Serve different types of .efi boot files
-
@george1421 tcdump here of another machine Asus R503U
-
@dureal99d well on the first one I didn’t see any systems that transmitted their uuid in dhcp option 97. That sux a bit.
You might also want to learn about capture filters in wireshark. They are similar to the capture filters for tcpdump.
‘udp.port == 67 or udp.port == 68 or udp.port == 69 or udp.port == 4011’ this one is equiv to the tcpdump one we were using. Let me look at the ASUS computer.
-
@george1421 said in Serve different types of .efi boot files:
might also want to learn about capture filters in wireshark
for asus 00000011-0000-0000-0000-50465d986f3c / udp.port == 68
-
@dureal99d The asus one has something we can work with. That dhcp option 97 is ‘00000011-0000-0000-0000-50465d986f3c’
I can tell you if you boot this computer in bios mode (just for this test) you will probably see this listed on the initial pxe boot screen as GUID.
This number should also be visible in the /var/log/syslog or where ever dnsmasq is writing its log. In my testing the value from wireshark did not match up exactly with what was found in the dnsmasq log. You need the value that looks similar from the dnsmasq log. But with that information we can take the next step to create a match test.
-
@dureal99d said in Serve different types of .efi boot files:
@george1421 said in Serve different types of .efi boot files:
might also want to learn about capture filters in wireshark
for asus 00000011-0000-0000-0000-50465d986f3c / udp.port == 68
Bonus points for you!!
-
-
@dureal99d Which computer needs the special kernel the ASUS or Lenovo?
-
@george1421 they both like that intel1756.efi kernel
-
@dureal99d Like it enough to make that your default kernel and then the ones that don’t like it you make exceptions for? Use the 80/20 rule what do you have the most of on your campus and then make that your default kernel and the others be the exception.
-
@george1421 I have a lot of mixed clients, a good amount don’t mind the standard ipxe.efi. some are just a bit more diva like these 2
-
@george1421 this is what i see
00:11:00:00:00:00:00:00:00:00:00:50:46:5d...
-
@george1421 the entire readout
Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 available DHCP subnet: 192.168.1.109/255.255.255.0 Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 vendor class: PXEClient:Arch:00007:UNDI:003016 Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 PXE(enp8s0) 50:46:5d:98:6f:3c proxy Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 tags: BC_UEFI, enp8s0 Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 next server: 192.168.1.109 Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 broadcast response Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 sent size: 1 option: 53 message-type 2 Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 sent size: 4 option: 54 server-identifier 192.168.1.109 Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 sent size: 9 option: 60 vendor-class 50:58:45:43:6c:69:65:6e:74 Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 sent size: 17 option: 97 client-machine-id 00:11:00:00:00:00:00:00:00:00:00:50:46:5d...```
-
@dureal99d said in Serve different types of .efi boot files:
Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 vendor class: PXEClient:Arch:00007:UNDI:003016
That is what I see:
-
@dureal99d Ok that is a bit what I saw when I was working on the tutorial at home. There has to be an easier way, I just haven’t learned it yet.
But here is what I did, I mashed the two values together.
# From wireshark. 00000011-0000-0000-0000-50465d986f3c # Translated into 2 nibble hex numbers 00:00:00:11:00:00:00:00:00:00:50:46:5d:98:6f:3c # From dnsmasq log 00:11:00:00:00:00:00:00:00:00:00:50:46:5d... #Side by side aligned 00:00:00:11:00:00:00:00:00:00:50:46:5d:98:6f:3c 00:11:00:00:00:00:00:00:00:00:00:50:46:5d... #Missing bits filled into the dnsmasq one 00:11:00:00:00:00:00:00:00:00:00:50:46:5d:98:6f:3c
End results to create the unique uuid for this asus computer. 00:11:00:00:00:00:00:00:00:00:00:50:46:5d:98:6f:3c
So now we need to make one of those magical dnsmasq filters that will identify this computer for us.
Edit (duh, I just realized that the 50:46:5d:98:6f:3c of that uuid is the mac address of that computer. That won’t do for us exactly. but we are close)
-
@george1421 I see
-
@dureal99d This one may be harder than with the Dell computers I’ve tested on. The uuid is actually made up of two parts the IAID which should indicate the model and DUID which should should be device specific. In this case the model identifier is ‘00:11:00:00:00:00:00:00:00’ We can filter on that, but it doesn’t look too unique.
-
@Tom-Elliott said in Serve different types of .efi boot files:
Oct 12 12:59:32 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1280]: 3272245650 vendor class: PXEClient:Arch:00007:UNDI:003016
That is what I see:
Not ignoring you on this. The vendor class (option 60) doesn’t have anything that is unique to describe this machine. While the arch does tell you if it is a uefi or bios machine that is all that can be gleaned from that option. The UNDI part is only what version of UNDI the client supports. The Dell 6230 I had also had a undi value of 003 016 and that one used ipxe.efi or snp.efi for a uefi boot.
The UUID (option 97) is suppose to be unique on a model (first half of uuid) and device (second half of uuid). on a per machine basis. My hope is that we can use the uuid for this. The only other thing that is unique in the dhcp request is the mac address, but then you will need a match filter for every mac address you want a unique iPXE boot kernel for. That (IMO) is not very sustainable if you have more than about 20 devices on your campus.
-
@george1421 said in Serve different types of .efi boot files:
The
I don’t mind adding mac addresses. I tried to use the uuid number you generated and perhaps I did it wrong. but here is my file now.
# Don't function as a DNS server: port=0 # Log lots of extra information about DHCP transactions. log-dhcp # Set the root directory for files available via FTP. tftp-root=/tftpboot # Disable re-use of the DHCP servername and filename fields as extra # option space. That's to avoid confusing some old or broken DHCP clients. dhcp-no-override # inspect the vendor class string and match the text to set the tag dhcp-vendorclass=BIOS,PXEClient:Arch:00000 dhcp-vendorclass=IA32_UEFI,PXEClient:Arch:00006 dhcp-vendorclass=BC_UEFI,PXEClient:Arch:00007 dhcp-vendorclass=X86-64_EFI,PXEClient:Arch:00009 #UUID for a asus r503u I tested (this info was gleaned from the dnsmasq log file that recorded # a pxe boot session of this target computer dhcp-match=set:r503u,97,00:11:00:00:00:00:00:00:00:00:00:50:46:5d:98:6f:3c # The default boot filename, Server name, Server Ip Address dhcp-boot=undionly.kpxe,,192.168.1.109 # Set the boot file name based on the matching tag from the vendor class (above) dhcp-boot=net:IA32_UEFI,i386-efi/ipxe.efi,,192.168.1.109 dhcp-boot=net:BC_UEFI,ipxe.efi,,192.168.1.109 dhcp-boot=net:X86-64_EFI,ipxe.efi,,192.168.1.109 # Our test to ensure both the BC_UEFI and r503u tags are set. dhcp-boot=tag:BC_UEFI,tag:r503u,intel7156.efi,192.168.1.109,192.168.1.109 # PXE menu. The first part is the text displayed to the user. The second is the timeout, in seconds. pxe-prompt="Booting FOG Client", 3 # The known types are x86PC, PC98, IA64_EFI, Alpha, Arc_x86, # Intel_Lean_Client, IA32_EFI, ARM_EFI, BC_EFI, Xscale_EFI and X86-64_EFI # This option is first and will be the default if there is no input from the user. # PXEClient:Arch:00000 pxe-service=X86PC, "Boot BIOS PXE", undionly.kpxe # PXEClient:Arch:00007 pxe-service=BC_EFI, "Boot UEFI PXE-BC", ipxe.efi # PXEClient:Arch:00009 pxe-service=X86-64_EFI, "Boot UEFI PXE-64", ipxe.efi dhcp-range=192.168.1.109,proxy```
-
@george1421 said in Serve different types of .efi boot files:
The UUID (option 97) is suppose to be unique on a model (first half of uuid) and device (second half of uuid). on a per machine basis. My hope is that we can use the uuid for this.
Well that would be amazing. We should work on using that for ISC-DHCP too.
-
@Wayne-Workman said in Serve different types of .efi boot files:
Well that would be amazing. We should work on using that for ISC-DHCP too.
It would be wonderful if all hardware manufacturers did this too. But as with the Lenovo the OP has, its all zeros. As long as that is model unique then we can work with it, but I suspect all lenovos have that set to zero.
From what I understand isc-dhcp can do this too like dnsmasq make run time decisions based on what client advertises. I just haven’t dug into the isc-dhcp settings as of now to say for absolute.