Dnsmasq proxy booting with UEFI



  • After doing some digging I have still yet to find a way to set up proxy booting with UEFI. I have proxy booting working perfectly fine in legacy mode but I need the UEFI version for image related reasons. Is there a proper way or a thing I am missing to set proxy UEFI up? I’m trying to get this deployed sooner rather than later. (Besides that its the first time I have used this product and I love it compared to others!)


  • Developer

    @Killklli Are you still working on this? I have done a lot of testing and I am pretty sure that dnsmasq is not able to boot most UEFI devices as it uses DHCP option 43 which they don’t like (see here: https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg09233.html). I am working on a node.js proxy DHCP to support BIOS/UEFI and Mac OS X. But will be still a while I suppose - BIOS works pretty good and UEFI is not far either but the code is still a big mess.

    Follow this thread: https://forums.fogproject.org/topic/5870/dhcp-proxy-for-fog


  • Moderator

    @Killklli Another thing I learned last night about dnsmasq

    is…

    You can only have one config file in /etc/dnsmasq.d/ and the names of the files in there do not matter - the daemon will read all of them and use them as config files if it can.

    because the configuration file here: /etc/dnsmasq.conf does not specify a name, it just specifies a directory to look in.

    So if you have a backup config file inside of /etc/dnsmasq.d/ you have to move that file elsewhere because it will interfere with dnsmasq.



  • @Wayne-Workman Just for when you get back to this. It still didn’t work. Still getting PXE-E18: Server Response Timeout for UEFI machines. But Legacy Works.


  • Moderator

    @Killklli try this - beyond this, I need some shut eye and I need to bring home my work laptop which is UEFI capable.

    log-dhcp
    tftp-root=/tftpboot
    dhcp-boot=undionly.0,10.0.0.3,10.0.0.3
    dhcp-option=17,/images
    dhcp-option=vendor:PXEClient,6,2b
    dhcp-no-override
    pxe-prompt="Press F8 for boot menu", 3
    pxe-service=X86PC, “Network Boot using undionly.0”, undionly
    pxe-service=X86-64_EFI, "Network boot using ipxe.0", ipxe
    dhcp-range=10.0.0.3,proxy
    
    
    #for pxe-service=    the known types are below.
    #x86PC, PC98, IA64_EFI, Alpha, Arc_x86, Intel_Lean_Client, IA32_EFI, BC_EFI, Xscale_EFI and X86-64_EFI
    


  • @Wayne-Workman I’m still confused that for whatever reason I’m not even seeing the UEFI boot grabbing IP’s. I just get a server timeout.


  • Moderator

    @Killklli Try this, I just confirmed it works with LEGACY, have a great feeling about UEFI also.

    @Developers @Moderators Just making sure you guys see this.

    #port=0
    log-dhcp
    tftp-root=/tftpboot
    dhcp-option=17,/images
    dhcp-no-override
    
    #Here, I define netboot types
    dhcp-vendorclass=BIOS,PXEClient:Arch:00006
    dhcp-vendorclass=UEFI,PXEClient:Arch:00007
    
    #Set bootfile names depending on the client vendor identifier
    dhcp-boot=net:BIOS,192.168.1.2,undionly.0
    dhcp-boot=net:UEFI,192.168.1.2,ipxe.0
    
    pxe-prompt="Press F8 for boot menu", 3
    pxe-service=X86PC, “BIOS and LEGACY Network Boot”, BIOS
    pxe-service=X86PC, “UEFI Network Boot”, UEFI
    dhcp-range=192.168.1.2,proxy
    

  • Moderator

    @Killklli I just tested on my system - all I had was failure with using symbolic links.

    So - lets get rid of those and just use copies:

    rm -f /tftpboot/undionly.kkpxe.0
    rm -f /tftpboot/undionly.0
    rm -f /tftpboot/ipxe.efi.0
    rm -f /tftpboot/ipxe.0
    cp /tftpboot/undionly.kkpxe /tftpboot/undionly.0
    cp /tftpboot/ipxe.efi /tftpboot/ipxe.0
    

    Please stand by, I’m testing the code I gave you (it’s been a long day).



  • @Wayne-Workman Hmmmm. UEFI still isn’t grabbing. But Legacy still is.


  • Moderator

    @need2 @Tom-Elliott well that complicates things… why did it work for me then? gah. I really need to sit down and tackle this.

    @Killklli Run the below commands and then try the attached script.

    ln -s /tftpboot/ipxe.efi /tftpboot/ipxe.efi.0
    ln -s /tftpboot/ipxe.efi /tftpboot/ipxe.0
    ln -s /tftpboot/undionly.kpxe /tftpboot/undionly.kpxe.0
    ln -s /tftpboot/undionly.kpxe /tftpboot/undionly.0
    
    port=0
    log-dhcp
    tftp-root=/tftpboot
    dhcp-option=17,/images
    dhcp-no-override
    
    
    #this line is suspicious to me. What the heck does 6,2b mean ?
    dhcp-option=vendor:PXEClient,6,2b
    
    #Here, I define netboot types
    dhcp-vendorclass=BIOS,PXEClient:Arch:00006
    dhcp-vendorclass=UEFI,PXEClient:Arch:00007
    
    #Set bootfile names depending on the client vendor identifier
    dhcp-boot=BIOS,undionly.kpxe
    dhcp-boot=UEFI,ipxe.efi
    
    pxe-prompt="Press F8 for boot menu", 3
    pxe-service=X86PC, “BIOS and LEGACY Network Boot”, undionly
    pxe-service=X86PC, “UEFI Network Boot”, ipxe
    dhcp-range=x.x.x.x,proxy
    

  • Moderator

    This post is deleted!

  • Moderator

    @Tom-Elliott It does. At least it did in my environment when I was fighting with it. Getting close to being able to revisit this subject myself. Expect to be migrating our DHCP servers to WinSrv 2012R2 in the next 30 days.


  • Senior Developer

    @Killklli I’m not 100% sure you need to specify the file as ipxe.0. With Proxy dhcp the .0 extension is automatically appended, and I can’t keep it from appending it. So If my suspicions are correct, it may actually be looking for a file called: ipxe.0.0 as well. I don’t know for sure though.


  • Moderator

    @Killklli you don’t have a copy or a symbolic link of ipxe.efi for ipxe.0

    so lets fix that first:

    ln -s /tftpboot/ipxe.efi /tftpboot/ipxe.0
    
    or
    
    cd /tftpboot
    ln -s ipxe.efi ipxe.0
    

    Then try the scripts I gave you - and play around with them a little.



  • @Wayne-Workman Here’s a screenshot.

    dirlist.png


  • Moderator

    @Killklli and the contents of your tftpboot directory?

    ls -lahRt /tftpboot
    


  • @Wayne-Workman Sorry about the delay right now it looks like. I’ve tried multiple configs so this one is more or less a start over of where I was originally. So not much has changed currently.

    port=0
    log-dhcp
    tftp-root=/tftpboot
    dhcp-option=17,/images
    #Removed dhcp-option=vendor:PXEClient,6,2b
    dhcp-no-override
    #removed dhcp-vendorclass=BIOS,PXEClient:Arch:00006
    dhcp-vendorclass=UEFI,PXEClient:Arch:00007
    dhcp-boot-UEFI,ipxe.0
    pxe-prompt="Press F8 for boot menu", 3
    pxe-service=X86PC, "Boot from network", undionly
    #removed local boot its un-needed
    dhcp-range=192.168.1.2,proxy
    
    

  • Moderator

    @Killklli Wait… what does the ltsp.conf file look like right now?

    can you add comments so we know what you’ve done?


  • Moderator

    @Killklli In the mean time, the link I gave you about BIOS UEFI coexistence gives step-by-step instructions for Server 2012 and later.

    You could pass that link off to your network guys and just respectfully ask that they look at this.

    NOTE: that the method described there won’t work for server 2008 and lower.



  • @Wayne-Workman Turns out it was an issue with having both the Legacy vendor and the UEFI vendor listed. Its at least seeing the server now but now I dive into the hole of “Failed Secure Boot Verification”

    -EDIT-
    Scratch that. Still hates me. It was an issue with a VM. It is downloading now though.

    –Edit Edit–
    I had an extra DHCP option still on. Still not downloading. But If I go back to legacy mode those options work.


Log in to reply
 

429
Online

39.3k
Users

11.0k
Topics

104.4k
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.