From ff2cbc8881c5bc7d905cac27de3f82d3c5e9f95a Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Thu, 2 Apr 2015 10:30:57 +0200
Subject: use a more complex setup for iPXE network boot

---
 config/dhcpd.conf        | 71 ++++++++++++++++++++++++++++++++++++++++++++++++
 config/ipxe-options.conf | 49 +++++++++++++++++++++++++++++++++
 2 files changed, 120 insertions(+)
 create mode 100644 config/dhcpd.conf
 create mode 100644 config/ipxe-options.conf

(limited to 'config')

diff --git a/config/dhcpd.conf b/config/dhcpd.conf
new file mode 100644
index 0000000..6fe3d76
--- /dev/null
+++ b/config/dhcpd.conf
@@ -0,0 +1,71 @@
+# dhcpd.conf for interface __INTERFACE__
+# generated by dyndhcpd/__VERSION__
+authoritative;
+ddns-update-style none;
+ignore client-updates;
+default-lease-time 21600;
+max-lease-time 43200;
+
+option domain-name "__DOMAINNAME__";
+
+subnet __NETADDRESS__ netmask __NETMASK__ {
+	option broadcast-address __BROADCAST__;
+	option routers __ADDRESS__;
+	option domain-name-servers __ADDRESS__;
+	option time-servers __ADDRESS__;
+
+	range dynamic-bootp __MINHOST__ __MAXHOST__;
+}
+
+# make sure we do not serve our own address
+host localhost {
+	hardware ethernet de:ad:00:be:ef:00;
+	fixed-address __ADDRESS__;
+}
+
+include "/etc/dyndhcpd/ipxe-options.conf";
+
+class "PXEClient" {
+	match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
+
+	allow booting;
+	allow bootp;
+
+	next-server __ADDRESS__;
+
+	# Disable ProxyDHCP, we're in control of the primary DHCP server.
+	option ipxe.no-pxedhcp 1;
+
+	# Make sure the iPXE we're loading supports what we need,
+	# if not load a full-featured version.
+	if exists ipxe.http
+	  and exists ipxe.menu
+	  and ((exists ipxe.pxe
+	      and exists ipxe.bzimage
+	      and exists ipxe.elf)
+	    or (exists ipxe.efi)) {
+		# Everything is fine, just send the boot configuration file.
+		filename "http://__ADDRESS__:3928/default.ipxe";
+	} elsif exists user-class and option user-class = "iPXE" {
+		# We're already using iPXE, but not a feature-full version,
+		# and possibly an out-of-date version from ROM, so load a more
+		# complete version with native drivers.
+		if option arch = 00:06 {
+			filename "/ipxe/efi-i386.efi";
+		} elsif option arch = 00:07 {
+			filename "/ipxe/efi-x86_64.efi";
+		} else {
+			filename "/ipxe/ipxe.pxe";
+		}
+	} elsif exists user-class and option user-class = "gPXE" {
+ 		# If someone has an old version of gPXE burned into their ROM,
+		# load a more recent iPXE
+		filename "/ipxe/ipxe.pxe";
+	} elsif option arch = 00:06 {
+		filename "/ipxe/efi-i386.efi";
+	} elsif option arch = 00:07 {
+		filename "/ipxe/efi-x86_64.efi";
+	} else {
+		filename "/ipxe/ipxe.pxe";
+	}
+}
diff --git a/config/ipxe-options.conf b/config/ipxe-options.conf
new file mode 100644
index 0000000..9ea94b6
--- /dev/null
+++ b/config/ipxe-options.conf
@@ -0,0 +1,49 @@
+# Declare the iPXE/gPXE/Etherboot option space
+option space ipxe;
+option ipxe-encap-opts code 175 = encapsulate ipxe;
+
+# iPXE options, can be set in DHCP response packet
+option ipxe.priority         code   1 = signed integer 8;
+option ipxe.keep-san         code   8 = unsigned integer 8;
+option ipxe.skip-san-boot    code   9 = unsigned integer 8;
+option ipxe.syslogs          code  85 = string;
+option ipxe.cert             code  91 = string;
+option ipxe.privkey          code  92 = string;
+option ipxe.crosscert        code  93 = string;
+option ipxe.no-pxedhcp       code 176 = unsigned integer 8;
+option ipxe.bus-id           code 177 = string;
+option ipxe.bios-drive       code 189 = unsigned integer 8;
+option ipxe.username         code 190 = string;
+option ipxe.password         code 191 = string;
+option ipxe.reverse-username code 192 = string;
+option ipxe.reverse-password code 193 = string;
+option ipxe.version          code 235 = string;
+option iscsi-initiator-iqn   code 203 = string;
+
+# iPXE feature flags, set in DHCP request packet
+option ipxe.pxeext    code 16 = unsigned integer 8;
+option ipxe.iscsi     code 17 = unsigned integer 8;
+option ipxe.aoe       code 18 = unsigned integer 8;
+option ipxe.http      code 19 = unsigned integer 8;
+option ipxe.https     code 20 = unsigned integer 8;
+option ipxe.tftp      code 21 = unsigned integer 8;
+option ipxe.ftp       code 22 = unsigned integer 8;
+option ipxe.dns       code 23 = unsigned integer 8;
+option ipxe.bzimage   code 24 = unsigned integer 8;
+option ipxe.multiboot code 25 = unsigned integer 8;
+option ipxe.slam      code 26 = unsigned integer 8;
+option ipxe.srp       code 27 = unsigned integer 8;
+option ipxe.nbi       code 32 = unsigned integer 8;
+option ipxe.pxe       code 33 = unsigned integer 8;
+option ipxe.elf       code 34 = unsigned integer 8;
+option ipxe.comboot   code 35 = unsigned integer 8;
+option ipxe.efi       code 36 = unsigned integer 8;
+option ipxe.fcoe      code 37 = unsigned integer 8;
+option ipxe.vlan      code 38 = unsigned integer 8;
+option ipxe.menu      code 39 = unsigned integer 8;
+option ipxe.sdi       code 40 = unsigned integer 8;
+option ipxe.nfs       code 41 = unsigned integer 8;
+
+# Other useful general options
+# http://www.ietf.org/assignments/dhcpv6-parameters/dhcpv6-parameters.txt
+option arch code 93 = unsigned integer 16;
-- 
cgit v1.2.3-54-g00ecf