Ok, I've attempted two different DHCP templates today and couldn't get either setup to work. I'm certain that it's a misconfiguration somewhere on our side, but here goes:
This is the list of options requested by the 5406/5412
I tried to use Option 150 for specifying the TFTP server
and tried to use Option 66 as an alternative (added a config file for Option 67)
After DHCP has been negotiated, the switch will then attempt to TFTP the file image. It still attempts to pull it from the DHCP server instead of the TFTP server :(
The TFTP server is reachable by the switch. However, the logs seem to indicate that the switch is mistaking the DHCP server to be the specified TFTP server.
I 02/27/17 14:53:07 00083 dhcp: AM1: updating IP address and subnet mask
I 02/27/17 14:53:07 05177 ip: AM1: Setting IP address 10.3.35.1 as default gateway.
I 02/27/17 14:53:07 00025 ip: AM1: DEFAULT_VLAN: ip address 10.3.35.28/24 configured on vlan 1
I 02/27/17 14:53:07 03783 dhcp: AM1: DHCP server did not offer all the DNS parameters on Primary VLAN
I 02/27/17 14:53:07 05101 amp-server: AM1: AMP server details configured.
I 02/27/17 14:53:08 00091 dhcp: AM1: Trying to download Image File (using TFTP) received in DHCP from 10.8.0.26
W 02/27/17 14:53:20 00136 tftp: AM1: Connection to 10.8.0.26 failed
W 02/27/17 14:53:35 00136 tftp: AM1: Connection to 10.8.0.26 failed
I 02/27/17 14:53:37 00179 mgr: AM1: SME CONSOLE Session - MANAGER Mode
---- Bottom of Log : Events Listed = 103 ----
HP-Switch-5406Rzl2# ping 10.11.64.244
10.11.64.244 is alive, time = 1 ms
HP-Switch-5406Rzl2#
I've included two packet captures, each one with their respective DHCP options.
Please note that I did change the IP addresses in my original post to match their actual addresses. Our security team has a legacy rule about obfuscating/"translating" our internal addresses when we post on forums (something about a breach 7 years ago), but since the packet captures have the actual addresses, there's really no point in trying to "hide" anything now :D