In Fire We Trust

Disclaimer: The techniques described in this document can help you, but they are not boud too. There could be errors, omissions or pure mistakes. Before using the information otlined here please check it. I accept no responsibility for whatsoever real or fictional damage/loss of profit/fallen houses/martians due to use or misuse of the information found here.

History

• 20.03.2007 - Initial version
• 25.03.2007 - English translation

Motivation
About a week ago in Linux-BG appeared a cry for help, for a slightly fcked up windows. The situation was that the MBR of the system was destroyed, and the machine had no CD or floppy, not it could boot from USB. The only variant left was network boot. Well i helped the man because i have the necessary setup. This software combination is usefull in other situations too (mainly if you are lazy) like remote instalations, tests, and some other small stuff.

Our target
To build a server from which we can start an instalation.
We will demonstrate how this can be accomplished with Debian, and for other distros it is almost the same.

Things we need

• Installed and working linux system which we will turn into pxe server
• DHCP server - we will describe here it’s configuration
• TFTP server
• PXELINUX - from the syslinux set of tools
• Internet connectivity or some accessible copy of the needed files
• Will for work and a piece of sane thinking

We assume that you are building this solution in a separated network from your main one. The reasoning behind this is that if you make mistake you can really wreak havoc. I will try to describe the possible problems but one never knows.

Basic theory
Quite a lot of machines can boot from network, either to act as terminals or other reasons. To being able to netboot the network card should support PXE preferably over version 0.91. Although it is possible to achieve it wih lower but it is a lot harder.
The netboot process is quite simple and looks like this:

• The machine starts and initialises its BIOS
• The PXE subsystem of the network card is initialised
• The nic asks for an IP address
• DHCP server responds with ip and additionally offers next server from where to boot (TFTP)
• TFTP server serves to the network stack a small boot мениджър
• We chose an option and boot

For more information:

• http://syslinux.zytor.com/ - the syslinux suite of tools
• PXE
• DHCP at wikipedia
• http://www.dhcp.org/

Configuration of DHCP server
The configurations is not difficult and is documented quite good in sysllinux/pxelinux. All that is needed besides normal dhcp are some additional options which are explained in the sample bellow.

/etc/dhcpd.conf

#
# Sample configuration file for ISC dhcpd for Debian
#
# $Id: dhcpd.conf,v 1.4.2.2 2002/07/10 03:50:33 peloy Exp $
#
 
# or we won't serve ip's
authoritative;
 
# Should we allow bootp
allow bootp;
# Should we serve information for PXE booting
allow booting;
# where to get the boot loader
next-server 10.99.3.1;
# what is the name of the boot loader
filename "pxelinux.0";
 
default-lease-time 14400;
max-lease-time 86400;
 
# normal dhcp config
subnet 10.99.3.0 netmask 255.255.255.0 {
  range 10.99.3.10 10.99.3.200;
  option domain-name-servers 10.99.3.1;
  option domain-name "instalations.network";
  option routers 10.99.3.1;
  option subnet-mask 255.255.255.0;
  option broadcast-address 10.99.3.255;
  option default-ip-ttl 64;
  option default-tcp-ttl 64;
  option time-offset 7200;
  option time-servers 10.99.3.1;
  option ntp-servers 10.99.3.1;
  option netbios-name-servers 10.99.3.1;
  option netbios-node-type 8;
}

If something is unclear take a look at dhcp documentation

Configuring the TFTP server
For tftp server we will use tftp hpa working in daemon mode.
You can install it with (debian)

apt-get install tftpd-hpa

It’s config can be found in /etc/default/tftpd-hpa and is as follows:

# work as a daemon
RUN_DAEMON="yes"
# options are ...
# -l - work in daemon mode
# -v - verbose logging
# -s - work in secured mode by serving files only from this dir
OPTIONS="-l -v -s /tftpboot"

Still don’t start the server. I suggest the ownership of /tftpboot to be root and be accessible only for reading

Setting up PXELINUX
PXELINUX is from the suite called syslinux. You don’t need to install the whole suit as we will be using only pxelinux and maybe memdisk for booting dos …

The configurations is a bit picky but i’ll try to explain it. pxelinux can be configured with a single text file which defines what and with which options to be started. There is also a possibility to serve different configurations for different machines. The documentation though a bit long is verry good and i advise you to at least skim trough it.
Our pxeilinux install will live in /tftpboot and has the following structure:

/tftpboot/
/tftpboot/initrd/
/tftpboot/kernels/
/tftpboot/pxelinux.0
/tftpboot/pxelinux.cfg/
# our configuration
/tftpboot/pxelinux.cfg/default
/tftpboot/texts/

In our case i will demonstrate single default configuration to be served for all machines. For other variants take a look in the documentation. A sample config follows:
/tftpboot/pxelinux.cfg/default

# By default start from local disk
# this is for safety so we won't lose accidentally data
default local
# timeout before booting (5 seconds)
timeout 50
# should we show the prompt
prompt 1
# lets showw some text for info
display texts/menu.txt
 
label local
        localboot 0
 
# a label for the boot option
label deb26n
# our kernel
        kernel kernels/deb-testing-26.kernel
# aditional options
        append initrd=initrd/deb-testing-26.initrd \
           vga=normal \
           ramdisk_size=16384 \
           root=/dev/rd/0 \
           devfs=mount,dall rw
 
label deb26e
        kernel kernels/deb-testing-26.kernel
        append initrd=initrd/deb-testing-26.initrd \
           DEBCONF_PRIORITY=low \
           vga=normal \
           ramdisk_size=16384 \
           root=/dev/rd/0 \
           devfs=mount,dall rw

NOTE: the append append lines are split on couple of lines for readability, but in the real config should be placed on a single line.

The kernel and initrd are taken from debian netboot section. They are used here with small addaptations of the command line.

Conclusion
That sums it all. It is not hard to achieve. A possible problem is if the PXE agent of the nic is a bit oldish and does not want to work with tftp but requires pxe server, but that is solvable easily enough.
For those that are in hurry here is a complete solution. All you need toi have is dhcp and tftp server installed.

Questions, comments, and other stuff in the comments.