18

In the past I've setup a PXE server several times by making the normal dhcp server return everything needed for network booting: both the regular ip config AND bootinfo in a single dhcp setup. That way it is easy to do.

According to the documentation i've read it (wikipedia has a nice summary) should be possible to have an unmodified dhcp server (for example if the admin at your location denies access) and a separate server that ONLY returns the boot information. This is usually called the "PXE server" or "Proxy DHCP" server. In the past I've seen (not used) this pxe server (last release was 5 years ago).

Yesterday I installed Cobbler to see what it really does. Now I would like to use it (love the ease of use) but modifying the 'main' dhcpd server to get PXE is not an option.

I've not been able to find any documentation on how I can get cobbler to run using a real PXE (==proxy dhcp) server.

Can this be done with cobbler?

Can I configure the isc dhcp server to behave as a PXE server (i.e. NO ip info, only boot info)?

Or should I go for a completely different approach (if so, what is your suggestion) ?

Thanks


New discovery I just made: The changelog for dnsmasq version 2.4.8 says:

"Proxy-DHCP, where dnsmasq just supplies the PXE information and another DHCP server does address allocation, is also allowed."

VERY INTERESTING. Especially because cobbler can already control dnsmasq.


Update:

dnsmasq 2.51 will support this config that fully does the trick I wanted.

My /etc/cobbler/dnsmasq.template now looks like this:

# Cobbler generated configuration file for dnsmasq
# $date
#

# resolve.conf .. ?
#no-poll
#enable-dbus
read-ethers
addn-hosts = /var/lib/cobbler/cobbler_hosts

# Be a proxyDHCP server
dhcp-range=10.10.0.0,proxy

# Only respond to clients that are known (i.e present in /etc/ethers)
dhcp-ignore=#known

# Set this (and domain: see below) if you want to have a domain
# automatically added to simple names in a hosts-file.
expand-hosts
domain=test.basjes.nl,10.10.15.0

# Loads <tftp-root>/pxelinux.0 from dnsmasq TFTP server.
pxe-service=x86PC, "Boot PXELinux (=Cobbler controlled)", pxelinux ,$next_server

$insert_cobbler_system_definitions

Update: 2012-04-30

A few months ago I got an email from someone stating he couldn't get the above to work. Turns out that I had done some fixing and changing of my own cobbler that I had forgotten about. So I provided the crucial fix to the mainline cobbler which has just become part of the trunk. I also created some additional supporting documentation.

Niels Basjes
  • 2,176
  • 3
  • 18
  • 26

3 Answers3

6

The PXE ROM needs a "next-server" directive from the DHCP server in order to find and load the bootloader (be it grub, pxelinux or any other bootloader). If a "next-server" isn't supplied, it is up to the PXE ROM to decice what to do. You'll have to look at your network card bios configuration and see if there is an option to maybe specify the server manually.

As noted by the answer above, using a custom ISO or USB Stick to boot the machine, with all information already supplied at the kernel command line is probably the best way to go. If you have no access to the DHCP server's configuration.

katriel
  • 4,407
  • 22
  • 20
3

What we do, is mount an ISO file we made, boot a kernel and initrd from that and have it load a kickstart from a central location. This kickstart file then point to a repository with RPM files, which could be your cobbler server.

I haven't got much experience with Cobbler (sadly), but maybe this is an option for you?

wzzrd
  • 10,269
  • 2
  • 32
  • 47
  • I've done the installation using a CDROM (iso image generated by Cobbler!) as you suggested and that worked quite nicely. I now have the setup in an almost isolated area where I can unplug it from the LAN, enable DHCP, deploy via PXE, disable DHCP and plug in again. Given the fact that this is a test/experiment environment it will have to do for now. I've also looked at other "proxydhcp" options but none seemed to have code beyond 2004 ... i.e. dead unmaintained code. Thanks for the feedback. – Niels Basjes Aug 17 '09 at 14:41
1

if you just want to run some tests you can have several dhcp servers on the same network. you can have cobbler creating a dhcpd config that will tell a server only to respond when a particular MAC is making an ARP request. and if you simply comment out/disable any ranges on that server (and I am talking about isc-dhcpd here) it will not be intrusive. You might get some windows boxes complaining (in broadcasts) about this dhcp server being non-authoritative if you are using AD and such, but other than that I don't think there is much danger.

But the best way is to have cobbler/dhcp and servers you are trying to provision on a separate VLAN from the rest of your network. This way you limit your broadcast domain and no other boxes will even see your dhcp announcements.

monomyth
  • 971
  • 1
  • 5
  • 9