How can I check my PXE-server configuration

Question

Is it possible to check the things the dhcp-server delivers?

When I configure my dhcp-server I tell it what file to boot from, ex: pxelinux.0, and where it should find it, ex: 192.168.0.112.

Could I verify that this is whats delivered from the dhcp-server somehow without having to actually netboot a machine? I think I'm searching for a some commandline trick here, something like:

I have read this https://serverfault.com/a/875791/243665 but it does not tell me everything. The bootfile name is shown, but the location of the pxeserver (192.168.0.112) is missing. Ex:

$ sudo nmap --script broadcast-dhcp-discover

Starting Nmap 7.60 ( https://nmap.org ) at 2019-12-02 08:49 CET
Pre-scan script results:
| broadcast-dhcp-discover: 
|   Response 1 of 1: 
|     IP Offered: 192.168.0.36
|     DHCP Message Type: DHCPOFFER
|     Server Identifier: 192.168.0.1
|     IP Address Lease Time: 5m00s
|     Subnet Mask: 255.255.255.0
|     Router: 192.168.0.1
|     Domain Name Server: 192.168.100.10, 192.168.100.11
|     Domain Name: ulfexample.com
|     Renewal Time Value: 2m30s
|     Rebinding Time Value: 4m22s
|_    Bootfile Name: /pxelinux.0

Can you add the response you get from the DHCP server? It should contain the data you need to download pxelinux. — Piotr P. Karwasz, Nov 29 '19 at 17:53
i neither see here yozr configuration nor logs sofar for me currently for anybody missing needed Informations — djdomi, Nov 30 '19 at 09:48

Pat · Accepted Answer · 2019-12-18T21:47:55.827

$ sudo nmap --script broadcast-dhcp-discover

uses the script broadcast-dhcp-discover found here:

https://svn.nmap.org/nmap/scripts/broadcast-dhcp-discover.nse

you should replace:

result_table["IP Offered"] = r.yiaddr_str

with:

result_table["IP Offered"] = r.yiaddr_str
result_table["IP TFTP Server"] = r.siaddr_str

Alternatively you could also use

$ sudo nmap --script dhcp-discover

the script is:

https://svn.nmap.org/nmap-exp/patrik/nmap-brute/scripts/dhcp-discover.nse

you should replace:

table.insert(response, string.format("IP Offered: %s", result.yiaddr_str))

with:

table.insert(response, string.format("IP Offered: %s", result.yiaddr_str))
table.insert(response, string.format("IP TFTP Server: %s", result.siaddr_str))

in both cases you should be able to get the PXE info if the NBP is stored in the file field of the DHCP offer and the TFTP server IP is stored in the siaddr field of the DHCP offer

How can I check my PXE-server configuration

1 Answers1