Fwd: netbooting OpenBSD (6.0) i386 and amd64 clients from one server
>> ... >> >> $ ./tftpd_rewrite >> $ doas chgrp _tftpd /tmp/tftpd_rewrite.sock ; doas chmod g+w /tmp/tftpd_rewrite.sock >> $ doas tftpd -v -r /tmp/tftpd_rewrite.sock /home/vm >> >> $ tftp 127.0.0.1 >> tftp> get /etc/boot.conf >> Received 38 bytes in 0.0 seconds >> >> $ syslogc daemon | tail -n1 >> Jan 29 01:51:49 t440s tftpd[626]: 127.0.0.1: read request for '/etc/boot.conf' >> $ cat boot.conf >> set tty com0 >> boot tftp:/bsd.rd.i386 > > nice proof of concept :-) > thx! works well with OpenBSD's tftpd. > Same logic does not apply to in.tftpd or atftpd. I had copied the OpenBSD "pxeboot" (amd64 and i386, they differ a bit) to my Linux box. As you can see in the second line, the requested filename "boot.conf" has no additional IP address or MAC to filter on: > > in.tftpd[2131]: RRQ from 192.168.88.253 filename /i386/bsd60_i386_pxeboot >> in.tftpd[2132]: remap: input: /etc/boot.conf > in.tftpd[2132]: remap: done > in.tftpd[2132]: RRQ from 192.168.88.253 filename /etc/boot.conf > in.tftpd[2133]: remap: input: /etc/random.seed > in.tftpd[2133]: remap: done > in.tftpd[2133]: RRQ from 192.168.88.253 filename /etc/random.seed > in.tftpd[2133]: sending NAK (1, File not found) to 192.168.88.253 > in.tftpd[2134]: remap: input: /bsd > in.tftpd[2134]: remap: done > in.tftpd[2134]: RRQ from 192.168.88.253 filename /bsd > in.tftpd[2134]: sending NAK (1, File not found) to 192.168.88.253 > > This way, when creating a remapping based on the raw filename, it would apply to i386 and amd64. > Anyhow, I will update my doc with the solution for OpenBSD. Already a good step forwards. > At the same time I will also update with Anton's remark for a dual server. > I am wrong! I have played around with in.tftpd. I could get my OpenBSD systems to properly netboot i386 and amd64 in the same network segment. Here is all the configs I used, to achieve OpenBSD clients booting from in.tftpd and it's "filename remapping": /etc/hosts: 192.168.88.253 mvbcxfw1.svn.localdomain mvbcxfw1 192.168.88.254 mvbcxfw2.svn.localdomain mvbcxfw2 /etc/tftp.remap: r /etc/boot.conf /etc/boot.conf.\i This translates into: for all requests [r] that come with a filename “/etc/boot.conf” replace it with the filename “/etc/boot.conf” and attach a dot and the IP address of the tftpd requesting client [\i]. (man in.tftpd) /etc/dhcpd.conf ... group { filename "/pxeboot"; next-server 192.168.88.8; host mvbcxfw1 { option host-name "mvbcxfw1"; hardware ethernet 00:47:11:12:01:27; fixed-address mvbcxfw1; } host mvbcxfw2 { option host-name "mvbcxfw2"; hardware ethernet 00:47:11:12:01:28; fixed-address mvbcxfw2; } } I created two files in the /srv/tftpboot/etc/ directory: /srv/tftpboot/etc/boot.conf.192.168.88.253: echo # echo # in.tftpd greetings to client 192.168.88.253 echo # boot /i386/bsd60_i386_bsd.rd /srv/tftpboot/etc/boot.conf.192.168.88.254: echo # echo # in.tftpd greetings to client 192.168.88.254 echo # boot /amd64/bsd60_amd64_bsd.rd I then start the xinetd, with the in.tftpd activated. The config file /etc/xinetd.d/tftp: service tftp { socket_type = dgram protocol = udp wait = yes user = root group = tftp server = /usr/sbin/in.tftpd server_args = -m /etc/tftpd.remap -vvv -s /srv/tftpboot } Alternativly, one can also do a manual start: /usr/sbin/in.tftpd -l -m /etc/tftpd.remap -vvv -s /srv/tftpboot I boot my first i386 client, and see this in journalctl -f /usr/sbin/in.tftpd: Jan 30 02:04:33 mleap42ix in.tftpd[4125]: remap: input: /pxeboot Jan 30 02:04:33 mleap42ix in.tftpd[4125]: remap: done Jan 30 02:04:33 mleap42ix in.tftpd[4125]: RRQ from 192.168.88.253 filename /pxeboot Jan 30 02:04:33 mleap42ix in.tftpd[4126]: remap: input: /etc/boot.conf Jan 30 02:04:33 mleap42ix in.tftpd[4126]: remap: rule 0: rewrite: /etc/boot.conf.192.168.88.253 Jan 30 02:04:33 mleap42ix in.tftpd[4126]: remap: done Jan 30 02:04:33 mleap42ix in.tftpd[4126]: RRQ from 192.168.88.253 filename /etc/boot.conf remapped to /etc/boot.conf.192.168.88.253 ... Jan 30 02:04:33 mleap42ix in.tftpd[4128]: remap: input: /i386/bsd60_i386_bsd.rd Jan 30 02:04:33 mleap42ix in.tftpd[4128]: remap: done Jan 30 02:04:33 mleap42ix in.tftpd[4128]: RRQ from 192.168.88.253 filename /i386/bsd60_i386_bsd.rd Line number 5 and line number 7 show the change. So with this one can define a per IP address config file, and define in the boot.conf . whichever kernel we want to boot. The equivalent result for the amd64 client would show the remapping, and boot the amd64 kernel. rgds, Volker
Re: netbooting OpenBSD (6.0) i386 and amd64 clients from one server
> Am 29.01.2017 um 14:23 schrieb Jiri B: > >>> Isn't better to use rewrite/file remapping instead of hacking pxeboot? >>> If an i386 machine would request /etc/boot.conf via tftp you could rewrite >>> it to (based on fact you know that that machine is i386 - during provisioning) >>> /etc/i386/boot.conf. For the client I suppose it would still think it gets >>> /etc/boot.conf. > > A POC... > > j. > > ~~~ > #!/usr/bin/perl -w > > use IO::Socket::UNIX; > > my $socket_path = '/tmp/tftpd_rewrite.sock'; > unlink $socket_path if -e $socket_path; > my $socket = IO::Socket::UNIX->new( >Local => $socket_path, >Type => SOCK_STREAM, >Listen => SOMAXCONN, > ); > die "Can't create socket: $!" unless $socket; > > while (1) { >next unless my $connection = $socket->accept; >$connection->autoflush(1); >while (my $line = <$connection>) { >chomp($line); ># XXX ># conditionals here >if ($line =~ /^127.0.0.1 read \/etc\/boot.conf$/) { >print $connection "/etc/boot.conf.i386\n"; >} elsif ($line =~ /^\S+ read \/etc\/boot.conf$/) { >print $connection "/etc/boot.conf\n"; >} >} > } > ~~~ > > $ ./tftpd_rewrite > $ doas chgrp _tftpd /tmp/tftpd_rewrite.sock ; doas chmod g+w /tmp/tftpd_rewrite.sock > $ doas tftpd -v -r /tmp/tftpd_rewrite.sock /home/vm > > $ tftp 127.0.0.1 > tftp> get /etc/boot.conf > Received 38 bytes in 0.0 seconds > > $ syslogc daemon | tail -n1 > Jan 29 01:51:49 t440s tftpd[626]: 127.0.0.1: read request for '/etc/boot.conf' > $ cat boot.conf > set tty com0 > boot tftp:/bsd.rd.i386 nice proof of concept :-) thx! works well with OpenBSD's tftpd. Same logic does not apply to in.tftpd or atftpd. I had copied the OpenBSD "pxeboot" (amd64 and i386, they differ a bit) to my Linux box. As you can see in the second line, the requested filename "boot.conf" has no additional IP address or MAC to filter on: in.tftpd[2131]: RRQ from 192.168.88.253 filename /i386/bsd60_i386_pxeboot > in.tftpd[2132]: remap: input: /etc/boot.conf in.tftpd[2132]: remap: done in.tftpd[2132]: RRQ from 192.168.88.253 filename /etc/boot.conf in.tftpd[2133]: remap: input: /etc/random.seed in.tftpd[2133]: remap: done in.tftpd[2133]: RRQ from 192.168.88.253 filename /etc/random.seed in.tftpd[2133]: sending NAK (1, File not found) to 192.168.88.253 in.tftpd[2134]: remap: input: /bsd in.tftpd[2134]: remap: done in.tftpd[2134]: RRQ from 192.168.88.253 filename /bsd in.tftpd[2134]: sending NAK (1, File not found) to 192.168.88.253 This way, when creating a remapping based on the raw filename, it would apply to i386 and amd64. Anyhow, I will update my doc with the solution for OpenBSD. Already a good step forwards. At the same time I will also update with Anton's remark for a dual server. thx, rgds, Volker
Re: netbooting OpenBSD (6.0) i386 and amd64 clients from one server
> Am 28.01.2017 um 14:56 schrieb Jiri B <ji...@devio.us>: > > On Sat, Jan 28, 2017 at 12:17:40AM +0100, Sven-Volker Nowarra wrote: >> I am netbooting many systems, and last recently stepped on the issue, that I >> had an amd64 and an i386 client in the same network. I wanted to boot them >> into a "full" OpenBSD (not ramdisk kernel). That is not possible with the >> default installation, cause pxeboot can not distinguish between these >> Intel/AMD systems. DHCP server can distinguish by MAC address, but then when >> pxeboot is loaded, the kernel is per default "bsd". This must clash either >> with i386 or amd64 architecture, whatever was dropped into tftpboot direcotry. >> So I went through some older mailing list entries, adapted them, and updated >> my meanwhile extensive netboot document. I updated this into a PDF, covering >> many, many details (now ~50 pages). Wanted to give something back to the >> community. The PDF is currently located here: >> http://nowarra.ch/Volker/netboot_OpenBSD/170127_netbooting_OpenBSD60.pdf >> > > Thanks, interesting document. > > Isn't better to use rewrite/file remapping instead of hacking pxeboot? > If an i386 machine would request /etc/boot.conf via tftp you could rewrite > it to (based on fact you know that that machine is i386 - during provisioning) > /etc/i386/boot.conf. For the client I suppose it would still think it gets > /etc/boot.conf. > > j. If this works, I could get rid of recompiling pxeboot everytime a new release comes out. Well, sometimes pxeboot also supports "older" OpenBSDs, but that is another topic. I understand, the tftp server has a "root dir" for the client specified. In the dhcpd.conf I declare per client a MAC address and its filename (usually "/pxeboot"). The i386 pxeboot manual says: "pxeboot boot program will look for an /etc/boot.conf configuration file on the TFTP server." I didn't find a reference to a different sub structure... Anyway, I tried a structure like you proposed, but pxeboot didn't find the boot.conf, and didn't even show the echo lines from this file (so useless to play with bsd location). This was my setup: location of boot.conf: /tftpboot/etc/i386/boot.conf $ cat /tftpboot/etc/i386/boot.conf echo ### echo ### hello from tftpd@192.168.88.12, with /etc/i386/boot.conf ### echo ### boot bsd.rd $ cat /etc/dhcpd.conf | grep filename filename "/pxeboot"; I also tried to play with the dhcpd.conf settings, by using a different subdir for pxeboot, but I didn't get the system to find "his" boot.conf in the i386 directory.
netbooting OpenBSD (6.0) i386 and amd64 clients from one server
I am netbooting many systems, and last recently stepped on the issue, that I had an amd64 and an i386 client in the same network. I wanted to boot them into a "full" OpenBSD (not ramdisk kernel). That is not possible with the default installation, cause pxeboot can not distinguish between these Intel/AMD systems. DHCP server can distinguish by MAC address, but then when pxeboot is loaded, the kernel is per default "bsd". This must clash either with i386 or amd64 architecture, whatever was dropped into tftpboot direcotry. So I went through some older mailing list entries, adapted them, and updated my meanwhile extensive netboot document. I updated this into a PDF, covering many, many details (now ~50 pages). Wanted to give something back to the community. The PDF is currently located here: http://nowarra.ch/Volker/netboot_OpenBSD/170127_netbooting_OpenBSD60.pdf