[ipxe-devel] iPXE tries to translate a IPv4 address via DNS if I use the https protocol to chainload the boot process

Jens Röwekamp rowekamj at lsbu.ac.uk
Mon Nov 4 04:45:27 UTC 2013

Dear Ladies and Gentleman

if I'm using iPXE chainloaded via http everything works fine.

When I switch from http to https with a self-signed certificate and the EMBED parameter to to include my personal root.ca I get a "Connection timed out (http://ipxe.og/4c116035)" error.

I checked the above given URL and found out that the error somehow is related to DNS. So I build a new ipxe.kpxe with the EMDED and DEBUG=dns:3,https:3 parameters. The additional information I get is "DNS 0xd30d4 sending query ID 1" till "DNS 0xd30d4 sending query ID 5" (see attached PXE-Client-https-error.png).

After that I thought about addressing the chainloading host via a valid local DNS name. So I set up bind and changed the EMBED script. Now the IP address got exactly translated, but still there is the a "Connection timed out (http://ipxe.org/4c0a6035)" error (see attached PXE-Client-https-error-2.png), which is somehow related to the tcp.c file on line 633.

It would be great if you have any advice for me.

If you need further (debug) information please do not hesitate to contact me.

Yours faithfully

Jens Röwekamp.
The LSBU communications disclaimer can be found at http://www.lsbu.ac.uk/ict/legal/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20131104/5b4a6e3a/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PXE-Client-https-error.png
Type: image/png
Size: 12583 bytes
Desc: not available
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20131104/5b4a6e3a/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PXE-Client-https-error-2.png
Type: image/png
Size: 12154 bytes
Desc: not available
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20131104/5b4a6e3a/attachment-0001.png>

More information about the ipxe-devel mailing list