From ff2cbc8881c5bc7d905cac27de3f82d3c5e9f95a Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Thu, 2 Apr 2015 10:30:57 +0200
Subject: use a more complex setup for iPXE network boot

---
 Makefile                 |  3 +-
 config/dhcpd.conf        | 71 ++++++++++++++++++++++++++++++++++++++++++++++++
 config/ipxe-options.conf | 49 +++++++++++++++++++++++++++++++++
 dhcpd.conf               | 40 ---------------------------
 4 files changed, 122 insertions(+), 41 deletions(-)
 create mode 100644 config/dhcpd.conf
 create mode 100644 config/ipxe-options.conf
 delete mode 100644 dhcpd.conf

diff --git a/Makefile b/Makefile
index c515955..935a788 100644
--- a/Makefile
+++ b/Makefile
@@ -31,7 +31,8 @@ install: install-bin install-doc
 install-bin: dyndhcpd
 	$(INSTALL) -D -m0755 dyndhcpd $(DESTDIR)/usr/bin/dyndhcpd
 	$(INSTALL) -D -m0644 dyndhcpd@.service $(DESTDIR)/usr/lib/systemd/system/dyndhcpd@.service
-	$(INSTALL) -D -m0644 dhcpd.conf $(DESTDIR)/etc/dyndhcpd/dhcpd.conf
+	$(INSTALL) -D -m0644 config/dhcpd.conf $(DESTDIR)/etc/dyndhcpd/dhcpd.conf
+	$(INSTALL) -D -m0644 config/ipxe-options.conf $(DESTDIR)/etc/dyndhcpd/ipxe-options.conf
 
 install-doc: README.html
 	$(INSTALL) -D -m0644 README.md $(DESTDIR)/usr/share/doc/dyndhcpd/README.md
diff --git a/config/dhcpd.conf b/config/dhcpd.conf
new file mode 100644
index 0000000..6fe3d76
--- /dev/null
+++ b/config/dhcpd.conf
@@ -0,0 +1,71 @@
+# dhcpd.conf for interface __INTERFACE__
+# generated by dyndhcpd/__VERSION__
+authoritative;
+ddns-update-style none;
+ignore client-updates;
+default-lease-time 21600;
+max-lease-time 43200;
+
+option domain-name "__DOMAINNAME__";
+
+subnet __NETADDRESS__ netmask __NETMASK__ {
+	option broadcast-address __BROADCAST__;
+	option routers __ADDRESS__;
+	option domain-name-servers __ADDRESS__;
+	option time-servers __ADDRESS__;
+
+	range dynamic-bootp __MINHOST__ __MAXHOST__;
+}
+
+# make sure we do not serve our own address
+host localhost {
+	hardware ethernet de:ad:00:be:ef:00;
+	fixed-address __ADDRESS__;
+}
+
+include "/etc/dyndhcpd/ipxe-options.conf";
+
+class "PXEClient" {
+	match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
+
+	allow booting;
+	allow bootp;
+
+	next-server __ADDRESS__;
+
+	# Disable ProxyDHCP, we're in control of the primary DHCP server.
+	option ipxe.no-pxedhcp 1;
+
+	# Make sure the iPXE we're loading supports what we need,
+	# if not load a full-featured version.
+	if exists ipxe.http
+	  and exists ipxe.menu
+	  and ((exists ipxe.pxe
+	      and exists ipxe.bzimage
+	      and exists ipxe.elf)
+	    or (exists ipxe.efi)) {
+		# Everything is fine, just send the boot configuration file.
+		filename "http://__ADDRESS__:3928/default.ipxe";
+	} elsif exists user-class and option user-class = "iPXE" {
+		# We're already using iPXE, but not a feature-full version,
+		# and possibly an out-of-date version from ROM, so load a more
+		# complete version with native drivers.
+		if option arch = 00:06 {
+			filename "/ipxe/efi-i386.efi";
+		} elsif option arch = 00:07 {
+			filename "/ipxe/efi-x86_64.efi";
+		} else {
+			filename "/ipxe/ipxe.pxe";
+		}
+	} elsif exists user-class and option user-class = "gPXE" {
+ 		# If someone has an old version of gPXE burned into their ROM,
+		# load a more recent iPXE
+		filename "/ipxe/ipxe.pxe";
+	} elsif option arch = 00:06 {
+		filename "/ipxe/efi-i386.efi";
+	} elsif option arch = 00:07 {
+		filename "/ipxe/efi-x86_64.efi";
+	} else {
+		filename "/ipxe/ipxe.pxe";
+	}
+}
diff --git a/config/ipxe-options.conf b/config/ipxe-options.conf
new file mode 100644
index 0000000..9ea94b6
--- /dev/null
+++ b/config/ipxe-options.conf
@@ -0,0 +1,49 @@
+# Declare the iPXE/gPXE/Etherboot option space
+option space ipxe;
+option ipxe-encap-opts code 175 = encapsulate ipxe;
+
+# iPXE options, can be set in DHCP response packet
+option ipxe.priority         code   1 = signed integer 8;
+option ipxe.keep-san         code   8 = unsigned integer 8;
+option ipxe.skip-san-boot    code   9 = unsigned integer 8;
+option ipxe.syslogs          code  85 = string;
+option ipxe.cert             code  91 = string;
+option ipxe.privkey          code  92 = string;
+option ipxe.crosscert        code  93 = string;
+option ipxe.no-pxedhcp       code 176 = unsigned integer 8;
+option ipxe.bus-id           code 177 = string;
+option ipxe.bios-drive       code 189 = unsigned integer 8;
+option ipxe.username         code 190 = string;
+option ipxe.password         code 191 = string;
+option ipxe.reverse-username code 192 = string;
+option ipxe.reverse-password code 193 = string;
+option ipxe.version          code 235 = string;
+option iscsi-initiator-iqn   code 203 = string;
+
+# iPXE feature flags, set in DHCP request packet
+option ipxe.pxeext    code 16 = unsigned integer 8;
+option ipxe.iscsi     code 17 = unsigned integer 8;
+option ipxe.aoe       code 18 = unsigned integer 8;
+option ipxe.http      code 19 = unsigned integer 8;
+option ipxe.https     code 20 = unsigned integer 8;
+option ipxe.tftp      code 21 = unsigned integer 8;
+option ipxe.ftp       code 22 = unsigned integer 8;
+option ipxe.dns       code 23 = unsigned integer 8;
+option ipxe.bzimage   code 24 = unsigned integer 8;
+option ipxe.multiboot code 25 = unsigned integer 8;
+option ipxe.slam      code 26 = unsigned integer 8;
+option ipxe.srp       code 27 = unsigned integer 8;
+option ipxe.nbi       code 32 = unsigned integer 8;
+option ipxe.pxe       code 33 = unsigned integer 8;
+option ipxe.elf       code 34 = unsigned integer 8;
+option ipxe.comboot   code 35 = unsigned integer 8;
+option ipxe.efi       code 36 = unsigned integer 8;
+option ipxe.fcoe      code 37 = unsigned integer 8;
+option ipxe.vlan      code 38 = unsigned integer 8;
+option ipxe.menu      code 39 = unsigned integer 8;
+option ipxe.sdi       code 40 = unsigned integer 8;
+option ipxe.nfs       code 41 = unsigned integer 8;
+
+# Other useful general options
+# http://www.ietf.org/assignments/dhcpv6-parameters/dhcpv6-parameters.txt
+option arch code 93 = unsigned integer 16;
diff --git a/dhcpd.conf b/dhcpd.conf
deleted file mode 100644
index bc13813..0000000
--- a/dhcpd.conf
+++ /dev/null
@@ -1,40 +0,0 @@
-# dhcpd.conf for interface __INTERFACE__
-# generated by dyndhcpd/__VERSION__
-authoritative;
-ddns-update-style none;
-ignore client-updates;
-default-lease-time 21600;
-max-lease-time 43200;
-
-option domain-name "__DOMAINNAME__";
-
-allow booting;
-allow bootp;
-
-subnet __NETADDRESS__ netmask __NETMASK__ {
-	option broadcast-address __BROADCAST__;
-	option routers __ADDRESS__;
-	#option routers __MINHOST__;
-	option domain-name-servers __ADDRESS__;
-	option time-servers __ADDRESS__;
-
-	range dynamic-bootp __MINHOST__ __MAXHOST__;
-}
-
-# make sure we do not serve our own address
-host localhost {
-	hardware ethernet de:ad:00:be:ef:00;
-	fixed-address __ADDRESS__;
-}
-
-class "PXEClient" {
-	match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
-	next-server __ADDRESS__;
-
-	# Options for iPXE
-	if exists user-class and option user-class = "iPXE" {
-		filename "http://__ADDRESS__:3928/default.ipxe";
-	} else {
-		filename "/ipxe/undi.kpxe";
-	}
-}
-- 
cgit v1.2.3-54-g00ecf