diff options
author | Christian Hesse <mail@eworm.de> | 2015-04-02 10:30:57 +0200 |
---|---|---|
committer | Christian Hesse <mail@eworm.de> | 2015-04-02 10:30:57 +0200 |
commit | ff2cbc8881c5bc7d905cac27de3f82d3c5e9f95a (patch) | |
tree | f004943b196fdd7c5219bf02ab1c51858c58f1b2 | |
parent | d6760cd76c67bb3946b21070ab10fc676a2e7f12 (diff) | |
download | dyndhcpd-ff2cbc8881c5bc7d905cac27de3f82d3c5e9f95a.tar.gz dyndhcpd-ff2cbc8881c5bc7d905cac27de3f82d3c5e9f95a.tar.zst |
use a more complex setup for iPXE network boot
-rw-r--r-- | Makefile | 3 | ||||
-rw-r--r-- | config/dhcpd.conf | 71 | ||||
-rw-r--r-- | config/ipxe-options.conf | 49 | ||||
-rw-r--r-- | dhcpd.conf | 40 |
4 files changed, 122 insertions, 41 deletions
@@ -31,7 +31,8 @@ install: install-bin install-doc install-bin: dyndhcpd $(INSTALL) -D -m0755 dyndhcpd $(DESTDIR)/usr/bin/dyndhcpd $(INSTALL) -D -m0644 dyndhcpd@.service $(DESTDIR)/usr/lib/systemd/system/dyndhcpd@.service - $(INSTALL) -D -m0644 dhcpd.conf $(DESTDIR)/etc/dyndhcpd/dhcpd.conf + $(INSTALL) -D -m0644 config/dhcpd.conf $(DESTDIR)/etc/dyndhcpd/dhcpd.conf + $(INSTALL) -D -m0644 config/ipxe-options.conf $(DESTDIR)/etc/dyndhcpd/ipxe-options.conf install-doc: README.html $(INSTALL) -D -m0644 README.md $(DESTDIR)/usr/share/doc/dyndhcpd/README.md diff --git a/config/dhcpd.conf b/config/dhcpd.conf new file mode 100644 index 0000000..6fe3d76 --- /dev/null +++ b/config/dhcpd.conf @@ -0,0 +1,71 @@ +# dhcpd.conf for interface __INTERFACE__ +# generated by dyndhcpd/__VERSION__ +authoritative; +ddns-update-style none; +ignore client-updates; +default-lease-time 21600; +max-lease-time 43200; + +option domain-name "__DOMAINNAME__"; + +subnet __NETADDRESS__ netmask __NETMASK__ { + option broadcast-address __BROADCAST__; + option routers __ADDRESS__; + option domain-name-servers __ADDRESS__; + option time-servers __ADDRESS__; + + range dynamic-bootp __MINHOST__ __MAXHOST__; +} + +# make sure we do not serve our own address +host localhost { + hardware ethernet de:ad:00:be:ef:00; + fixed-address __ADDRESS__; +} + +include "/etc/dyndhcpd/ipxe-options.conf"; + +class "PXEClient" { + match if substring(option vendor-class-identifier, 0, 9) = "PXEClient"; + + allow booting; + allow bootp; + + next-server __ADDRESS__; + + # Disable ProxyDHCP, we're in control of the primary DHCP server. + option ipxe.no-pxedhcp 1; + + # Make sure the iPXE we're loading supports what we need, + # if not load a full-featured version. + if exists ipxe.http + and exists ipxe.menu + and ((exists ipxe.pxe + and exists ipxe.bzimage + and exists ipxe.elf) + or (exists ipxe.efi)) { + # Everything is fine, just send the boot configuration file. + filename "http://__ADDRESS__:3928/default.ipxe"; + } elsif exists user-class and option user-class = "iPXE" { + # We're already using iPXE, but not a feature-full version, + # and possibly an out-of-date version from ROM, so load a more + # complete version with native drivers. + if option arch = 00:06 { + filename "/ipxe/efi-i386.efi"; + } elsif option arch = 00:07 { + filename "/ipxe/efi-x86_64.efi"; + } else { + filename "/ipxe/ipxe.pxe"; + } + } elsif exists user-class and option user-class = "gPXE" { + # If someone has an old version of gPXE burned into their ROM, + # load a more recent iPXE + filename "/ipxe/ipxe.pxe"; + } elsif option arch = 00:06 { + filename "/ipxe/efi-i386.efi"; + } elsif option arch = 00:07 { + filename "/ipxe/efi-x86_64.efi"; + } else { + filename "/ipxe/ipxe.pxe"; + } +} diff --git a/config/ipxe-options.conf b/config/ipxe-options.conf new file mode 100644 index 0000000..9ea94b6 --- /dev/null +++ b/config/ipxe-options.conf @@ -0,0 +1,49 @@ +# Declare the iPXE/gPXE/Etherboot option space +option space ipxe; +option ipxe-encap-opts code 175 = encapsulate ipxe; + +# iPXE options, can be set in DHCP response packet +option ipxe.priority code 1 = signed integer 8; +option ipxe.keep-san code 8 = unsigned integer 8; +option ipxe.skip-san-boot code 9 = unsigned integer 8; +option ipxe.syslogs code 85 = string; +option ipxe.cert code 91 = string; +option ipxe.privkey code 92 = string; +option ipxe.crosscert code 93 = string; +option ipxe.no-pxedhcp code 176 = unsigned integer 8; +option ipxe.bus-id code 177 = string; +option ipxe.bios-drive code 189 = unsigned integer 8; +option ipxe.username code 190 = string; +option ipxe.password code 191 = string; +option ipxe.reverse-username code 192 = string; +option ipxe.reverse-password code 193 = string; +option ipxe.version code 235 = string; +option iscsi-initiator-iqn code 203 = string; + +# iPXE feature flags, set in DHCP request packet +option ipxe.pxeext code 16 = unsigned integer 8; +option ipxe.iscsi code 17 = unsigned integer 8; +option ipxe.aoe code 18 = unsigned integer 8; +option ipxe.http code 19 = unsigned integer 8; +option ipxe.https code 20 = unsigned integer 8; +option ipxe.tftp code 21 = unsigned integer 8; +option ipxe.ftp code 22 = unsigned integer 8; +option ipxe.dns code 23 = unsigned integer 8; +option ipxe.bzimage code 24 = unsigned integer 8; +option ipxe.multiboot code 25 = unsigned integer 8; +option ipxe.slam code 26 = unsigned integer 8; +option ipxe.srp code 27 = unsigned integer 8; +option ipxe.nbi code 32 = unsigned integer 8; +option ipxe.pxe code 33 = unsigned integer 8; +option ipxe.elf code 34 = unsigned integer 8; +option ipxe.comboot code 35 = unsigned integer 8; +option ipxe.efi code 36 = unsigned integer 8; +option ipxe.fcoe code 37 = unsigned integer 8; +option ipxe.vlan code 38 = unsigned integer 8; +option ipxe.menu code 39 = unsigned integer 8; +option ipxe.sdi code 40 = unsigned integer 8; +option ipxe.nfs code 41 = unsigned integer 8; + +# Other useful general options +# http://www.ietf.org/assignments/dhcpv6-parameters/dhcpv6-parameters.txt +option arch code 93 = unsigned integer 16; diff --git a/dhcpd.conf b/dhcpd.conf deleted file mode 100644 index bc13813..0000000 --- a/dhcpd.conf +++ /dev/null @@ -1,40 +0,0 @@ -# dhcpd.conf for interface __INTERFACE__ -# generated by dyndhcpd/__VERSION__ -authoritative; -ddns-update-style none; -ignore client-updates; -default-lease-time 21600; -max-lease-time 43200; - -option domain-name "__DOMAINNAME__"; - -allow booting; -allow bootp; - -subnet __NETADDRESS__ netmask __NETMASK__ { - option broadcast-address __BROADCAST__; - option routers __ADDRESS__; - #option routers __MINHOST__; - option domain-name-servers __ADDRESS__; - option time-servers __ADDRESS__; - - range dynamic-bootp __MINHOST__ __MAXHOST__; -} - -# make sure we do not serve our own address -host localhost { - hardware ethernet de:ad:00:be:ef:00; - fixed-address __ADDRESS__; -} - -class "PXEClient" { - match if substring(option vendor-class-identifier, 0, 9) = "PXEClient"; - next-server __ADDRESS__; - - # Options for iPXE - if exists user-class and option user-class = "iPXE" { - filename "http://__ADDRESS__:3928/default.ipxe"; - } else { - filename "/ipxe/undi.kpxe"; - } -} |