linux server做为pxe server起NT 98/200无盘站的方法
The Configuration How-To
First, arrange to have the following two machines within arms reach:
- the server, usually a Unix or Windows NT machine.
- the client, a PC with a bootprom enabled, and nothing valuable on the hard disk.
If you want to test the configuration but you do not yet have a bootprom, you can download the TCP/IP BootProm demo diskette from Bootix at http://www.bootix.com. This diskette will make your computer behave like if it had a TCP/IP Bootprom plugged in.
If you already have a Boot ROM, you need to enable it. If you are using Bootix TCP/IP Bootprom, you can do that using a special program from your network card manufacturer. If you have a PXE Bootprom, you can do it simply from BIOS setup, by changing the default boot device.
For student computers, we configured the boot on network first, and disabled hard disk and floppy disk boot. For assistant computers, we also configured network-boot first, but we allow hard disk and floppy disk boot.
4.1 Server-side configuration
On the server, you will need the following services:
- A BOOTP/DHCP server.
- Maybe a Proxy DHCP server.
- A TFTP server.
Note for PXE Boot ROM users: make sure you have the latest PXE version. At the time of this writing, the latest version is PXE 2.0. PXE 0.99x bootroms are also supported, but some DHCP options may not be sent by the DHCP server. In particular, you should upgrade to PXE 2.0 if option 135 has no effect on BpBatch (BpBatch displays “Cannot load file” on startup). If your network card belongs to one of the Intel EPRO100 series of adapters, you can get the latest evaluation release in the Intel PXE Product Development Kit (PDK), which also includes the necessary flash utility to program the boot rom. The PDK is available at http://developer.intel.com/ial/wfm/tools/pxepdk20/index.htm.
Setting up DHCP
The role of the DHCP server is to give the client an IP address and to make it load the file named bpbatch.P from the TFTP server. DHCP is a superprotocol over BOOTP. If you are using Bootix TCP/IP Bootprom, you may live without DHCP (using an old BOOTP server).
On Windows NT, you will probably use the native DHCP server. If you are using Bootix TCP/IP Bootprom, you will have to use a special trick to specify the boot file name (get more info from Bootix WWW site). If you are using a PXE Bootrom, you will need to define the boot filename using the DHCP option 67. You will also have to set the VendorClass (opt 60) to “PXEClient” and the VendorOptions (opt 43) to 01,04,00,00,00,00,ff (see below).
On Linux, the best choice is the standard DHCP server from the Internet Software Consortium. If you are using a PXE Bootrom, in addition to the usual options, you will need to add the following ones:
- option dhcp-class-identifier “PXEClient”.
- option vendor-encapsulated-options 01:04:00:00:00:00:ff;.
If you are using ISC DHCP 3.0, the syntax is slightly different. Here is an example of a DHCP 3.0-compatible configuration :
DHCP configuration file for DHCP ISC 3.0 & BpBatch
Global options
option subnet-mask 255.255.255.0;
default-lease-time -1;
Definition of PXE-specific options
Code 1: Multicast IP address of bootfile
Code 2: UDP port that client should monitor for MTFTP responses
Code 3: UDP port that MTFTP servers are using to listen for MTFTP requests
Code 4: Number of seconds a client must listen for activity before trying
to start a new MTFTP transfer
Code 5: Number of seconds a client must listen before trying to restart
a MTFTP transfer
option space PXE;
option PXE.mtftp-ip code 1 = ip-address;
option PXE.mtftp-cport code 2 = unsigned integer 16;
option PXE.mtftp-sport code 3 = unsigned integer 16;
option PXE.mtftp-tmout code 4 = unsigned integer 8;
option PXE.mtftp-delay code 5 = unsigned integer 8;
Subnet-specific options
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1;
Host specific options
host pctest {
hardware ethernet 00:01:02:03:04:05;
filename “bpbatch.P”;
next-server 192.168.1.2;
fixed-address 192.168.1.100;
BpBatch command-line argument : -i == interactive
You can also specify a script name (do not include the
trailing .bpb extension)
option option-135 “-i”;
PXE specific options
class “pxeclients”
{
match if substring (option vendor-class-identifier, 0, 9) =
“PXEClient”;
option vendor-class-identifier “PXEClient”;
At least one of the vendor-specific option must be set. We set
the MCAST IP address to 0.0.0.0 to tell the bootrom to still use
TFTP (address 0.0.0.0 is considered as “no address”)
option PXE.mtftp-ip 0.0.0.0;
vendor-option-space PXE;
}
}
}
On Solaris, you can either use the Internet Software Consortium DHCP server (available on the Web), or use the Solaris DHCP server (available since Solaris 2.5). However, as the Solaris DHCP server does not seem to be able to insert a client class identifier in its DHCP offer, you must install a Proxy DHCP server. Morever, this Proxy DHCP server must reside on another computer since the Solaris DHCP server locks the DHCP port.
We suggest giving infinite lease time for remote-boot clients. Don forget that BOOTP/DHCP requests are bounded by subnets. If the client and the server do not reside on the same subnet, you should install a BOOTP/DHCP Relay agent on any computer between the two. For now, just assume that both machines are on the same subnet.
If you are using a PXE 2.0 bootrom, you can only uses site-specific options numbered from 128 to 135 for passing information to BpBatch. Options with a number greater than 135 are ignored by PXE 2.0 bootroms. Option-135 is used by BpBatch for command-line arguments. You have 6 options left for your specific needs.
Setting up a Proxy DHCP
The role of the Proxy DHCP server is to overcome limitations of some DHCP servers and to provide PXE specific extensions. A proxy DHCP server only makes sense for a PXE Boot rom. However, the Proxy DHCP server is not mandatory. If your DHCP server sends all the requested options, the PXE bootrom will not search for a Proxy DHCP (aka BINL). By “all the requested options”, we mean basic IP options (IP address, gateway, subnet, hostname, …) and PXE vendor-specific options (vendor-class – opt 60 – set to “PXEClient” and vendor-encapsulated-options set to something meaningful for a PXE bootrom. You can use 01:04:00:00:00:00:ff if you don know what is meaningful for a PXE bootrom). A more complete description is shown below.
As BpBatch itself is quite powerful, you won need to use any PXE specific DHCP extension (menus, etc.). However, if your DHCP server is not able to show minimal PXE compliance, you will need a Proxy DHCP server or your PXE Boot ROM will not accept to go further. By minimal PXE compliance, we mean setting the VendorClass and VendorOptions (options 60 and 43 resp.).
On Linux and Solaris, you can run our Proxy DHCP program, that simply takes as argument the TFTP server IP address, boot file name and optional arguments, and does everything for you. If the DHCP port on the server is already requested by another daemon, the proxy DHCP server will run on port 4011. In this case, it is necessary that the other daemon on the DHCP port answers a DHCP offer with client class PXEClient so that the PXE client knows that it must try on port 4011.
If you want to understand better PXE extensions to DHCP, there is an extensive description available on the Intel WWW site. However, be warned that the documents are quite confusing, as the protocol has been extended to a number of optional stages, in order to allow for a maximal flexibility. The key to understand it is that all what a PXE client needs is a complete enhanced DHCP answer. If it receives only a standard DHCP offer, it will look further until it gets
- a client class (T60) set to PXEClient.
- vendor encapsulated options (T43). (Cannot be empty. But you can specify hex 01:04:00:00:00:00, it will be interpreted properly by the PXE bootrom).
- a non-empty boot filename.
- a valid hostname.
The PXE specific negotiation ends as soon as all this info is received, but can lead to a very complex process (install server discovery, etc.) if some information is missing.
Setting up TFTP
The TFTP server is a very simple file server. In its basic version, TFTP uses 512 bytes data blocks, which are quite inefficient. Bootix TCP/IP Bootprom and PXE Boot ROMs allow to use larger blocks (1408 bytes), which speeds up transfers a lot. However, this can only work with an enhanced TFTP server.
On Windows NT, we suggest using the Intel TFTP server, available from the Intel PXE Product Development Kit for Windows. You can find the PDK at http://developer.intel.com/ial/wfm/tools/pxepdk20/index.htm. Important note: if you plan to use the Intel TFTP server on Windows NT, do not forget to rename your BpBatch loader from bpbatch.P to bpbatch.B. This will tell BpBatch to use Intel-compatible TFTP options.
The Intel PXE PDK also includes evaluation PXE boot rom code for the Intel EPRO100 series of network adapters, along with the necessary flash utility to program the boot rom with the latest PXE release.
On Linux, you can use the tftp daemon included in most distributions, but you will have no support for the enhanced TFTP mode (1408 bytes packets). We suggest to get the Bootix enhanced TFTP server, available on our distribution directory ( http://cuiwww.unige.ch/info/pc/remote-boot/soft/), the filename is incomtftpdlx.tar.gz.
On Solaris, you should use Bootix enhanced TFTP serer, also available in our distribution directory (filename is incomtftpdsun.tar.gz). Another possible choice: John Martin (j.martin@abdn.ac.uk) has ported Linux tftpd for Solaris. You can get it from http://www.csd.abdn.ac.uk/~jmartin/tftpd.tar.gz.
If you prefer using a standard TFTP daemon, remove the P in all boot image name extensions, in order to tell the Bootprom to use only the standard TFTP port. (This trick was introduced by Bootix for the TCP/IP Bootprom. We still use it as an easy way to select the default TFTP port with PXE bootproms.)
In summary, if you plan to use a standard TFTP server, remove the extension from BpBatchs loader filename (i.e bpbatch). If you plan to use the Bootix TFTP server with support for 1408 bytes packets on port 59, your loaders filename must have the .P extension. Finally, if you plan to use the Intel TFTP server (or the one from Bootware), rename your loader to bpbatch.B.
4.2 Client-side configuration
First, we will set up the part common to all operating systems, i.e. the batch-file interpreter. Then, for each operating system, we will go through the following steps:
- Set up a stand-alone client.
- Save its configuration on the server.
- Test it as a remote-boot client.
- Adapt it so that it works for any similar client machine.
Once this is done, you will be able to setup any supplemental client just by plugging a Boot ROM in it (or buying a Wired for Management ready computer…) and adding one line in the DHCP configuration file.
Our examples assume that you have a hard disk of 1.4 Gb or more. If you have less, reduce the size of the partitions, but remember that you need to leave a few hundreds megabytes unallocated (that is, the last partition must not take up to the last cylinder) to leave room for the special cache partition. Moreover, the cache always starts at the cylinder following the last allocated cylinder, so if you do not use the same total size for all your tests, you will have to download several times the same files (the cache will be automatically cleared).
Never despair. If you can get it to work, first look in the Troubleshooting section if your problem is not already solved (get the latest version from the Web). Then, take a look in the BpBatch forum. Perhaps someone else had the same troubles, and the answer can be found in the forum. Forums URL : http://cuiwww.unige.ch/info/pc/remote-boot/forum/. If it still does not work, think about monitoring network traffic for network related problems (use tcpdump on Linux or snoop on Solaris). If you really cannot get it to work, you can send an E-mail to support@bpbatch.org. If your problem is strictly related with the remote-boot configuration, we will try to solve your problem.
4.3 Setting Up the Boot Process
Get the BpBatch software, either as .zip or as .tar.gz. The executables are available at
- http://cuiwww.unige.ch/info/pc/remote-boot/soft/bpb-exe.zip.
- http://cuiwww.unige.ch/info/pc/remote-boot/soft/bpb-exe.tar.gz.
In the server /tftpboot directory, put the following three special boot images, which together make our pre-boot batch file interpreter (in the following lines, we use bpbatch.P as the loaders name. If you are not using the Bootix TFTP server, rename the loader to either bpbatch (standard TFTP) or bpbatch.B (Intel/Bootware TFTP server):
- bpbatch.P, the dynamic loader (respect the uppercase and read the section about TFTP servers for selecting the proper extension).
- bpbatch.ovl, the relocated interpreter
- bpbatch.hlp, the on-line help file
Then add an entry in the DHCP configuration file for your client, with the boot file set to “bpbatch.P”. Define a vendor option tag 155 (decimal) with the value “-i” (on the standard DHCP server, this is done by the following command: option option-155 “-i”;). It is interpreted by bpbatch as the command line, and -i stands for “interactive”.
Boot the client computer. You might shortly see
- The Boot ROM copyright.
- The string DHCP while the client waits for a DHCP reply.
- The string TFTP while the client waits for the first TFTP packet.
- The string Loading BpBatch while the loader downloads the interpreter.
- And finaly our banner, followed by a nice greater-than prompt.
Congratulations ! You have started the batch interpreter… If you are curious about what you can do with it, continue reading the next section. If you are in a hurry, skip it and directly go install the operating system of your choice. If you have any doubt about a command within the interpreter, type help.
Note that you can run the same interpreter within DOS and Linux by running the MrBatch program. There are only very few differences (the Linux versions do not have graphics support and the DOS version can only send BOOTP and TFTP requests if the BootProm is not hidden by the operating system).
It may be a good idea to read now the section about the Syntax Rules of BpBatch, and in particular the paragraphs on File References and on The Cache Filesystem. This will help you understand the examples.
Once all operating systems will be set up, you will have to make a menu to let the user choose the one he wants. You should be able to discover yourself how to make such a menu. All necessary commands are documented at the end of this document.
Discovering BpBatch
Try to type LogVars. You should get about thirty variables listed. Roughly, the first are BpBatch settings, then come all parameters extracted from the BOOTP/DHCP reply, and the last variable is a list of disks sizes, in Megabytes.
Type GetPartitions part, then LogVars again. There should be one more variable containing the list of defined partitions on your first hard-drive. Assuming that the first partition is either BIGDOS, FAT32 or LINUX-EXT2, try LogDir “{:1}” to get the content of the root directory, then LogDir “{:1}/usr” if there is an usr directory. You can even try LogTree “{:1}/etc” to get a directory tree.
Put a GIF file (format GIF-87a, interlaced or not, but NOT GIF-89a) on your TFTP server. We will suppose that the file is named image.gif. You can copy it wherever you want with the following command: Copy “image.gif” “{:1}/temp/image.gif”. Or you can use it directly from the server. Now type Logvars “V*” and look at the value of the VESA variable. If it is On, which is most probable, that means you have a VESA-compliant video adapter. You can list the available video modes using Echo “$VESA-Modes”. To display your image try the following command: DrawGif “image.gif”. The image should be on the upper left corner of the screen. You can draw it on another place by specifying X and Y coordinates after the image name. You can also draw text with DrawText 200 200 “Hello world” yellow. Or draw an empty window with DrawWindow 200 200 300 150. To insert a title when you create a new window, try DrawWindow 200 200 300 150 “My Window”. When you are tired of graphic mode, simply type CloseGraph.
Note on graphics : by default, all graphical routines work in the 800x600 VESA mode (with 256 colors), which is the first field of the VESA-Modes variable. If you want to use a different video mode, change the variable in order to have the requested video mode as the first field of the list.
Now take a text editor, and create a file named test.bpb in the tftpboot directory with the following content:
:again
DrawWindow 150 200 400 160 “Identity check”
TextAttr Black LightGray
At 15,20 Print "Username : "
Input username 8
At 17,20 Print "Password : "
Getpasswd userpass 8
if “$username” != “smith” goto again
if not “$userpass” match-passwd “BpR8oiIlRR9bo” goto again
clear
DrawWindow 200 200 150 100 green blue “Congratulations”
DrawText 220 250 “You got it !” yellow
WaitForKey 3
CloseGraph
interact
In your BOOTP/DHCP configuration, change the option-155 from “-i” to “test”, and reboot the client computer. The small script should run automatically, and ask you for a username and password. If you do not type smith and justdoit, you wont be able to boot the computer. Later you will learn how to use a Unix, NT or Radius server to check valid user names.
