From ff2cbc8881c5bc7d905cac27de3f82d3c5e9f95a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 2 Apr 2015 10:30:57 +0200 Subject: use a more complex setup for iPXE network boot --- config/dhcpd.conf | 71 ++++++++++++++++++++++++++++++++++++++++++++++++ config/ipxe-options.conf | 49 +++++++++++++++++++++++++++++++++ 2 files changed, 120 insertions(+) create mode 100644 config/dhcpd.conf create mode 100644 config/ipxe-options.conf (limited to 'config') diff --git a/config/dhcpd.conf b/config/dhcpd.conf new file mode 100644 index 0000000..6fe3d76 --- /dev/null +++ b/config/dhcpd.conf @@ -0,0 +1,71 @@ +# dhcpd.conf for interface __INTERFACE__ +# generated by dyndhcpd/__VERSION__ +authoritative; +ddns-update-style none; +ignore client-updates; +default-lease-time 21600; +max-lease-time 43200; + +option domain-name "__DOMAINNAME__"; + +subnet __NETADDRESS__ netmask __NETMASK__ { + option broadcast-address __BROADCAST__; + option routers __ADDRESS__; + option domain-name-servers __ADDRESS__; + option time-servers __ADDRESS__; + + range dynamic-bootp __MINHOST__ __MAXHOST__; +} + +# make sure we do not serve our own address +host localhost { + hardware ethernet de:ad:00:be:ef:00; + fixed-address __ADDRESS__; +} + +include "/etc/dyndhcpd/ipxe-options.conf"; + +class "PXEClient" { + match if substring(option vendor-class-identifier, 0, 9) = "PXEClient"; + + allow booting; + allow bootp; + + next-server __ADDRESS__; + + # Disable ProxyDHCP, we're in control of the primary DHCP server. + option ipxe.no-pxedhcp 1; + + # Make sure the iPXE we're loading supports what we need, + # if not load a full-featured version. + if exists ipxe.http + and exists ipxe.menu + and ((exists ipxe.pxe + and exists ipxe.bzimage + and exists ipxe.elf) + or (exists ipxe.efi)) { + # Everything is fine, just send the boot configuration file. + filename "http://__ADDRESS__:3928/default.ipxe"; + } elsif exists user-class and option user-class = "iPXE" { + # We're already using iPXE, but not a feature-full version, + # and possibly an out-of-date version from ROM, so load a more + # complete version with native drivers. + if option arch = 00:06 { + filename "/ipxe/efi-i386.efi"; + } elsif option arch = 00:07 { + filename "/ipxe/efi-x86_64.efi"; + } else { + filename "/ipxe/ipxe.pxe"; + } + } elsif exists user-class and option user-class = "gPXE" { + # If someone has an old version of gPXE burned into their ROM, + # load a more recent iPXE + filename "/ipxe/ipxe.pxe"; + } elsif option arch = 00:06 { + filename "/ipxe/efi-i386.efi"; + } elsif option arch = 00:07 { + filename "/ipxe/efi-x86_64.efi"; + } else { + filename "/ipxe/ipxe.pxe"; + } +} diff --git a/config/ipxe-options.conf b/config/ipxe-options.conf new file mode 100644 index 0000000..9ea94b6 --- /dev/null +++ b/config/ipxe-options.conf @@ -0,0 +1,49 @@ +# Declare the iPXE/gPXE/Etherboot option space +option space ipxe; +option ipxe-encap-opts code 175 = encapsulate ipxe; + +# iPXE options, can be set in DHCP response packet +option ipxe.priority code 1 = signed integer 8; +option ipxe.keep-san code 8 = unsigned integer 8; +option ipxe.skip-san-boot code 9 = unsigned integer 8; +option ipxe.syslogs code 85 = string; +option ipxe.cert code 91 = string; +option ipxe.privkey code 92 = string; +option ipxe.crosscert code 93 = string; +option ipxe.no-pxedhcp code 176 = unsigned integer 8; +option ipxe.bus-id code 177 = string; +option ipxe.bios-drive code 189 = unsigned integer 8; +option ipxe.username code 190 = string; +option ipxe.password code 191 = string; +option ipxe.reverse-username code 192 = string; +option ipxe.reverse-password code 193 = string; +option ipxe.version code 235 = string; +option iscsi-initiator-iqn code 203 = string; + +# iPXE feature flags, set in DHCP request packet +option ipxe.pxeext code 16 = unsigned integer 8; +option ipxe.iscsi code 17 = unsigned integer 8; +option ipxe.aoe code 18 = unsigned integer 8; +option ipxe.http code 19 = unsigned integer 8; +option ipxe.https code 20 = unsigned integer 8; +option ipxe.tftp code 21 = unsigned integer 8; +option ipxe.ftp code 22 = unsigned integer 8; +option ipxe.dns code 23 = unsigned integer 8; +option ipxe.bzimage code 24 = unsigned integer 8; +option ipxe.multiboot code 25 = unsigned integer 8; +option ipxe.slam code 26 = unsigned integer 8; +option ipxe.srp code 27 = unsigned integer 8; +option ipxe.nbi code 32 = unsigned integer 8; +option ipxe.pxe code 33 = unsigned integer 8; +option ipxe.elf code 34 = unsigned integer 8; +option ipxe.comboot code 35 = unsigned integer 8; +option ipxe.efi code 36 = unsigned integer 8; +option ipxe.fcoe code 37 = unsigned integer 8; +option ipxe.vlan code 38 = unsigned integer 8; +option ipxe.menu code 39 = unsigned integer 8; +option ipxe.sdi code 40 = unsigned integer 8; +option ipxe.nfs code 41 = unsigned integer 8; + +# Other useful general options +# http://www.ietf.org/assignments/dhcpv6-parameters/dhcpv6-parameters.txt +option arch code 93 = unsigned integer 16; -- cgit v1.2.3-70-g09d2