fugrat1
Enthusiast
Enthusiast
‎08-04-2023 08:27 AM

PXE across NSX-T bridge

I have an environment where I am migrating from NSX-V to NSX-T.  I have bridges setup between the 2 environments but when I migrate the SCCM server across the PXE boot stops working.  The bridging is working fine as I can ping and RDP to the server but my PXE clients are failing to connect once the machine is moved across to the NSX-T segment.  I have migrated the firewall rules across using the migration co-ordinator so it shouldn't be any issues there.  Does anybody have any ideas as to what it can be please?

Reply
0 Kudos
Gizzie
Enthusiast
Enthusiast
‎08-04-2023 08:38 AM

A few thing pop to my mind immediately:

  • Is DHCP server is sending out correct IP and bootfile info to the PXE clients?
  • Is the TFTP server is accessible to the PXE clients and that it is hosting the correct bootfile.
  • Are The firewall rules updated?
  • Double-check the SCCM server's PXE configuration.

 

Reply
0 Kudos
fugrat1
Enthusiast
Enthusiast
‎08-04-2023 08:57 AM

Thanks for the quick response Gizzie

The PXE service is working fine within the NSX-V environment so I know that all settings in DHCP etc are all correct.  When the machine is migrated across to an NSX-T host and connected to the corresponding segment (which is bridged to the NSX-V logical switch) then PXE stops working.  No network changes have been made to the machine, and I can ping and RDP to the machine so I know that the bridging is working fine.

Reply
0 Kudos
CallistoJag
Hot Shot
Hot Shot
‎08-05-2023 12:16 AM

Interested in how are you setting up the bridge between the environments? When we migrated we used HCX to stretch the network temporarily. Then moved the entire subnet across once migrations completed for that subnet. SCCM worked throughout the migration in this case.
Reply
0 Kudos
bmcb555
Enthusiast
Enthusiast
‎08-05-2023 01:05 PM

I'll disclose I am not an expert on NSX-V, my knowledge is of NSX-T, however, by default an NSX-T backed segment will drop PXE traffic. This is because under the Segment Security Profile Server Block is enabled.

Networking > Segments > Profiles you'll find it there. Create a new one and disable Server Block. Add that new profile to the NSX segment and you should get PXE back. I've come across the same thing in my experience.

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-C34CCED2-128E-49A6-98CE-...

View solution in original post

Reply
fugrat1
Enthusiast
Enthusiast
‎08-10-2023 01:39 AM

Thanks this sorted it for me!

Reply
0 Kudos