spacer

Sysresccd-manual-en PXE network booting

History


Contents

About

The PXE environment allows you to boot a computer with SystemRescueCd even if this computer has no CDRom drive or USB socket. It allows you to boot SystemRescueCd from the network, and then it's faster to troubleshoot computers on your network once a PXE-boot-server is installed. It's also useful if you want to boot a computer that has no optical drive (CD or DVD) or to troubleshoot a remote computer to which you have no physical access to insert the disc. For the moment, SystemRescueCd supports only PXE booting on the x86 architecture (all PC computers: i386 and amd64).

Requirements

  • A computer or a virtual machine that can boot SystemRescueCd from a CD/USB/HDD to act as a PXE server.
  • A client computer with a PXE able network card on the same network
  • SystemRescueCd version 1.4.0 or newer

How the PXE boot process works

The PXE boot server

The PXE boot server is made of three stages:

  • stage1: the DHCP server sends an IP address to the client with extra info such as the address of the TFTP server
  • stage2: the TFTP server sends the first boot files (boot loader + kernel + initram.igz) to the client
  • stage3: the HTTP or TFTP or NFSv3 or NBD server sends the root filesystem image (sysrcd.dat) to the client.

These three parts can be installed either on a single machine or on several computers. SystemRescueCd provides a full PXE-boot-server out of the box that you can run on a single computer. The pxebootsrv service manages these three services for you.

The PXE boot process

You may need to understand what happens when you boot SystemRescueCd from the network. You will need this knowledge for troubleshooting in case of problems. Here are the most important steps of the PXE boot process:

  1. When the client computer tries to boot with PXE, it first emits a DHCP request on the network to get an IP address.
  2. Then a DHCP server replies with a DHCP offer that contains a new IP address that was not already allocated and some specific options (DNS, default route) and the IP address of the TFTP server
  3. The client receives this DHCP offer and accepts it. It connects to the TFTP server (it received its IP address in the previous stage) to get the boot loader files.
  4. The TFTP server sends the boot loader files (pxelinux) and the text files displayed on the screen by pxelinux.
  5. The client displays the pxelinux prompt, and the user can choose the boot options. It then requests from the TFTP server the kernel and initramfs files necessary to boot the system
  6. The TFTP server sends the kernel and initramfs files (rescuecd + rescuecd.igz) to the client
  7. The client boots this kernel and executes the /init scripts that come with the initramfs.
  8. During its initialization the kernel makes a DHCP request again because of the ip=dhcp kernel boot parameters. Indeed the kernel does not know the IP address used by the computer at the pxelinux stage.
  9. The client needs the sysrcd.dat file. If you use HTTP or TFTP for the third stage, then sysrcd.dat will be downloaded into RAM so the client has to have enough memory (estimated requirement: 400MB). If you use either NFSv3 or NBD then you don't have this memory requirement and the client will make permanent requests to the server each time it needs a file from the root filesystem.
  10. The client mounts sysrcd.dat and it can now complete the boot process.
  11. At this stage the client holds all the files in memory, if you used TFTP/HTTP for the third stage, so it does not require a boot server any more. If you are using NFSv3 or NBD, the connection is still required.

The pxebootsrv service

In SystemRescueCd the PXE server setup is done with a single service named pxebootsrv. This service is charged with preparing the server configuration and running the three worker services involved in the PXE boot process. If you run the pxebootsrv with /etc/init.d/pxebootsrv start this service analyses its configuration settings located in /etc/conf.d/pxebootsrv then it prepares the configuration files of the other services and the files in /tftpboot and then it starts these worker services.

The pxebootsrv service was written to make the pxe boot process easier to use. The end user just needs to configure pxebootsrv instead of three separate services. But in case you are not happy with this situation, you are free to configure these services (DHCP + TFTP + HTTP/TFTP/NFSv3/NBD) by hand.

Setup the PXE-boot-server on a typical configuration

About

These sections explain how to setup a SystemRescueCd PXE boot server with all the services running on a single machine. It means that the DHCP server and the TFTP server and the HTTP server run on a single machine of your network. If you want to run these services on separate computers, please read the next section.

Overview

You just have to start a SystemRescueCd from the CD/USB/HDD and configure it to act as a PXE boot server on your local network. HTTP will be used for the third stage. The configuration is very simple, you just have to write your settings in a config file and start the pxebootsrv service and that's it. You can then boot other computers from the network via PXE.

Steps to configure PXE on the server

  • Boot SystemRescueCd from the CD/USB/HDD on a computer (the master)
  • Configure the network settings with ipconfig and route. Here is a typical example:
    • ifconfig eth0 192.168.1.5/24
    • route add default gw 192.168.1.254
  • Edit your pxe/network settings in /etc/conf.d/pxebootsrv
  • Start the service with /etc/init.d/pxebootsrv start. In case of errors, check the /var/log/messages file for more details.
  • This master computer should now be ready to act as a PXE boot server

Here is a copy of a typical /etc/conf.d/pxebootsrv configuration file:

# ------------------------ CONFIGURATION -------------------------------
# By default the current systems act as DHCP and TFTP and HTTP server
# If you want another machine on your network to act as one of those
# you will have to turn the appropriate option to "no"

# Set to "yes" if you want this machine to act as a DHCP server
PXEBOOTSRV_DODHCPD="yes"
# Set to "yes" if you want this machine to act as a TFTP server
PXEBOOTSRV_DOTFTPD="yes"
# Set to "yes" if you want this machine to act as an HTTP server
PXEBOOTSRV_DOHTTPD="yes"

# Here is a typical PXE-Boot configuration --> update with your settings
PXEBOOTSRV_SUBNET="192.168.1.0"
PXEBOOTSRV_NETMASK="255.255.255.0"
PXEBOOTSRV_DEFROUTE="192.168.1.254"
PXEBOOTSRV_DNS="192.168.1.254"
PXEBOOTSRV_DHCPRANGE="192.168.1.100 192.168.1.150"
PXEBOOTSRV_LOCALIP="192.168.1.5"

# Keep these values to $PXEBOOTSRV_LOCALIP if the current computer
# acts as TFTP server and HTTP server as well as DHCP server
PXEBOOTSRV_TFTPSERVER="$PXEBOOTSRV_LOCALIP"       # IP address of the TFTP server
PXEBOOTSRV_HTTPSERVER="http://$PXEBOOTSRV_LOCALIP/sysrcd.dat" # download URL

Setup the PXE-boot-server on a custom configuration

About

In this section you will learn how to install a PXE-boot environment with the three services (DHCP, TFTP, HTTP/TFTP/NFSv4/NBD) running on different machines. Make sure you understand how the PXE boot process works before you install the PXE boot server with a configuration different from the typical case.

Customization of the pxebootsrv service

You may configure the pxebootsrv service to provide only those requirements which you need. For example, if you already have a DHCP server running on your network you may not want to install another DHCP. In that case you can configure SystemRescueCd pxebootsrv to provide only the TFTP/HTTP servers. You just have to turn off the PXEBOOTSRV_DODHCPD option in /etc/conf.d/pxebootsrv:

# ------------------------ CONFIGURATION -------------------------------
# By default the current system acts as DHCP and TFTP and HTTP server
# If you want another machine on your network to act as one of those
# you will have to turn the appropriate option to "no"

# Set to "yes" if you want this machine to act as a DHCP server
PXEBOOTSRV_DODHCPD="no"
# Set to "yes" if you want this machine to act as a TFTP server
PXEBOOTSRV_DOTFTPD="yes"
# Set to "yes" if you want this machine to act as an HTTP server
PXEBOOTSRV_DOHTTPD="yes"

If you use another DHCP server, you will have to update the next-server option in the DHCP settings to make sure that the DCHP service sends the IP address of the TFTP server to the client. Here is an example of how to use that option with the ISC DHCPD server:

next-server 192.168.1.5; # IP addr of the TFTP server

Here is an example of a typical subnet configuration that you can add to the end of your dhcpd.conf:

subnet 192.168.1.0 netmask 255.255.255.0
{
        range 192.168.1.200 192.168.1.210;
        range dynamic-bootp 192.168.1.211 192.168.1.220;
        next-server 192.168.1.5;
        filename "pxelinux.0";
}

Customization of the boot command line

The PXE server is made of several services. In the second stage, the server uses TFTP to send multiple things to the client: boot loader (pxelinux.0), kernel image (rescuecd/rescue64/altkerxx), initramfs (initram.igz). The boot loader is pxelinux.0 and it comes with a configuration file which is sent to the client. This configuration file contains the boot command line which will be used by the client to start the linux kernel. This command line is important since it contains the SystemRescueCd boot options that are required to run the third stage. The boot command line can be used to specify the network settings and the method that the PXE client will use in the third stage of the PXE boot process. Please refer to Network boot using PXE and Network configuration options for a detailed list of options supported on the boot command line. Here are two examples of valid command lines for PXE boot:

In the first example the client will use a static IP address (192.168.157.100) and it will connect to an HTTP server to download sysrcd.dat in the third stage of the PXE boot process.

label mybootentry1
  kernel rescuecd
  append initrd=initram.igz ethx=192.168.157.100 netboot=http://192.168.157.1:8080/sysrcd.dat

Here is another example where the client runs a 64bit kernel. It uses a dynamic IP address and connects to an NBD server (192.168.157.1:2000) in the third stage:

label mybootentry2
  kernel rescue64
  append initrd=initram.igz dodhcp netboot=nbd://192.168.157.1:2000

Steps to boot the client with PXE

  • Check that your PXE boot server is ready to answer to the requests from the PXE client
  • Check your client computer has at least 400MB of RAM if you want to use HTTP or TFTP to download sysrcd.dat
  • Setup your BIOS to boot from the network via PXE
  • Check your computer is connected to the same network as the server
  • Boot your client computer and it should work

Alternative methods: boot from NFS or NBD

In the previous sections, the client uses an HTTP/TFTP server to download the root filesystem (which is stored in sysrcd.dat)· This file is stored in memory on the client machine, and then it can only work if the client computer has enough memory (512 MB or more in general).

In SystemRescueCd-1.4.0 (and more recent) you can use either NFS (Network File System) or NBD (Network Block Device) as a replacement for HTTP/TFTP. You will still need DHCP and TFTP for the early stages anyway. NFS or NBD are only used to retrieve the root filesystem. In other words these alternatives are used for steps 9, 10, 11 in the PXE boot process described in the previous sections, and steps 1 to 8 are still based on DHCP/TFTP.

NFS is more popular than NBD but NBD is much easier to configure since it only uses a single TCP port to work. In both cases the root filesystem will be mounted through the network. It means the client will have to be connected until you shut it down. If the connection breaks then it will stop working.

Here are the two boot options introduced in SystemRescueCd-1.4.0:

  • nbdboot=ip:port: IP and Port of the NBD server that distributes a copy of sysrcd.dat
  • nfsboot=ip:/path: IP of the NFS v3 server and path to the directory that contains a copy of sysrcd.dat NFS v4 is not supported.

About NBD

NBD (Network Block Device) provides a standard block device (called /dev/nbd0, /dev/nbd1, ...) on the client machine. These devices can be mounted as any normal disk. Each time a block is read on such a device, there is a network request and the NBD server sends the data requested.

In SystemRescueCd, NBD is used to mount the loopback root filesystem which is stored in sysrcd.dat through the network. The configuration of the NBD server is not described in this documentation, but it's really easy. Most linux distributions provide a package called nbd-server or simply nbd which you can use to provide the boot server.

Here is an example NBD server configuration file that you can use:

# /etc/nbd-server/config
[generic]
   user = nbd
   group = nbd
   listenaddr = 192.168.1.1
[partimage]
   exportname = /mnt/cdrom/sysrcd.dat
   port = 2000

And here is an NBD server command:

nbd-server 2000 /mnt/cdrom/sysrcd.dat

About NFS

To configure an NFS v3 server, you have to install the appropriate packages on your favourite linux distribution, and then you can add such an entry in the /etc/exports file:

/tftpboot *(ro,no_subtree_check,all_squash,insecure,anonuid=1000,anongid=1000)

NFS requires multiple ports to work so it may be complicated if you have a firewall between the NFS server and the SystemRescueCd client.

Also you have to check that the sysrcd.dat and sysrcd.md5 file are available on the NFS server:

# ls -lh /tftpboot/sysrcd.*
-rw-r--r-- 1 root root 198M 2010-02-21 21:06 /tftpboot/sysrcd.dat
-rw-r--r-- 1 root root   45 2010-02-21 21:06 /tftpboot/sysrcd.md5

Here is an example of a boot command for the client:

setkmap=uk ethx=192.168.52.2 nfsboot=192.168.52.1:/tftpboot gw=192.168.52.1
spacer