ipxe chainloading

sgw

found

https://forum.netgate.com/topic/29074/chainloading-ipxe-infinite-loop

(locked)

Is there a howto somewhere?
I get failed ipxe-booting here and try to fiddle with getting the parameters right in the pfsense-DHCP-Server.

As far as I understand I need these options inside, especially the if-block:

option space ipxe;
  option ipxe-encap-opts code 175 = encapsulate ipxe;
  option ipxe.priority code 1 = signed integer 8;
  option ipxe.keep-san code 8 = unsigned integer 8;
  option ipxe.skip-san-boot code 9 = unsigned integer 8;
  option ipxe.no-pxedhcp code 176 = unsigned integer 8;
  option ipxe.bus-id code 177 = string;
  option ipxe.bios-drive code 189 = unsigned integer 8;
  option ipxe.username code 190 = string;
  option ipxe.password code 191 = string;
  option ipxe.reverse-username code 192 = string;
  option ipxe.reverse-password code 193 = string;
  option ipxe.version code 235 = string;
  option iscsi-initiator-iqn code 203 = string;
  # Feature indicators
  option ipxe.pxeext code 16 = unsigned integer 8;
  option ipxe.iscsi code 17 = unsigned integer 8;
  option ipxe.aoe code 18 = unsigned integer 8;
  option ipxe.http code 19 = unsigned integer 8;
  option ipxe.https code 20 = unsigned integer 8;
  option ipxe.tftp code 21 = unsigned integer 8;
  option ipxe.ftp code 22 = unsigned integer 8;
  option ipxe.dns code 23 = unsigned integer 8;
  option ipxe.bzimage code 24 = unsigned integer 8;
  option ipxe.multiboot code 25 = unsigned integer 8;
  option ipxe.slam code 26 = unsigned integer 8;
  option ipxe.srp code 27 = unsigned integer 8;
  option ipxe.nbi code 32 = unsigned integer 8;
  option ipxe.pxe code 33 = unsigned integer 8;
  option ipxe.elf code 34 = unsigned integer 8;
  option ipxe.comboot code 35 = unsigned integer 8;
  option ipxe.efi code 36 = unsigned integer 8;
  option ipxe.fcoe code 37 = unsigned integer 8;


  if exists user-class and option user-class = "iPXE" {
      filename "http://boot.ipxe.org/demo/boot.php";
  } else {
      filename "undionly.kpxe";
  }

Is there a way to add such a block?

sgw

for the records I need:

if exists user-class and option user-class = "iPXE" {
      filename "tftp://172.32.99.6/boot.ipxe";
  } else {
      filename "undionly.kpxe";
  }
}

tested on the shell right now

sgw

bump

any chance of getting that into pfsense? Should I file a bug somewhere or a PR?

@jimp pls advise

revoman

Would love to see this implemented in the pfsense UI.
Until then, look at this document on how to compile a custom iPXE file to get around this.
https://ipxe.org/howto/chainloading

Qutoing here

Another way to break the infinite loop is to build iPXE with an embedded script that directs iPXE to boot from a fixed URL. For example, if you create the script file demo.ipxe containing:

  #!ipxe
  
  dhcp
  chain http://boot.ipxe.org/demo/boot.php
and then build your own version of iPXE with this script embedded:

  make bin/undionly.kpxe EMBED=demo.ipxe
then the chainloaded iPXE will always boot from http://boot.ipxe.org/demo/boot.php regardless of the DHCP server configuration.```

sgw

@revoman interesting. I will look into this soon, as I want to get my PXE-server up again for deploying test VMs.

sgw

With current pfsense 21.02p2 I don't get my VMs booted at all right now.

I am unsure which options to set/add to dhcpd.conf now and try to find that out again.

sgw

I added that if-clause to dhcpd.conf again.

A QEMU-VM boots successfully with this setup.

A VirtualBox-VM does not.