SCCM, WOL, and ARP
I've been reading all over the net about this issue, but can't seem to come up with any solutions. For something that is supposed to be simple, it sure is frustrating!Environment:Windows 2003 R2 SP2 ServersWindows XP ClientsSCCM 2007 SP1 Server3Com switchesSame Subnet, no routers in the way.Using a few different tools, I can use WOL to wake a PC successfully. It's functional. When I try to do a WOL from a Mandatory advertisement within SCCM, it's intermittent. We are configured to use Unicast from SCCM. In reading, the ARP cache needs to be populated in order to work. According todocumentation, the SCCM Server is supposed to use the hardware inventory to grab the MAC address, which would then populate the ARP cache. I can watch the ARP cache as it tries to send out a packet. The IP address will show up, with the MAC address of all 00's for all of about 3 seconds, then disappears. when that happens, the PC does not wake up. If I configure a static entry for the ARP cache, it works every time.I have seen talk in the Forums about getting the router's ARP Cache populated, but that doesn't seem to fit our problem. The breakpoint seems to be within SCCM itself. It doesn't seem to be grabbing the MAC address properly, or at least putting it in the ARP cache. BTW, we have made sure the Hardware Inventories are done on a daily basis, which should be more than ample time to have correct information.Please Help.Matthew Williams
March 13th, 2009 1:59pm
I would call PSS.John Marcum,
Systems Management Architect -
www.TrueSec.com
Free Windows Admin Tool Kit Click here and download it now
March 16th, 2009 9:43am
If all your clients are in the same subnet, I would use broadcast WoL. It works much better in one subnet compared to unicast WoL.With unicast WoL in your scenario the site server should keep the MAC addresses in its ARP cache longer. By default, Windows Server 2003 has2 minute time-to-live for unused ARP cache entries and 10 minute TTL for used entries. You can change the default TTL value by increasing ARPCacheLifevalue in the registry. See:http://technet.microsoft.com/en-us/library/cc739819.aspxWindows Server 2008 has differnet ARP cache parameters, so the following article is only for Windows Server 2003.If your clients would be in the different subnet from the site server, the router's ARP cache TTL needs to be increased. By default, e.g. Cisco's routers have 4 hour TTL. Panu
March 16th, 2009 12:18pm
Thanks for your replies, John and Panu. While I understand the ARP cache time-to-live is not all that long, I don't think that's the problem. As I had mentioned,I have seen talk in the Forums about getting the router's ARP Cache populated, but that doesn't seem to fit our problem. The breakpoint seems to be within SCCM itself. It doesn't seem to be grabbing the MAC address properly, or at least putting it in the ARP cache.If you could help me with that, it would be wonderful. I'm trying to avoid a call to PSS if at all possible, but it is on the table.Matthew Williams
Free Windows Admin Tool Kit Click here and download it now
March 16th, 2009 1:34pm
So in effect, the Unicast WOL through SCCM is useless? If I have to wake machines up daily, I know the ARP cache is going to time out after just a few minutes, let alone hours. What I'm reading is that ifSCCM does not have a static ARP Cache, it does not do Unicast WOL. Is that correct?
If so, Microsoft should look at removing that portion.Matthew Williams
March 16th, 2009 3:27pm
Excellent post Thorbjrn.
I have one thing to add and one question.
For those of you above who talk about ConfigMgr and the MAC address in the database, you are confusing what ConfigMgr uses the MAC address for (it does use it) and how TCP/IP works. Thorbjrn explains the TCP/IP side of very things well. In the
unicast scenario, to deliver the magic packet to the client standard TCP/IP is used and if the MAC address is not in the appropriate ARP cache or the machine doesn't respond to an ARP request then the packet will not be delivered. Nothing wrong with
ConfigMgr, this is how TCP/IP works. ConfigMgr nor Windows will use the MAC address in the database to deliver the magic packet. Where ConfigMgr does use the MAC address from its database is in constructing the contents of the magic packet.
The payload of the magic packet does contain the MAC address (16 times in fact) and that will be the MAC from the database. See here for full details:
ConfigMgr 2007: Implementing Wake-on-LAN (WoL)
My question ... perhaps you can help Thorbjrn?
Can anyone find a reference about ARP Offload and a machine that has been powered down (ie. S5)? I don't think ARP Offload gives me a solution because our user population turns off their machines each night. 50K users is a bit difficult to re-educate.
I found this thread looking for the answer to this question because when I found out about ARP Offload I got excited and hoped I wouldn't need subnet-directed broadcasts. Unfortunately the little evidence I can find seems to say Thorbjrn
is right and machines that have been powered down will not respond to ARP requests and the benefit I was hoping that provided.
Finally, here is a good article on Windows 7 and network adaptor power management (relevent to this thread):
Power Management for Network Devices in Windows 7
Free Windows Admin Tool Kit Click here and download it now
June 18th, 2012 5:13am