[ipxe-devel] Non-embedded IP Configuration
brent s.
bts at square-r00t.net
Fri Feb 1 23:57:56 UTC 2019
On 2/1/19 6:23 PM, Matthew Walster wrote:
> I have a scenario where iPXE would be perfect for loading / upgrading
> the operating system on remotely deployed hardware, but I've come across
> a hurdle regarding the lack of DHCP at the remote site, and I was
> wondering if anyone else has solved this in an interesting way?
>
> You can embed a boot script into the iPXE binary which contains static
> networking information, but I don't want to have to compile a huge
> number of binaries -- I'd like to just have one and it references
> something specific on that machine.
>
> For instance, maybe it's stored in an EFI system partition, or read from
> a small USB attached storage (FAT formatted like UEFI maybe) or a config
> register somewhere, so that next time the system boots, it can reference
> that variable and use those settings within a boot script. Perhaps it is
> asking too much, but being able to load a client certificate from such a
> device (or, heaven forbid, TPM authentication support) would reduce the
> need to replace the ipxe binary from a central source and risk
> corruption during install.
>
> It would be great if it was possible to even write to that location as
> well from iPXE, so that if booting failed to get an IP connection, it
> could offer a user a prompt to configure new interface configuration
> which would then be saved. The booted Operating System could also make
> changes to that location if the IP configuration is changed for the next
> boot. I realise that's a big ask.
>
> Has anyone come across that before, or are the options pretty much DHCP
> or static embedded?
>
> Cheers,
>
> M
>
what about IPv6 SLAAC? you could have an IPv6 ULA[] SLAAC that's only
used for iPXE bootstrapping. that'd probably be the easiest way, i'd
wager. just pick a ULA prefix and off you go. throw your provision boxes
on the same prefix. (if you have site-native WAN IPv6 SLAAC with a
proper /64, even better.)
other than that, you can probably chainload[2] an "external" script on
the usb device's root but it might take a little trial and error to find
the exact path.
[0] https://tools.ietf.org/html/rfc4193
[1] https://tools.ietf.org/html/rfc4862
[2] https://ipxe.org/howto/chainloading
--
brent saner
https://square-r00t.net/
GPG info: https://square-r00t.net/gpg-info
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20190201/84faa3af/attachment.sig>
More information about the ipxe-devel
mailing list