Diskless pfSense-Box via NFS and TFTP
-
Hi pfSense-Gurus
i managed to setup my Atom-Based Computer to boot pfSense Live-Media (ISO and IMG) via PXE and NFS.
First i copied the content of the IMG/ISO rootfs to an export on my NFS-Server (192.168.1.100).
NFS-Locations are:ISO: /pfsense/rootfs_cd/ IMG: /pfsense/rootfs_usb/
after that i modified /pfsense/rootfs_X/etc/fstab and commented out the entries of the ISO/IMG Media.
Then i copied the contents of the /boot directory's of the different Medias (IMG and ISO) to my tftp-server (192.168.1.10).
ISO: <tftproot>/bootfiles/pfsense/2.1.3_cd/boot/ IMG: <tftproot>/bootfiles/pfsense/2.1.3_usb/boot/</tftproot></tftproot>
after this i added the following to my isc-dhcp's static lease configuration:
host wall.net.home { hardware ethernet XX:XX:XX:XX:XX:XX; fixed-address 192.168.1.1; ddns-hostname wall; next-server 192.168.1.10; #option root-path "192.168.1.100:/pfsense/rootfs_cd/"; option root-path "192.168.1.100:/pfsense/rootfs_usb"; filename "pfsense/2.1.3_usb/boot/pxeboot"; #filename "pfsense/2.1.3_cd/boot/pxeboot"; }
Depending on the active option-root-pats and filename line in my dhcp-config (#) i can boot the pfSense-System ISO or IMG Release.
This Setup working properly with NFS-hosted root-filesystem :))I configured my System via web interface, exported config.xml via Import/Export-Feature and placed the File at the /conf.default folder.
Now i can Boot diskless pfSense System with my individual Configuration, with some Limitations (e.g. no Packet Installation –> Proxy)Unhappy with these Limitations i tried to install pfSense to the systems internal HDD - in mind to move the HDD-hosted rootfs to NFS later on.
Setup was done without an issue.
I managed to move the HDDs rootfs to my NFS-Server:HDD: /pfsense/rootfs_hdd/
and modified DHCP option root-path to:
option root-path "192.168.1.100:/pfsense/rootfs_hdd/";
Now i don't know which boot file option (DHCP option "filename") to set.
If i choose the /boot/pxeboot -File system Startup fails.. and System states Kernel not found.
Is pxeboot-File of IMG/ISO Distribution unable to handle HDD-Installed Kernels?Any Ideas to get this solved?
Regards
Clem -
May I ask why??
-
May I ask why??
The geek factor? It does sound like a fun project, though I wouldn't want to run it myself that way myself. I would want it installed locally so I don't have to worry about the NFS server going down and bringing down the whole network since the firewall/router would go down as well.
In terms of actually getting it to work, try getting a regular FreeBSD machine booting via PXE first. I forget exactly how to do that, I'd have to check how I did it at work. Then just apply that to pfSense and it should work, unless the code that allows it has been removed.
Once again, on a firewall, I don't think I would want to rely on another server working in order for it to work.