Serve different types of .efi boot files
-
@Wayne-Workman said in Serve different types of .efi boot files:
Well that would be amazing. We should work on using that for ISC-DHCP too.
It would be wonderful if all hardware manufacturers did this too. But as with the Lenovo the OP has, its all zeros. As long as that is model unique then we can work with it, but I suspect all lenovos have that set to zero.
From what I understand isc-dhcp can do this too like dnsmasq make run time decisions based on what client advertises. I just haven’t dug into the isc-dhcp settings as of now to say for absolute.
-
@george1421 According to rfc4578, Option 97 is one of the public DHCP options - meaning vendors can use it for whatever they want, including nothing. https://tools.ietf.org/html/rfc4578
That’s why there isn’t a DHCP option for 97 listed in the ISC-DHCP manual:
https://linux.die.net/man/5/dhcp-options -
@Wayne-Workman I see. Well is there another way to call up a specific .efi file using dnsmasq?
-
@dureal99d For dnsmasq, George is the guy to ask. He’s laid out several matching techniques. If option 60 sent from the host doesn’t have something unique appended to the end of it, you’re probably out of luck - unless you want to do it the insane-hard way and use MAC address matching.
-
@Wayne-Workman said in Serve different types of .efi boot files:
you’re probably out of
I don’t mind using mac address matching. or rather learning it and then using when needed.
-
@dureal99d well then you know the basics then you probably want to look into this filter
dhcp-mac=set:mac_01,<mac_to_match>
so then you will need a dhcp-boot with the conditional test for mac_01 and the name of the boot file you want to send.
-
@dureal99d I’ve been on dnsmasq’s mailing list for about a year now. Simon Kelly - creator and maintainer of dnsmasq - sends out an email with answers to questions about every day or every other day. You can get on this mailing list, and you can email him questions like I have, and he’ll respond. As with anything, include as many details as possible. The link to the mailing list and such is below.
-
@dureal99d Just found this in Simon’s archive:
https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg00895.html
-
@Wayne-Workman @george1421
based upon what i read this config should work right?# Don't function as a DNS server: port=0 # Log lots of extra information about DHCP transactions. log-dhcp # Set the root directory for files available via FTP. tftp-root=/tftpboot # Disable re-use of the DHCP servername and filename fields as extra # option space. That's to avoid confusing some old or broken DHCP clients. dhcp-no-override # inspect the vendor class string and match the text to set the tag dhcp-vendorclass=BIOS,PXEClient:Arch:00000 dhcp-vendorclass=IA32_UEFI,PXEClient:Arch:00006 dhcp-vendorclass=BC_UEFI,PXEClient:Arch:00007 dhcp-vendorclass=X86-64_EFI,PXEClient:Arch:00009 #UUID for a asus r503u I tested (this info was gleaned from the dnsmasq log file that recorded # a pxe boot session of this target computer dhcp-mac=r503u,50:46:5d:98:6f:3c # The default boot filename, Server name, Server Ip Address dhcp-boot=undionly.kpxe,,192.168.1.109 # Set the boot file name based on the matching tag from the vendor class (above) dhcp-boot=net:IA32_UEFI,i386-efi/ipxe.efi,,192.168.1.109 dhcp-boot=net:BC_UEFI,ipxe.efi,,192.168.1.109 dhcp-boot=net:X86-64_EFI,ipxe.efi,,192.168.1.109 dhcp-boot=net:r503u,intel7156.efi,,192.68.1.109 # Our test to ensure both the BC_UEFI and r503u tags are set. dhcp-boot=tag:BC_UEFI,tag:r503u, intel7156.efi, 192.168.1.109, 192.168.1.109 # PXE menu. The first part is the text displayed to the user. The second is the timeout, in seconds. pxe-prompt="Booting FOG Client", 3 # The known types are x86PC, PC98, IA64_EFI, Alpha, Arc_x86, # Intel_Lean_Client, IA32_EFI, ARM_EFI, BC_EFI, Xscale_EFI and X86-64_EFI # This option is first and will be the default if there is no input from the user. # PXEClient:Arch:00000 pxe-service=X86PC, "Boot BIOS PXE", undionly.kpxe # PXEClient:Arch:00007 pxe-service=BC_EFI, "Boot UEFI PXE-BC", ipxe.efi # PXEClient:Arch:00009 pxe-service=X86-64_EFI, "Boot UEFI PXE-64", ipxe.efi dhcp-range=192.168.1.109,proxy
this config should work right?
-
You’ve tagged a specific MAC as Simon did in his answer, then later assigned that tag a specific file. Looks good to me.
-
@Wayne-Workman said in Serve different types of .efi boot files:
You’ve tagged a specific MAC as Simon did in his answer
yet the file I’m telling it to send is not being sent, something is off.
-
@Wayne-Workman @george1421 has this line as
dhcp-mac=set:mac_01,<mac_to_match>
perhaps i need to add the =set part. i only took it away because of what simon says in his article -
@dureal99d Try it. Nothing to loose if it doesn’t work.
-
@Wayne-Workman @george1421
it still wants to send the ipxe.efi file and i don’t know whyOct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 822119114 available DHCP subnet: 192.168.1.109/255.255.255.0 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 822119114 vendor class: PXEClient:Arch:00007:UNDI:003016 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 available DHCP subnet: 192.168.1.109/255.255.255.0 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 vendor class: PXEClient:Arch:00007:UNDI:003016 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 PXE(enp8s0) 50:46:5d:98:6f:3c proxy Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 tags: BC_UEFI, r503u, enp8s0 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 bootfile name: ipxe.efi Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 server name: 192.168.1.109 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 next server: 192.168.1.109 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 sent size: 1 option: 53 message-type 5 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 sent size: 4 option: 54 server-identifier 192.168.1.109 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 sent size: 9 option: 60 vendor-class 50:58:45:43:6c:69:65:6e:74 Oct 12 22:39:00 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1283]: 1735601825 sent size: 17 option: 97 client-machine-id ```
-
@dureal99d I would say this line is important
dnsmasq-dhcp[1283]: 1735601825 tags: BC_UEFI, r503u, enp8s0
This tells me that you have the match mac address right because there is the r503u tag. To prove it change the mac address slightly and than pxe boot again. That tag should disappear. (Don’t forget to change it back because this part IS working)
So the dhcp-boot section is failing to match for us. This is just me guessing but change
#this line dhcp-boot=net:r503u,intel7156.efi,,192.68.1.109 #to this dhcp-boot=tag:r503u,intel7156.efi,,192.68.1.109
-
@george1421 wanna see somthing strange?
when i try to boot in bios mode it gives the intel7156.efi file question is why?
00:11:00:00:00:00:00:00:00:00:00:50:46:5d... Oct 13 10:06:41 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 sent size: 52 option: 43 vendor-encap 06:01:03:08:07:80:00:01:c0:a8:01:6d:09:10... Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 available DHCP subnet: 192.168.1.109/255.255.255.0 Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 vendor class: PXEClient:Arch:00000:UNDI:002001 Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 user class: iPXE Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 PXE(enp8s0) 50:46:5d:98:6f:3c proxy Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 tags: BIOS, r503u, enp8s0 Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 bootfile name: intel7156.efi Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 next server: 192.68.1.109 Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 broadcast response Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 sent size: 1 option: 53 message-type 2 Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 sent size: 4 option: 54 server-identifier 192.168.1.109 Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 sent size: 9 option: 60 vendor-class 50:58:45:43:6c:69:65:6e:74 Oct 13 10:06:42 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 623212382 sent size: 17 option: 97 client-machine-id```
-
@george1421 yet when i boot in eufi mode i get the same ipxe.efi
00:11:00:00:00:00:00:00:00:00:00:50:46:5d... Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 830465094 available DHCP subnet: 192.168.1.109/255.255.255.0 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 830465094 vendor class: PXEClient:Arch:00007:UNDI:003016 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 available DHCP subnet: 192.168.1.109/255.255.255.0 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 vendor class: PXEClient:Arch:00007:UNDI:003016 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 PXE(enp8s0) 50:46:5d:98:6f:3c proxy Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 tags: BC_UEFI, r503u, enp8s0 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 bootfile name: ipxe.efi Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 server name: 192.168.1.109 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 next server: 192.168.1.109 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 sent size: 1 option: 53 message-type 5 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 sent size: 4 option: 54 server-identifier 192.168.1.109 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 sent size: 9 option: 60 vendor-class 50:58:45:43:6c:69:65:6e:74 Oct 13 10:08:40 dureal99d-Precision-WorkStation-T5400 dnsmasq-dhcp[1309]: 203324585 sent size: 17 option: 97 client-machine-id```
-
@george1421 here is my config as it exist now. i know ive got something messed up somewhere
# Don't function as a DNS server: port=0 # Log lots of extra information about DHCP transactions. log-dhcp # Set the root directory for files available via FTP. tftp-root=/tftpboot # Disable re-use of the DHCP servername and filename fields as extra # option space. That's to avoid confusing some old or broken DHCP clients. dhcp-no-override # inspect the vendor class string and match the text to set the tag dhcp-vendorclass=BIOS,PXEClient:Arch:00000 dhcp-vendorclass=IA32_UEFI,PXEClient:Arch:00006 dhcp-vendorclass=BC_UEFI,PXEClient:Arch:00007 dhcp-vendorclass=X86-64_EFI,PXEClient:Arch:00009 #UUID for a asus r503u I tested (this info was gleaned from the dnsmasq log file that recorded # a pxe boot session of this target computer dhcp-mac=set:r503u,50:46:5d:98:6f:3c # The default boot filename, Server name, Server Ip Address dhcp-boot=undionly.kpxe,,192.168.1.109 # Set the boot file name based on the matching tag from the vendor class (above) dhcp-boot=net:IA32_UEFI,i386-efi/ipxe.efi,,192.168.1.109 dhcp-boot=net:BC_UEFI,ipxe.efi,,192.168.1.109 dhcp-boot=net:X86-64_EFI,ipxe.efi,,192.168.1.109 dhcp-boot=tag:r503u,intel7156.efi,,192.68.1.109 # Our test to ensure both the BC_UEFI and r503u tags are set. dhcp-boot=tag:BC_UEFI,tag:r503u, intel7156.efi, 192.168.1.109, 192.168.1.109 # PXE menu. The first part is the text displayed to the user. The second is the timeout, in seconds. pxe-prompt="Booting FOG Client", 3 # The known types are x86PC, PC98, IA64_EFI, Alpha, Arc_x86, # Intel_Lean_Client, IA32_EFI, ARM_EFI, BC_EFI, Xscale_EFI and X86-64_EFI # This option is first and will be the default if there is no input from the user. # PXEClient:Arch:00000 pxe-service=X86PC, "Boot BIOS PXE", undionly.kpxe # PXEClient:Arch:00007 pxe-service=BC_EFI, "Boot UEFI PXE-BC", ipxe.efi # PXEClient:Arch:00009 pxe-service=X86-64_EFI, "Boot UEFI PXE-64", ipxe.efi dhcp-range=192.168.1.109,proxy```
-
@dureal99d I think I can explain this (understand I’m still learning dnsmasq’s insides too.).
dhcp-mac=set:r503u,50:46:5d:98:6f:3c dhcp-boot=net:IA32_UEFI,i386-efi/ipxe.efi,,192.168.1.109 dhcp-boot=net:BC_UEFI,ipxe.efi,,192.168.1.109 dhcp-boot=net:X86-64_EFI,ipxe.efi,,192.168.1.109 dhcp-boot=tag:r503u,intel7156.efi,,192.68.1.109
We had a discussion when we were setting up the initial test. if you look at the tag:r503u line. What is matching there?? Look its the mac address so the only condition you have is that the mac address has to be X. So every time dnsmasq see mac address X it will send out intel7156.efi.
Now why in efi mode?? This one has me a bit stumped. Logic would say first match wins, in that case this line would be the first match.
dhcp-boot=net:BC_UEFI,ipxe.efi,,192.168.1.109
So that would explain why ipxe.efi is being sent because the only test here is it be in efi mode.
But in my testing I was seeing that the last match was winning. So if that thought is true. This one should be the winning line.dhcp-boot=tag:r503u,intel7156.efi,,192.68.1.109
-
@george1421 said in Serve different types of .efi boot files:
dhcp-boot=tag:r503u,intel7156.efi,192.68.1.109
You might want to update that line to something like this
dhcp-boot=tag:BC_UEFI,tag:r503u,intel7156.efi,,192.68.1.109
That will create an AND condition. So it has to be in uefi mode AND the mac address has to match.