Dnsmasq proxy booting with UEFI



  • After doing some digging I have still yet to find a way to set up proxy booting with UEFI. I have proxy booting working perfectly fine in legacy mode but I need the UEFI version for image related reasons. Is there a proper way or a thing I am missing to set proxy UEFI up? I’m trying to get this deployed sooner rather than later. (Besides that its the first time I have used this product and I love it compared to others!)


  • Developer

    @Killklli Are you still working on this? I have done a lot of testing and I am pretty sure that dnsmasq is not able to boot most UEFI devices as it uses DHCP option 43 which they don’t like (see here: https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg09233.html). I am working on a node.js proxy DHCP to support BIOS/UEFI and Mac OS X. But will be still a while I suppose - BIOS works pretty good and UEFI is not far either but the code is still a big mess.

    Follow this thread: https://forums.fogproject.org/topic/5870/dhcp-proxy-for-fog



  • @Killklli Another thing I learned last night about dnsmasq

    is…

    You can only have one config file in /etc/dnsmasq.d/ and the names of the files in there do not matter - the daemon will read all of them and use them as config files if it can.

    because the configuration file here: /etc/dnsmasq.conf does not specify a name, it just specifies a directory to look in.

    So if you have a backup config file inside of /etc/dnsmasq.d/ you have to move that file elsewhere because it will interfere with dnsmasq.



  • @Wayne-Workman Just for when you get back to this. It still didn’t work. Still getting PXE-E18: Server Response Timeout for UEFI machines. But Legacy Works.



  • @Killklli try this - beyond this, I need some shut eye and I need to bring home my work laptop which is UEFI capable.

    log-dhcp
    tftp-root=/tftpboot
    dhcp-boot=undionly.0,10.0.0.3,10.0.0.3
    dhcp-option=17,/images
    dhcp-option=vendor:PXEClient,6,2b
    dhcp-no-override
    pxe-prompt="Press F8 for boot menu", 3
    pxe-service=X86PC, “Network Boot using undionly.0”, undionly
    pxe-service=X86-64_EFI, "Network boot using ipxe.0", ipxe
    dhcp-range=10.0.0.3,proxy
    
    
    #for pxe-service=    the known types are below.
    #x86PC, PC98, IA64_EFI, Alpha, Arc_x86, Intel_Lean_Client, IA32_EFI, BC_EFI, Xscale_EFI and X86-64_EFI
    


  • @Wayne-Workman I’m still confused that for whatever reason I’m not even seeing the UEFI boot grabbing IP’s. I just get a server timeout.



  • @Killklli Try this, I just confirmed it works with LEGACY, have a great feeling about UEFI also.

    @Developers @Moderators Just making sure you guys see this.

    #port=0
    log-dhcp
    tftp-root=/tftpboot
    dhcp-option=17,/images
    dhcp-no-override
    
    #Here, I define netboot types
    dhcp-vendorclass=BIOS,PXEClient:Arch:00006
    dhcp-vendorclass=UEFI,PXEClient:Arch:00007
    
    #Set bootfile names depending on the client vendor identifier
    dhcp-boot=net:BIOS,192.168.1.2,undionly.0
    dhcp-boot=net:UEFI,192.168.1.2,ipxe.0
    
    pxe-prompt="Press F8 for boot menu", 3
    pxe-service=X86PC, “BIOS and LEGACY Network Boot”, BIOS
    pxe-service=X86PC, “UEFI Network Boot”, UEFI
    dhcp-range=192.168.1.2,proxy
    


  • @Killklli I just tested on my system - all I had was failure with using symbolic links.

    So - lets get rid of those and just use copies:

    rm -f /tftpboot/undionly.kkpxe.0
    rm -f /tftpboot/undionly.0
    rm -f /tftpboot/ipxe.efi.0
    rm -f /tftpboot/ipxe.0
    cp /tftpboot/undionly.kkpxe /tftpboot/undionly.0
    cp /tftpboot/ipxe.efi /tftpboot/ipxe.0
    

    Please stand by, I’m testing the code I gave you (it’s been a long day).



  • @Wayne-Workman Hmmmm. UEFI still isn’t grabbing. But Legacy still is.



  • @need2 @Tom-Elliott well that complicates things… why did it work for me then? gah. I really need to sit down and tackle this.

    @Killklli Run the below commands and then try the attached script.

    ln -s /tftpboot/ipxe.efi /tftpboot/ipxe.efi.0
    ln -s /tftpboot/ipxe.efi /tftpboot/ipxe.0
    ln -s /tftpboot/undionly.kpxe /tftpboot/undionly.kpxe.0
    ln -s /tftpboot/undionly.kpxe /tftpboot/undionly.0
    
    port=0
    log-dhcp
    tftp-root=/tftpboot
    dhcp-option=17,/images
    dhcp-no-override
    
    
    #this line is suspicious to me. What the heck does 6,2b mean ?
    dhcp-option=vendor:PXEClient,6,2b
    
    #Here, I define netboot types
    dhcp-vendorclass=BIOS,PXEClient:Arch:00006
    dhcp-vendorclass=UEFI,PXEClient:Arch:00007
    
    #Set bootfile names depending on the client vendor identifier
    dhcp-boot=BIOS,undionly.kpxe
    dhcp-boot=UEFI,ipxe.efi
    
    pxe-prompt="Press F8 for boot menu", 3
    pxe-service=X86PC, “BIOS and LEGACY Network Boot”, undionly
    pxe-service=X86PC, “UEFI Network Boot”, ipxe
    dhcp-range=x.x.x.x,proxy
    


  • This post is deleted!

  • Moderator

    @Tom-Elliott It does. At least it did in my environment when I was fighting with it. Getting close to being able to revisit this subject myself. Expect to be migrating our DHCP servers to WinSrv 2012R2 in the next 30 days.


  • Senior Developer

    @Killklli I’m not 100% sure you need to specify the file as ipxe.0. With Proxy dhcp the .0 extension is automatically appended, and I can’t keep it from appending it. So If my suspicions are correct, it may actually be looking for a file called: ipxe.0.0 as well. I don’t know for sure though.



  • @Killklli you don’t have a copy or a symbolic link of ipxe.efi for ipxe.0

    so lets fix that first:

    ln -s /tftpboot/ipxe.efi /tftpboot/ipxe.0
    
    or
    
    cd /tftpboot
    ln -s ipxe.efi ipxe.0
    

    Then try the scripts I gave you - and play around with them a little.



  • @Wayne-Workman Here’s a screenshot.

    dirlist.png



  • @Killklli and the contents of your tftpboot directory?

    ls -lahRt /tftpboot
    


  • @Wayne-Workman Sorry about the delay right now it looks like. I’ve tried multiple configs so this one is more or less a start over of where I was originally. So not much has changed currently.

    port=0
    log-dhcp
    tftp-root=/tftpboot
    dhcp-option=17,/images
    #Removed dhcp-option=vendor:PXEClient,6,2b
    dhcp-no-override
    #removed dhcp-vendorclass=BIOS,PXEClient:Arch:00006
    dhcp-vendorclass=UEFI,PXEClient:Arch:00007
    dhcp-boot-UEFI,ipxe.0
    pxe-prompt="Press F8 for boot menu", 3
    pxe-service=X86PC, "Boot from network", undionly
    #removed local boot its un-needed
    dhcp-range=192.168.1.2,proxy
    
    


  • @Killklli Wait… what does the ltsp.conf file look like right now?

    can you add comments so we know what you’ve done?



  • @Killklli In the mean time, the link I gave you about BIOS UEFI coexistence gives step-by-step instructions for Server 2012 and later.

    You could pass that link off to your network guys and just respectfully ask that they look at this.

    NOTE: that the method described there won’t work for server 2008 and lower.



  • @Wayne-Workman Turns out it was an issue with having both the Legacy vendor and the UEFI vendor listed. Its at least seeing the server now but now I dive into the hole of “Failed Secure Boot Verification”

    -EDIT-
    Scratch that. Still hates me. It was an issue with a VM. It is downloading now though.

    –Edit Edit–
    I had an extra DHCP option still on. Still not downloading. But If I go back to legacy mode those options work.


 

438
Online

41.5k
Users

11.9k
Topics

113.3k
Posts