PXE-E32: TFTP Open Timeout


When the PXE client comes up with the PXE copyright message and
completes the DHCP phase, but then displays:


After a
while, the following error message is displayed:

PXE-E32: TFTP open timeout

Depending on the PXE client's system setup boot device list
configuration, the PC then either stops or tries to boot from the next boot
device in the system setup boot device list.


The "PXE-E32" error indicates that the PXE did not get a reply from the TFTP server when sending a request to download its boot file. Possible causes for this problem

1. There is no TFTP server
2. The TFTP server is not running
3. TFTP and DHCP/BOOTP services are running on different machines, but the next-server (066) option was not specified


Make sure that a TFTP server is set up and running. When the TFTP service is running
on a different machine than the DHCP or BOOTP service, you need to add option
066 (next-server) to the DHCP/BOOTP server configuration, and set this option's
value to the IP address or "resolvable hostname" of the TFTP server. When option
066 (next-server) is not defined, the PXE client assumes that the TFTP service
is running on the same machine from which it received its DHCP/BOOTP
configuration information.


This problem occurs after you apply security update MS08-037.  For more information, click the following article number to view the article in the Microsoft Knowledge Base:

MS08-037: Vulnerabilities in DNS could allow spoofing


Windows Server 2008 R2

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
      (http://support.microsoft.com/kb/322756/            )

How to back up and restore the registry in Windows

To work around this problem if you do not require Windows Deployment Services to use a static port range, you can configure Windows Deployment Services to dynamically query WinSock for available ports instead of using a port range.
To do this, follow these steps:

  1. Start Registry Editor. To do this, click Start

    Collapse this imageExpand this image , type regedit in the Start Search box, and then press ENTER.

    Collapse this imageExpand this image

    If you are prompted for an administrator password or for confirmation, type the password or provide confirmation.

  2. Locate and then click to select the following registry key:


  3. Right-click UdpPortPolicy, and then click Modify.

  4. In the Value data box, type 0, and then click OK.

  5. On the File menu, click Exit to exit Registry Editor.

  6. Restart Windows Deployment Services.

WDS logging can be enabled by editing the value of this registry key and setting it to


This then logs to %WINDIR%\tracing\WDSServer.log

One thing which can go wrong with TFTP is that WDS tries to use a temporary range of UDP ports, if any of these are already in use instead of nicely failing the connection and trying again on another port it simply borks, and fails, silently (unless you enable
the log...)

The logging in question is:

[8436] 12:01:36:
[698808][WDSPXE] [WDSPXE][UDP][Ep:] Sent To:
[8436] 12:01:36:
Expression: , Win32 Error=2
[8436] 12:01:36: [WDSTFTP][UDP][Ep=0]
Registration Failed (rc=2)
[8436] 12:01:36:
Expression: , Win32 Error=2

Oddly it seems that under "normal" operation
you get a lot of these:

[9488] 12:42:17:
Expression: , Win32 Error=5023


Post a Comment