[ipxe-devel] Non-embedded IP Configuration

Sat Feb 2 15:29:52 UTC 2019

On Fri, Feb 1, 2019 at 11:23 PM Matthew Walster <matthew at walster.org> wrote:
>
> I have a scenario where iPXE would be perfect for loading / upgrading the operating system on remotely deployed hardware, but I've come across a hurdle regarding the lack of DHCP at the remote site, and I was wondering if anyone else has solved this in an interesting way?
>
> You can embed a boot script into the iPXE binary which contains static networking information, but I don't want to have to compile a huge number of binaries -- I'd like to just have one and it references something specific on that machine.
>
> For instance, maybe it's stored in an EFI system partition, or read from a small USB attached storage (FAT formatted like UEFI maybe) or a config register somewhere, so that next time the system boots, it can reference that variable and use those settings within a boot script. Perhaps it is asking too much, but being able to load a client certificate from such a device (or, heaven forbid, TPM authentication support) would reduce the need to replace the ipxe binary from a central source and risk corruption during install.
>
> It would be great if it was possible to even write to that location as well from iPXE, so that if booting failed to get an IP connection, it could offer a user a prompt to configure new interface configuration which would then be saved. The booted Operating System could also make changes to that location if the IP configuration is changed for the next boot. I realise that's a big ask.
>
> Has anyone come across that before, or are the options pretty much DHCP or static embedded?

So, asking the dumb question, if you are not chainloading from PXE
using DHCP, what are you booting iPXE from ? a USB stick ? physical
optical media? virtual ISO ? burnt into ROM ?

If there is no DHCP  and your booting from USB/Optical (physical or
virtual),  then if you are only doing one machine at a time, then you
only need a single USB stick/ISO with a single address (unused
elsewhere) embedded. and script to connect to whatever you are using
to host your iPXE scripts, and then determine what needs to be run in
the usual manner.

If there is DHCP at the site but no possibility of adding the required
options to chainload DHCP, then it is as above without the requiremnt
for a static address.

If burnt into ROM, then you I would suggest creating a ROM for each
machine with the address and script etc. The ROM creation etc could be
automated from each host from https://rom-o-matic.eu/ or an intermal
similar service (see the rom-o-matic sources
https://github.com/xbgmsharp/ipxe-buildweb/ for a a starting point).

Alternatively, if you control the machines, but not the network, how
about creating a DHCP/PXE server on one or more of the remote hosts ?

Cheers