Dnsmasq proxy booting with UEFI
After doing some digging I have still yet to find a way to set up proxy booting with UEFI. I have proxy booting working perfectly fine in legacy mode but I need the UEFI version for image related reasons. Is there a proper way or a thing I am missing to set proxy UEFI up? I’m trying to get this deployed sooner rather than later. (Besides that its the first time I have used this product and I love it compared to others!)
@Killklli Are you still working on this? I have done a lot of testing and I am pretty sure that dnsmasq is not able to boot most UEFI devices as it uses DHCP option 43 which they don’t like (see here: https://email@example.com/msg09233.html). I am working on a node.js proxy DHCP to support BIOS/UEFI and Mac OS X. But will be still a while I suppose - BIOS works pretty good and UEFI is not far either but the code is still a big mess.
Follow this thread: https://forums.fogproject.org/topic/5870/dhcp-proxy-for-fog
@Killklli Another thing I learned last night about dnsmasq
You can only have one config file in /etc/dnsmasq.d/ and the names of the files in there do not matter - the daemon will read all of them and use them as config files if it can.
because the configuration file here: /etc/dnsmasq.conf does not specify a name, it just specifies a directory to look in.
So if you have a backup config file inside of /etc/dnsmasq.d/ you have to move that file elsewhere because it will interfere with dnsmasq.
@Wayne-Workman Just for when you get back to this. It still didn’t work. Still getting PXE-E18: Server Response Timeout for UEFI machines. But Legacy Works.
@Killklli try this - beyond this, I need some shut eye and I need to bring home my work laptop which is UEFI capable.
log-dhcp tftp-root=/tftpboot dhcp-boot=undionly.0,10.0.0.3,10.0.0.3 dhcp-option=17,/images dhcp-option=vendor:PXEClient,6,2b dhcp-no-override pxe-prompt="Press F8 for boot menu", 3 pxe-service=X86PC, “Network Boot using undionly.0”, undionly pxe-service=X86-64_EFI, "Network boot using ipxe.0", ipxe dhcp-range=10.0.0.3,proxy #for pxe-service= the known types are below. #x86PC, PC98, IA64_EFI, Alpha, Arc_x86, Intel_Lean_Client, IA32_EFI, BC_EFI, Xscale_EFI and X86-64_EFI
@Wayne-Workman I’m still confused that for whatever reason I’m not even seeing the UEFI boot grabbing IP’s. I just get a server timeout.
@Killklli Try this, I just confirmed it works with LEGACY, have a great feeling about UEFI also.
#port=0 log-dhcp tftp-root=/tftpboot dhcp-option=17,/images dhcp-no-override #Here, I define netboot types dhcp-vendorclass=BIOS,PXEClient:Arch:00006 dhcp-vendorclass=UEFI,PXEClient:Arch:00007 #Set bootfile names depending on the client vendor identifier dhcp-boot=net:BIOS,192.168.1.2,undionly.0 dhcp-boot=net:UEFI,192.168.1.2,ipxe.0 pxe-prompt="Press F8 for boot menu", 3 pxe-service=X86PC, “BIOS and LEGACY Network Boot”, BIOS pxe-service=X86PC, “UEFI Network Boot”, UEFI dhcp-range=192.168.1.2,proxy
@Killklli I just tested on my system - all I had was failure with using symbolic links.
So - lets get rid of those and just use copies:
rm -f /tftpboot/undionly.kkpxe.0 rm -f /tftpboot/undionly.0 rm -f /tftpboot/ipxe.efi.0 rm -f /tftpboot/ipxe.0 cp /tftpboot/undionly.kkpxe /tftpboot/undionly.0 cp /tftpboot/ipxe.efi /tftpboot/ipxe.0
Please stand by, I’m testing the code I gave you (it’s been a long day).
@Wayne-Workman Hmmmm. UEFI still isn’t grabbing. But Legacy still is.
@Killklli Run the below commands and then try the attached script.
ln -s /tftpboot/ipxe.efi /tftpboot/ipxe.efi.0 ln -s /tftpboot/ipxe.efi /tftpboot/ipxe.0 ln -s /tftpboot/undionly.kpxe /tftpboot/undionly.kpxe.0 ln -s /tftpboot/undionly.kpxe /tftpboot/undionly.0
port=0 log-dhcp tftp-root=/tftpboot dhcp-option=17,/images dhcp-no-override #this line is suspicious to me. What the heck does 6,2b mean ? dhcp-option=vendor:PXEClient,6,2b #Here, I define netboot types dhcp-vendorclass=BIOS,PXEClient:Arch:00006 dhcp-vendorclass=UEFI,PXEClient:Arch:00007 #Set bootfile names depending on the client vendor identifier dhcp-boot=BIOS,undionly.kpxe dhcp-boot=UEFI,ipxe.efi pxe-prompt="Press F8 for boot menu", 3 pxe-service=X86PC, “BIOS and LEGACY Network Boot”, undionly pxe-service=X86PC, “UEFI Network Boot”, ipxe dhcp-range=x.x.x.x,proxy
This post is deleted!
@Tom-Elliott It does. At least it did in my environment when I was fighting with it. Getting close to being able to revisit this subject myself. Expect to be migrating our DHCP servers to WinSrv 2012R2 in the next 30 days.
@Killklli I’m not 100% sure you need to specify the file as ipxe.0. With Proxy dhcp the .0 extension is automatically appended, and I can’t keep it from appending it. So If my suspicions are correct, it may actually be looking for a file called: ipxe.0.0 as well. I don’t know for sure though.
@Killklli you don’t have a copy or a symbolic link of ipxe.efi for ipxe.0
so lets fix that first:
ln -s /tftpboot/ipxe.efi /tftpboot/ipxe.0 or cd /tftpboot ln -s ipxe.efi ipxe.0
Then try the scripts I gave you - and play around with them a little.
@Wayne-Workman Here’s a screenshot.
@Killklli and the contents of your tftpboot directory?
ls -lahRt /tftpboot
@Wayne-Workman Sorry about the delay right now it looks like. I’ve tried multiple configs so this one is more or less a start over of where I was originally. So not much has changed currently.
port=0 log-dhcp tftp-root=/tftpboot dhcp-option=17,/images #Removed dhcp-option=vendor:PXEClient,6,2b dhcp-no-override #removed dhcp-vendorclass=BIOS,PXEClient:Arch:00006 dhcp-vendorclass=UEFI,PXEClient:Arch:00007 dhcp-boot-UEFI,ipxe.0 pxe-prompt="Press F8 for boot menu", 3 pxe-service=X86PC, "Boot from network", undionly #removed local boot its un-needed dhcp-range=192.168.1.2,proxy
@Killklli Wait… what does the ltsp.conf file look like right now?
can you add comments so we know what you’ve done?
@Killklli In the mean time, the link I gave you about BIOS UEFI coexistence gives step-by-step instructions for Server 2012 and later.
You could pass that link off to your network guys and just respectfully ask that they look at this.
NOTE: that the method described there won’t work for server 2008 and lower.
@Wayne-Workman Turns out it was an issue with having both the Legacy vendor and the UEFI vendor listed. Its at least seeing the server now but now I dive into the hole of “Failed Secure Boot Verification”
Scratch that. Still hates me. It was an issue with a VM. It is downloading now though.
I had an extra DHCP option still on. Still not downloading. But If I go back to legacy mode those options work.