Score:0

PXE server - broadcast port restriction on boot client demand

ke flag

I would like to setup my PXE server to attribute a correct IP-address, only for clients requesting network boot.

Therefor I've configured my network adapter with 2 IP addresses on a different range. 192.168.1.19 is the general network that broadcast on /24

For the PXE server boot I'm trying to use another set of IP's to separate it from the rest of the network configuration. The server has therefor a second IP 192.168.0.19 broadcast on /24 for only 2 IP range. (max. 2 computers using PXE boot together)

# cat /etc/network/interfaces
iface enp5s0 inet static
address 192.168.1.19
netmask 255.255.255.0
gateway 192.168.1.1

iface enp5s0:1 inet static
address 192.168.0.19
netmask 255.255.255.0

The point would be, that only computers that request boot should have one of those 2 IP's. Although, it lease it and doesn't release it, even after reboot. I've to manually reset the network on client. Even then, it gets the same IP back sometimes. It's narrow, because my router is set on 192.168.1.1. I presumed it should give priority to the same range.

If network boot is disabled on client it should get an IP from the general network range to get file sharing and other LAN services. If it's on, it should get one for the PXE boot configuration only and release after it's done.

Is this even possible?

Score:1
jp flag

I don't think your plan will work the way you want. The OS that gets booted by PXE will typically do its own DHCP network setup. The DHCP client packets from the second network setup probably won't include PXE options.

However, it is certainly possible to detect DHCP client packets with PXE options. This is a common approach so PXE response options can be provided dynamically. What can be done depends on the DHCP service being used.

This is a sample config for isc-dhcp-server DHCP service. It that will offer PXE clients a different pool. It does not offer separate subnets as you want, but it might be adapted.

class "pxeclient" {
    match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
    filename "pxelinux.0";
}

subnet 192.168.1.0 netmask 255.255.255.0
{
    option routers 192.168.1.1;
    next-server 192.168.1.1;
    max-lease-time 3600;

    pool {
        range 192.168.1.100 192.168.1.109;
        allow members of "pxeclient";
        }

    pool {
        range 192.168.1.110 192.168.1.119;
        allow unknown-clients;
        }
}

Another common DHCP service is dnsmasq. This is a sample config that does the same as above.

log-dhcp
dhcp-option=3,192.168.1.1
dhcp-match=set:pxe,60,PXEClient
dhcp-boot=tag:pxe,pxelinux.0,server,192.168.1.1
dhcp-range=tag:pxe,192.168.1.100,192.168.1.109,255.255.255.0,1h
dhcp-range=tag:!pxe,192.168.1.110,192.168.1.119,255.255.255.0,1h

Other interesting topics include

  • PXE response options based on the PXE client architecture (e.g. BIOS vs UEFI)
  • proxyDHCP service (dnsmasq supports this feature)

Helpful Links

Andrew Lowther avatar
jp flag
@Wingarmac post a new question
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.