NetBSD pxe boot: I`m very confused... :((

Hello, guys!
I like using NetBSD, but I am concerned with a problem booting kernel over pxe.

In a few words: I want to boot over pxe multiple clients, mac address which is unknown to me.
A logical wish, isn't it ...
Everyone knows the directive in dhcpd.conf ...

But why doesn't it work ???

I believe that the sequence of requests/responses (option 53) depends directly on the pxeboot_ia32.bin loader and to achieve my goal, I need to modify its source code.

Is this true?

Is there another way to solve the problem?
more detailed..

Thanks.

I'm not sure that I'm understanding your problem exactly but there will be different a boot loader (e.g. pxeboot_ia32.bin) for each different machine architecture (i.e. BIOS, UEFI, 32-bit, 64-bit, ARM) so you need to ensure that you are using the correct boot loader program. I've not come across the need to amend source code but perhaps just recompile.

As far as not knowing all the MAC addresses in advance, you can configure the PXE server whitelist to wildcard some (or even all) of the MAC address octets. Normally, if all the client NICs are one manufacturer then you specify the first three octets and wildcard the last three. However, you could wildcard the whole MAC but then, of course, all clients must be the same architecture.

Apologies if I haven't managed to explain that clearly. It is a bit involved. Perhaps someone else on the forums can explain it more clearly.

I am considering an amd64-only architecture with a standard BIOS (with network boot over int 19h).
This is known for sure. But it is impossible to guess of the mac address, but I like your idea with "wildcard", it would solve the problem.

Could you describe in a little more detail what this might look like in dhcpd.conf?

I assumed the need to change the source code pxeboot_ia32.bin due to the fact that it is the pxe loader that is responsible for the sequence of exchanging requests/responses (option 53) with the DHCP server, and in some other way (for example, the configuration of the DCP server) this can not be changed.

hicksd8, thank you very much for your help.

I'm talking about wildcarding part or all of MAC addresses on the PXE server not on the DHCP server.

A DHCP server doesn't need to know client MAC addresses in advance.

A PXE server may need to know MAC addresses in advance to sort out what architecture the client is in order to send the correct boot loader. However, if all architectures are the same then you could potentially wildcard the MAC addresses and send the same boot loader to every client.

I don't quite understand what you mean by a PXE-server.. after all, PXE is just a services that "bootfile" (pxeboot_ia32.bin) can use, in fact-it is tftp, nfs. how can I use a "wildcard" there?
Or do you mean protocol bootp/bootptab? (I thought it was an outdated protocol that replaces dhcpd)

This not exactly.. The client's MAC address request is initiated by the boot loader pxeboot_ia32.bin (this is visible in the dhcpdump).. this is why I assumed the need to change its source code..

As I said in post#2 perhaps I'm not understanding your question.

Look at this:

http://www.netbsd.org/docs/network/netboot/intro.i386.html

section 2 talks about using vendor-class-identifier to handle a high PXE population.

If you know the vendor-class-identifier that your clients are broadcasting then you can match it here and service them.

Otherwise I'm definitely not understanding your problem. Are you running a PXE server at all?

Sorry if I am vaguely asking the question, but in the documentation you quoted, you can see the declared MAC!

2. Via PXE
...
Something like the following can be used in /etc/dhcpd.conf:

host pxehost {
hardware ethernet 01:23:45:67:89:ab; # MAC address of PXE host
fixed-address 192.168.17.42; # IP address of PXE host

# stage 1:
filename "pxeboot_ia32.bin"; # relative to /tftpboot

# stage 2:
next-server 192.168.42.1; # IP of NFS server
option root-path "/usr/tmp/pxestuff/root"; # path on NFS server
}
...

3. Via GRUB
...
Configure dhcpd for the diskless machine, dhcpd entry could look like this:
option option-150 code 150 = text;
group {
subnet 192.168.0.0 netmask 255.255.255.0 {
option log-servers 192.168.0.1;
option domain-name-servers 192.168.0.1;
# location of GRUB configuration file
option option-150 "/tftpboot/grub.conf";
# NFS root path
option root-path "/home/dolecek/netbsd-root";
# path of image EtherBoot should load and execute
filename "/tftpboot/nbgrub";
}
host foobar { fixed-address foobar; hardware ethernet 00:c0:6c:76:17:46; }
}

If this is not done, I will see an error: "bootp: no reply"!
What should I specify as a MAC?

host foobar { fixed-address foobar; hardware ethernet **:**:**:**:**:**; } ???
:frowning:

You should try this:

class "pxe-clients-ia32" {
        match if substring (option vendor-class-identifier, 0, 20)
                 = "PXEClient:Arch:00000";
        filename "pxeboot_ia32_com0.bin";
}

and omit those lines to serve specific MAC addresses. Use this to serve the same boot loader to all clients that match the vendor-class-identifier.

If you do want to wildcard a MAC address try:

e.g.   00:c0:6c:*:*:*

*:*:*:*:*:*

or some implementations:

%:%:%:%:%:%

or perhaps

0%:0%:0%:0%:0%:0%

I don't know any other wildcard options than these.

I am saddened. :frowning:

I checked five different options..

host tst1 {
# hardware ethernet 0%:0%:0%:0%:0%:0%;
# hardware ethernet %:%:%:%:%:%;
# hardware ethernet *:*:*:*:*:*;
# hardware ethernet ^*:^*:^*:^*:^*:^*;
hardware ethernet 0^%:0^%:0^%:0^%:0^%:0^%;

# hardware ethernet 10:20:30:40:50:61;
# hardware ethernet 10:20:30:40:50:60;
# fixed-address 10.0.0.60;
}

cat /var/log/messages

Jul 31 22:12:07 localhost dhcpd[2001]: /etc/dhcpd.conf line 137: expecting semicolon.
Jul 31 22:12:07 localhost dhcpd[2001]: hardware ethernet 0%
Jul 31 22:12:07 localhost dhcpd[2001]: ^
Jul 31 22:12:07 localhost dhcpd[2001]: Configuration file errors encountered -- exiting

Jul 31 22:13:42 localhost dhcpd[2251]: /etc/dhcpd.conf line 138: expecting numeric value.
Jul 31 22:13:42 localhost dhcpd[2251]: hardware ethernet %
Jul 31 22:13:42 localhost dhcpd[2251]: ^
Jul 31 22:13:42 localhost dhcpd[2251]: Configuration file errors encountered -- exiting

Jul 31 22:14:34 localhost dhcpd[1097]: /etc/dhcpd.conf line 139: expecting numeric value.
Jul 31 22:14:34 localhost dhcpd[1097]: hardware ethernet *
Jul 31 22:14:34 localhost dhcpd[1097]: ^
Jul 31 22:14:34 localhost dhcpd[1097]: Configuration file errors encountered -- exiting

Jul 31 22:19:50 localhost dhcpd[2353]: /etc/dhcpd.conf line 140: expecting numeric value.
Jul 31 22:19:50 localhost dhcpd[2353]: hardware ethernet ^
Jul 31 22:19:50 localhost dhcpd[2353]: ^
Jul 31 22:19:50 localhost dhcpd[2353]: Configuration file errors encountered -- exiting

Jul 31 23:10:48 localhost dhcpd[3193]: /etc/dhcpd.conf line 141: expecting semicolon.
Jul 31 23:10:48 localhost dhcpd[3193]: hardware ethernet 0^
Jul 31 23:10:48 localhost dhcpd[3193]: ^
Jul 31 23:10:48 localhost dhcpd[3193]: Configuration file errors encountered -- exiting

It looks like we're doing something wrong.. :frowning:

Try to create a 'class' in dhcpd.conf for your client MACs like this:

NOTE: The second post here says to leave out the quotation marks.

I have never encountered the use of the keyword "match hardware"..
But, did the same example.. it hasn't worked yet.. I study further..
Do I understand correctly that in the

example

subclass "testphones" 1:00:07:3b:cb:c9:cf;

class "avaya-9630" {
match if substring(hardware,1,3) = 00:07:3b;
}

string "00:07:3b:cb:c9:cf" is client MAC?
What then is the leading " 1:"?
The syntax and logic of this configuration are not very clear yet..

I'm studying another similar example..

The principle here is to handle a 'class' of client en masse (as per your original post).

A PXE client will broadcast its vendor-class-identifier which includes 1: and the MAC address.

So if you:

match if substring(hardware,1,3) = 00:07:3b;

i.e. match characters 1 thru' 3 (this ignores the leading 1 you're asking about which is character 0) to match the first three octets of the MAC address, then these are bundled into that 'class', all treated the same, and given the same boot loader file name.

Yes, others might 'match if substring(hardware,0,3) = 1:00:07:3b' but no need to do that.

This assumes that all your NICs are the same manufacturer and the clients all the same architecture, so giving them all the same boot loader will work.

The line I've quoted above from the previous link was posted by a guy running a production box. It always pays to listen more to people running production environments.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.