Setting Up Network Environment for NetBoot Server

48 users found this article helpful

General Requirements

To enable a Mac to boot from a network using the Parallels NetBoot service, the following requirements should be met:

  1. The Mac must obtain its IPv4 address from the local DHCP server.

  2. The following network traffic must be allowed from the Mac to the NetBoot host:

    a. HTTP (TCP port 80)

    b. TFTP (UDP port 69)

    c. BootP/DHCP (UDP port 67)

Note: “Subnet” and “Broadcast domain” are used interchangeably in this document.


Configuration 1: Mac and NetBoot Server in the Same subnet

In this scenario, no specific configuration is required unless a firewall is enabled on the NetBoot server. If a firewall is running on a NetBoot server, then the following firewall rules must be created:

  1. Inbound connections to TCP port 80 from any client must be enabled. This is usually done with the predefined “World Wide Web Services (HTTP Traffic-In)” rule.

  2. Inbound connections to UDP ports 67 and 69 from any client must be enabled. This is usually done with the predefined “Windows Deployment Services (UDP-In)” rule.


Configuration 2: Mac and NetBoot Server in Different subnets

In this scenario, the NetBoot server and the Mac are located in different subnets, which means that broadcast DHCP requests from the Mac can't reach the NetBoot server. To solve this issue, the administrator should set up DHCP Relay Agent on the client subnet’s router (R1), which will forward broadcast UDP traffic as unicast to the NetBoot server.

Cisco has excellent documentation on DHCP Relay Agent feature here

Note: On the layer3-capable switch DHCP Relay Agent must be configured on Vlan interface with an IP address assigned, not a physical uplink interface.

Suppose we have the following network configuration:

To setup the DHCP Relay 1, you need to enter the following commands on R1:

configure terminal
no ip forward-protocol udp 37
no ip forward-protocol udp 49
no ip forward-protocol udp 53
no ip forward-protocol udp 137
no ip forward-protocol udp 138
interface FastEthernet0/0
ip helper-address 172.17.2.100
end

No other devices between the Mac and the NetBoot server require a specific configuration. The administrator should only ensure that HTTP (TCP port 80), TFTP (UDP port 69), and BootP/DHCP (UDP port 67) traffic to the NetBoot server is not blocked.


Configuration 3: Mac, DHCP Server and NetBoot Server in Different subnets

In this scenario, the NetBoot server, the DHCP server and the managed computer are located in different subnets, which means that broadcast DHCP requests from the Mac can't reach the NetBoot server.

If your DHCP server is already set up – you’re already using DHCP Relay Agent. Just add a second server to forward DHCP packets to and make sure that the HTTP (TCP port 80), TFTP (UDP port 69), and BootP/DHCP (UDP port 67) traffic is not blocked by your firewall.

If you’re planning deployment – you’ll need to set up DHCP Relay Agent, and set it to forward DHCP requests to two servers: DHCP server and NetBoot server. See Configuration 2 for more details on setting up DHCP Relay Agent.

Was this article helpful?

Tell us how we can improve it.