Using if/then during PXE boot for proper boot loader
-
I’ve several workstations in place where some work with the undionly.kpxe while others the ipxe.kpxe file.
I had briefly read that one could do if/then statements on there PXE server in choosing the correct boot loader based on some condition that the hosts NIC returns.Would some one know where I can find some docs regarding this as I’d love to implement it.
Right now I manually switch between the two fils on my PXE server.
-
@aurfalien The quick answer is you can’t do what you want with an if/then in iPXE. I’m not saying there isn’t a solution but with iPXE it might be difficult.
So lets start with undionly.kpxe and ipxe.kpxe. Undionly.kpxe uses the undi driver built into the network card. Almost all bios cards in the last 20 years support the undi driver format that is almost 30 years old. The ipxe.kpxe boot loader uses iPXE built in network drivers, much like linux has built in network drivers. I’m finding it strange that undionly.kpxe doesn’t work where ipxe.kpxe does work. These must be some really old network cards where only ipxe.kpxe only works. Lets make sure you don’t mean ipxe.efi (which is the uefi driver version).
So from a programic standpoint how will the system know what iPXE boot loader to pick between undionly and ipxe? What is unique between these two systems?
How many systems are on each side of the fence?
The solution lies in your dhcp server. We have some options as long as the dhcp server can tell or identify system A get boot loader X and system B gets boot loader Y. We’ll need more background information here to give you a complete solution.
-
@george1421
Thanks for the reply and based on your answer it’s obvious that I havn’t explained my self well enough.I’ve a diverse and split mix of 1Gb, 10Gb, 25Gb and 40Gb all which support either udionly.kpxe or ipxe.kpxe but not both.
What I’d like is to configure my DHCP server in suppling the right boot loader based on a condition that the host NIC returns.
I’d seen a how to or article here somewhere but it evades me. And so I was hoping that some one would know where to point me.
It was a clever if/then statement in a dhcpd.conf based on some hex value that the host NIC returned in order to load the correct boot loader.
Does this make more sense?
-
@aurfalien I’m right there with you. The iPXE menu can also do a if/then action but that is more limited than what you can do on the dhcp server side.
OK so it looks like your dhcp server is linux based and not via windows or third party.
So to my question, what is unique you can identify (from a computer standpoint) so your dhcp server knows which boot loader name to send out?
The method to take really depends on the number of clients you are looking at and what the uniqueness of the machines are.
When a client computer starts the DORA process for pxe booting it sends out a DISCOVER packet. That packet tells the dhcp server about the client. Those parameters can be used to customize the OFFER response back from the dhcp server.
Common parameters might be if the client is uefi or bios, or x64 or x32 architecture, mac address, or stripping out the manufacture from the mac address, or system UUID.
The simplest and most accurate method is to send the unique boot file based on the mac address.
for the standard isc dhcp server you would put in something that looks like this for each host. The host specific settings will override the pool options.
host myhost01{ hardware ethernet 00:11:22:33:44:55; filename "undionly.kpxe"; } host myhost02{ hardware ethernet 00:a1:b2:c3:d4:e5; filename "ipxe.kpxe"; } # General configuration for other clients subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.10 192.168.1.200; option routers 192.168.1.1; filename "snponly.efi"; next-server 192.168.1.100; }While that is the most accurate and simplest to implement if you have just a few hosts, if you are dealing with 100s of hosts that might be challenging.
If your targets have multiple network adapters you could use the system UUID (if the vendor populates this field)
# Define a class for clients identified by a specific UUID class "uuid-clients" { match option dhcp-client-identifier; } # Host declaration for a specific client identified by its UUID host myclient { option dhcp-client-identifier = 0:1:2:3:4:5:6:7:8:9:a:b:c:d:e:f; # Replace with actual UUID filename "ipxe.efi"; }There are options but the path forward depends on the number of hosts you are trying to manage.
-
@george1421 First off thank you very much for this and for taking the time to reply.
It would work for sure but I’ve roughly 150 clients, not a lot but more then I’d like to add specifics for in my dhcpd.conf file.
Sooooo, this bit below is what I think that I’m after. However would you know how I can determine the client-arch value for a particular host?
Example code below.
# Define a class for PXE clients class "pxeclients" { # Check if the client provides the client-architecture option match option client-arch; # If the client is UEFI x64 (client-arch code 00:07 or 00:09) if option client-arch = 00:07 or option client-arch = 00:09 { filename "boot/ipxe.efi"; } # If the client is UEFI IA32 (client-arch code 00:06) elsif option client-arch = 00:06 { filename "boot/ipxe32.efi"; } # Default to BIOS bootloader for all other clients else { filename "boot/undionly.kpxe"; } } -
@aurfalien The arch value is not going to be fine grained enough for what you want.
This is a short table of what is available in the arch field.
Arch:00000: This is often associated with the non-UEFI, or legacy BIOS, boot process.
Arch:00007: This value typically indicates a 32-bit UEFI system.
Arch:00009: This value identifies a 64-bit UEFI systemSo if you want to send bios or uefi boot loaders this is the method you want to use.
But from your post you want to switch between "undionly.kpxe while others the ipxe.kpxe " This are both bios boot loaders so the arch value == 0 for both hosts.
…However would you know how I can determine the client-arch value for a particular host?
If you know how to use wireshark you can get the answer you seek. Take a witness computer (third computer not part of the pxe booting process) and load wireshark on it (you may need to disable the windows firewall for this) Plug this witness computer into the same subnet as the pxe booting computer. When you startup wireshark set the capture filter to
port 67 or port 68and then select your ethernet adapter that is plugged into the same vlan subnet as the target computer. With the witness computer scanning pxe boot the target computer. Keep the scanner running until the pxe booting computer gets to the fog menu.Now stop wireshark from scanning. Look at the packets it captured, it should have captured about 4 if you setup the capture filter correctly. If it collected a lot of traffic (like if you forgot to set the capture filter) set the view or display filter of
bootp.So with the 4 packets these should be the DORA packets Discover, Offer, Request, Ack/Nak. What you are interested in is the Discover packet, this is from the target computer saying hello world. Look into this packet. Scroll down the list of values until you see the dhcp options. To see the arch value its in dhcp option 93 or 94, or right in that area. You can use most of these dhcp options to set special filters on the dhcp server and then send different boot files depending on the values. You need to find what is unique between these systems so you can tell the dhcp how to react when it sees that particular value from the client during the discover / offer part of DORA
-
@george1421 I see now and you’re right as my clients are all legacy boot/BIOS boot non UEFI and would not benefit from the client-arch examination.
I’ve already declarations set for each host in my dhcpd.conf file in terms if MAC to IP and so adding another field of filename “some boot loader file” won’t be impossible.
Thanks you for this exercise as I’ve learned some very important things here.
