listen PXE parameters (Options). In my case I have made "EFI NETWORK" as primary boot.
Please help me on this. Thanks.
in both cases when the target starts a network boot it will initially broadcast the DHCP DISCOVERY packets.
If you do not see them when net booting UEFI based targets then you are probably not really netbooting or you have some firewall issue.
Edit 1.
You have a DHCP and a PXE server both providing booting info?
that's not good. You can either have:
DHCP server offering PXE parameters
Regular DHCP server plus a proxyDHCP only offering PXE parameters.
read what a proxy server does here
If efi fails to get the IP it is because is not receiving a an IP "plus" the PXE parameters.
Related
I've been searching high and low for a simple explanation for this. What configuration settings do I use to connect my Sonoff RF bridge to the Mosquitto server on my computer? I'm sure it's a configuration issue but most of the tutorials out there are for rPi. My skill level in this is basic and I'm sure it may be obvious to someone what's wrong.
I'm running Mosquitto on Windows 10 and have verified that the Mosquitto server is running using netstat -a (I can see the broker is listening at 0.0.0.0:1883.
I've installed Tasmota Eclipse on my Sonoff RF Bridge and have verified it is receiving signal from my door sensor by opening the UI in my browser and viewing the console. I've tried multiple host addresses in the configuration menu; localhost, 0.0.0.0, 10.0.0.1, however Tasmota only seems to connect when I leave the host field blank.
I've tried to use MQTTlens to verify that the broker is receiving messages on port 1883 and nothing seems to be coming through.
0.0.0.0 is a short hand to tell mosquitto to listen on all the available interfaces on the machine it is running on. It is meaningless to use it in the client configuration.
Likewise, localhost always means the same machine that the code making the request is running on, so in this case it would be the Sonoff device it's self.
It looks like 10.0.0.1 is the address of your local router, unless mosquitto is actually running on the router (it is very unlikely your windows machine is your router) this again is not going to be useful.
You need to use the IP address of the Windows machine that mosquitto is running on, this is going to start with 10.0.0. running ipconfig on the command line in windows is probably the quickest/simplest way to find that address.
I have a network application environment of 7 applications communicating with eachother through UDP and TCP. All of them using either the machine's local network IP or 127.0.0.1 (localhost) to listen on ports or connecting to eachother.
All these applications are running on a single test machine.
I want to analyze precisely how each application communicate with the others so I tried Wireshark and Netmon. However both Wireshark and Netmon don't show me any of the packets sent or received by any of these applications.
What can I do to analyze this environment? Does Wireshark or Netmon able to analyze that? Is there a problem tracking packets using same source and destination IP?
what interface did you select in Wireshark for capturing traffic?
For your case, I think you should select "Adapter for loopback traffic" in Wireshark.
It will capture loopback communication for your locally hosted application.
I currently have a Firebird 2.5 database at a client premises, installed on a Windows 7 Pro machine (32 bit), that has multiple stations in their local network that can connect to the database, along with the local machine being able to connect with our application and IBExpert.
However, for some of our software packages, a remote connection is required (outside of the local network). This previously was working but no longer works.
When I connect with FlameRobin from my office (I'm located in a different city / different network), I receive the following error message:
IBPP::SQLException
Context: Database::Connect
Message: isc_attach_database failed
SQL Message: -923
Connection not established
Engine Code : 335544421
Engine Message :
connection rejected by remote interface.
Performing this connection attempt with IBExpert, both from my office and from other external networks fail with a same message.
However, I am getting TCP/IP communication from what I can see. Here are the details of my troubleshooting steps for the last week:
Originally, I was receiving the following error when connecting from outside the network:
"Connection not established
Connection refused by remote interface"
Since that time, we have done a restart of the router and now have the current "connection rejected by remote interface." error message.
I can telnet to the public IP through port 3050 from my office and other outside networks.
I tested port 3050 on sites like YouGetSignal.com or CanYouSeeMe.org and they appear as open.
Other ports that we communicate on publicly are open and communicating.
The site has Kaspersky antivirus installed but all tests to connect via IBExpert while Kaspersky was in sleep mode behaved the same.
Installation of Firebird 2.5 to another workstation in the same local network, pointing to port 3051 (both in Firebird.conf and in the Windows Firewall and Router) show up as being open through Telnet and CanYouSeeMe.org but again, cannot be communicated on from outside via port 3051.
IBExpert works from a workstation in the network to the server
The server currently has no entry for RemoteBindAddress in the Firebird.conf
Wireshark shows that when a connecting from outside, there are packets coming through.
The TCP/IP test in IBexpert under Communication Diagnostics for the public IP as the host and the Service show the following Test Results:
Attempt connecting to XX.YY.ZZ.AAA.
Socket for connection obtained.
Found service 'GDS_DB' at port '3050'
Connection established to host 'XX.YY.ZZ.AAA',
on port 3050.
TCP/IP Communication Test Passed!
Database path, username, and password have all been checked multiple times.
locally on the server, I've changed security of the database.FDB and the security2.FDB to have Everyone, Full Control
At this point, we have a scheduled restart of the ISP's modem happening soon, although the fact that we have full TCP/IP communication over the port makes me doubtful that this is the issue.
If anyone can lead me down any recommended next steps to debug or to any tools that are available to help in this situation, that would be greatly appreciated.
This turns out to be a networking issue. We performed the following tests:
We performed a power cycle on the ISP's modem which showed no change in behavior
We connected a laptop directly to the ISP's modem but couldn't communicate to FB even with proper port forwarding rules in place on the machine and firewall.
We ran wireshark on both sides and on connection attempts, we found many attempts to connect with retransmissions that failed.
The technical team at the client side decided to install a VPN capable router and now we're good to go. From what we found there may be some kind of ISP blocking occurring as many of the tech teams remote services were failing to connect with similar behavior.
Hopefully this post helps people in the future with remote connectivity debugging, and all of the places you can look at when you're running into this problem.
Can someone explain why using a port is necessary when running things locally?
I assume the reason is because the same software could be run remotely and in that case specifying a port would be necessary.
When a database or server is running locally, do requests from a locally running web browser really "go through the port" specified?
Good question. In fact, there are local-only communication protocols, such as pipes and UNIX domain sockets that do not actually require port numbers to operate. This is because they refer to files or other identifiers that are only valid on the computer itself.
However, most servers are designed for TCP/IP connections. TCP/IP itself specifies a port number in the protocol. It is normally intended for remote use, but when a server that is used to TCP/IP runs "on local host", it must supply a port number to satisfy the TCP protocol.
Port numbers also enable multiple servers to coexist on a single computer, all running on different ports. For a protocol without port numbers, this is achieved by using different identifiers (e.g. a filesystem file) for each server.
Some servers can operate on both TCP/IP and local sockets. For example, MySQL can accept connections both through the usual TCP port, and also through a local socket (mysql.sock). Connecting through the local socket is reserved for local users only, and may be faster on some systems.
Sometimes You may have some other software installed in your computer that may use the same port. For instance Apache and IIS: imagine you set port 8080 to IIS as default, what about if you had previously installed Apache set port 8080 ?
Another example will be if you installed Mysql Workbench and days later install XAMPP you may have trouble with the ports if you don't change one instance's port different from 3306
This is why it is necessary to specify ports even though is locally.
I made a C# program with a client and a server that comunicates fine between them. Information is received by the server and stored in a MySQL Database with no problems. However I wanted to use wireshark to monitor how safe/encrypted was the information and couldn't find the communication using wireshark. My program uses sockets to connect the server and client, on my test the server and client are running at adress 127.0.0.1 or local IP machine (something like 192.168.13.191), server listens/connects using port 3608 and client a much higher random port, and all the filters I used on wireshark return nothing.
So far I tried:
ip.addr == 127.0.0.1 (show only packages whose origin or destination are 127.0.0.1)
ip.addr == 192.168.13.191 (same as above)
tcp.port == 3608 (show only packages whose origin or destination is this port)
tcp.port == client_port (same as above)
tcp contains 01:00:00:3B (only packages with a few of the bytes I'm sending)
My idea was to find at least one message from the client to server and use the "Follow TCP stream" option from wireshark, but all these filters return a black screen when used individually. I have no idea why, because when I run netstat -a on a windows command I can see the program have a established connection and is also listening for new connections on port 3608. Anyone have any idea what is going on or what filter should I use? Operational system somehow is "redirecting" traffic from port 3608 to another?
Thanks!
Wireshark doesn't pick up loopback packets. You'll have to install the client or server on another machine and then try again.
EDIT: After doing some reading I've discovered that this really doesn't have anything to do with Wireshark but with the way WinPcap works. In any case, running the client or server on another machine will solve the problem.