• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Mac Netbooting

    Scheduled Pinned Locked Moved Feature Request
    16 Posts 5 Posters 8.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sebastian Roth Moderator
      last edited by

      Hope I am not getting this wrong too. šŸ˜‰

      From my point of view we already have Mac Netbooting support documented here: https://wiki.fogproject.org/wiki/index.php?title=FOG_on_a_MAC

      I have been testing and updating this in the last days. Hope this is a good way to help Mac users. Thanks for the links! I will checkout NetSUS and the script to see if this is a better way of doing it. What do you think?

      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

      1 Reply Last reply Reply Quote 0
      • Q
        Quantum
        last edited by Quantum

        @Uncle-Frank Your correct, and I believe you are close if not entirely there. I just looked over the ā€œfancyā€ DHCP config snippet you have posted on the the wiki link you posted and compared it to JAMF’s (https://github.com/jamf/NetSUS/blob/master/NetBoot/var/appliance/conf/dhcpd.conf) and there are some small differences, mostly in the lower half. I don’t know how significant they are.

        Is this included in Fog’s default config, or is it something that admins have to add themselves later? Somehow the NetSUS worked with that DHCP config (modified slightly through the web gui - IP address and .nbi path). All we needed to do was add it to the ip-helpers in our switches and it would hand out the NetBoot info, but not address. They did use a patched dhcpd though, so that could be part of it?? Also, does this show up in OS X’s System Preferences -> Startup Disk? I thought that needed a properly formed .nbi folder, but that may just be on OS X Server?

        1 Reply Last reply Reply Quote 0
        • S
          Sebastian Roth Moderator
          last edited by Sebastian Roth

          Thanks a lot for your answer. I am still in the process of testing and finding out what works and what not. The simple example works on very old Mac OS (Intel) machines but not on the newer ones. Yesterday I compared the config with the one you just posted and found them to be pretty close too. One major difference comes from NetSUS adding netatalk into the equation. I am not sure why we should add this to FOG if it works just as fine without. What do you think?

          Is this included in Fog’s default config, or is it something that admins have to add themselves later?

          As this is still kind of new to FOG we don’t have it included in the installer yet. But this could be done in a second. I just want to get it as prove as possible before we ā€œreleaseā€ it.

          it would hand out the NetBoot info, but not address

          You mean it acted like a proxyDHCP and not a full DHCP? I am asking because I am trying to hunt down everything on proxyDHCP right now as well! šŸ™‚

          Also, does this show up in OS X’s System Preferences -> Startup Disk?

          Got me! I think it does not show up. But I have to re-check. Is it worth to involve netatalk and NBI image stuff just to make it show up in ā€˜Startup Disk’?

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          1 Reply Last reply Reply Quote 0
          • S
            Sebastian Roth Moderator
            last edited by

            Turned out that it does not show up in ā€˜Startup Disk’ only because of a special (random) source port used by Mac OS when sending the DHCPINFORM message - and therefore wants to see the answer going to that port, sure. I got the debian source, applied JAMF’s patch (https://github.com/jamf/NetSUS/blob/master/NetBoot/usr/local/sbin/dhcp-4.2.4-P1_dhcp.c.patch), build a new isc-dhcp-server and *there it is - showing up in ā€˜Startup Disk’.
            Thanks so much for pointing to JAMF’s project. It’s a great resouce! Nevertheless I still doubt that we need netatalk and NBI to make FOG people happy. And I think we’ll have to live without ā€˜Startup Disk’ as well as patching isc-dhcp is not an option I find. I played with a lot of options (local-port, remote-port) but couldn’t make it work with configuration.

            Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

            Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

            1 Reply Last reply Reply Quote 1
            • Q
              Quantum
              last edited by

              @Uncle-Frank I’ve been playing around with a NetSUS VM a bit in the last couple days and soft of figured some stuff out. In a ā€œnormalā€ OS X NetBoot environment, the initial ā€œbooterā€ file is loaded over TFTP, and then that loads the DMG image over HTTP (or optionally NFS on OS X Server). The booted DMG then mounts a temporary home folder for the client on the netboot server using AFP (netatalk).

              Since FOG uses an ipxe.efi at the TFTP stage, the rest become irrelevant because iPXE is going to do it’s own thing. So I actually think you’ve got this pretty much ready to go.

              Also, I haven’t tested this extensively yet, but it appears that if the main DHCP server does NOT have the options set for PXE booting, and a second DHCP server (ISC-DHCP in this case) with the PXE options set globally with a simple

              subnet 172.20.1.0 netmask 255.255.255.0 {
              	allow unknown-clients;
              }
              

              to allow subnets - both servers added to ip helper-address list, the PXE client will pull the proper boot information. Got the idea from looking at the NetSUS’s DHCP config file and a number of references on Microsoft centered forums for using SCCM over VLANs - ip helpers is the only officially supported method. DHCP options work, but are not supported by Microsoft.

              1 Reply Last reply Reply Quote 0
              • S
                Sebastian Roth Moderator
                last edited by Sebastian Roth

                @Quantum said:

                … GitHub page there is a mac-boot repository …

                Somehow I came back to think about your initial question and wondered if someone is still working on this (https://github.com/FOGProject/mac-boot)? Maybe @Tom-S ?? Is someone in contact with him?

                @Quantum Thanks a lot for your hint on DHCP. I am not sure if I get this right. To me it sounds like you can make ISC-DHCP a proxy DHCP server (only serving PXE options but no addresses) with this configuration. I would be amazed if this is working. Didn’t have the time to try yet. Have you?

                Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                1 Reply Last reply Reply Quote 0
                • S
                  Sebastian Roth Moderator
                  last edited by

                  @Quantum Thanks again for bringing SCCM, VLAN and ip-helpers up. I did not know about this possibility where the client will contact the boot server(s) after retrieving an IP address (quite often using broadcast). I thought this is only done by Mac OS X (called BSDP).

                  I tried to get this working in my lab but I couldn’t! I always see the following messages in syslog which means that isc-dhcp-server does not respond at all (checked with tcpdump) because it doesn’t want to without being able to offer a lease:

                  DHCPDISCOVER from ... no free leases
                  DHCPREQUEST for ... unknown lease x.x.x.x.
                  

                  So I really wonder if anyone has got this working with ISC dhcpd and not range statement in the config.

                  Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                  Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                  1 Reply Last reply Reply Quote 0
                  • G
                    Gilou
                    last edited by

                    Hi,

                    This is really interesting, but annoying. I haven’t read all about NetSUS & stuff like that, but if I understand properly, for now, you need to patch ISC’s DHCP server to get to ā€œproperlyā€ boot a mac from PXE?

                    I have tried that a lot, with former wiki entries & dark information about how it works, but it usually didn’t work on ALL the mac we have. If we could get the mac to netboot on ipxe, a great deal would be done already. Now to make sure the fog linux client boots on mac… but ipxe would already be quite good. I’ll read about that šŸ˜‰

                    (Sorry if I’m late in that, I’m trying to keep up with all that is happening with FOG lately… And it’s not easy.)

                    Wayne WorkmanW 1 Reply Last reply Reply Quote 0
                    • Wayne WorkmanW
                      Wayne Workman @Gilou
                      last edited by

                      @Gilou said:

                      if I’m late in that, I’m trying to keep up with all that is happening with FOG lately… And it’s not easy

                      I’m now of the opinion that the standard DHCP Option 067 should simply be set to ipxe.efi, and then create policies/classes for all the other stuff.

                      Macs have way too many vendor class identifiers to even attempt to create a dhcp filter for each one.

                      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
                      Daily Clean Installation Results:
                      https://fogtesting.fogproject.us/
                      FOG Reporting:
                      https://fog-external-reporting-results.fogproject.us/

                      1 Reply Last reply Reply Quote 0
                      • S
                        Sebastian Roth Moderator
                        last edited by Sebastian Roth

                        @Gilou Which Mac clients and OS version do you have (exact model or even better serial number)? The mentioned patch is only needed if you want to be able to select netbooting via the ā€œStartup diskā€ GUI dialog within Mac OS X. But that is only one way of doing it. There are others too - like ā€˜n’ key while booting or the bless command…

                        Please read through the wiki article. You should be able to boot iPXE on different Mac clients using the config code snippets in section ā€˜architecture’ and combine this with the section ā€˜fancy’ for newer clients. This article is work in progress and I am still not sure about ā€œthe best wayā€ to make it work for everyone. Take a look: https://wiki.fogproject.org/wiki/index.php?title=FOG_on_a_MAC

                        I am more than happy to update the article if you don’t know how to combine the code snippets. Just let me know.

                        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                        1 Reply Last reply Reply Quote 0
                        • G
                          Gilou
                          last edited by

                          Hi Wayne & Frank,

                          I have read extensively through all the information I could get at the time I investigated that (like 2 years ago), we have macminis, 2011 & 2012. And I never could get them to properly boot on the network, so what I did was to live boot a Ubuntu image on the mac, and ā€œfogā€ myself (well, that is why I helped have partclone replace partimage in fog, because partimage couldn’t handle hfs).

                          Now I see you updated the wiki from what I remembered, as I was doing all that in the ā€œpre ipxeā€ era. So I might give it a try next week… Thanks for the updates, I’ll let you know if that helps.

                          Cheers,
                          Gilles

                          1 Reply Last reply Reply Quote 1
                          • 1 / 1
                          • First post
                            Last post

                          155

                          Online

                          12.3k

                          Users

                          17.4k

                          Topics

                          155.8k

                          Posts
                          Copyright Ā© 2012-2025 FOG Project