3

I have a DHCP server used to do unattended installations of Debian: boot from PXE, and then install the operating system with a preseed.

The DHCP server (Debian's isc-dhcp-server package) is configured to do an operation (do an HTTP POST) when handing out a new lease:

subnet 192.168.0.0 netmask 255.255.252.0 {
    [...]
    filename "pxelinux.0";

    on commit {
        set client_ip = binary-to-ascii(10, 8, ".", leased-address);
        execute("curl", "-X", "POST", [...])
    }
}

[...]

host vmhost2 {
    hardware ethernet 00:19:66:60:c3:61;
    fixed-address 192.168.1.13;
}

I noticed that during the unattended installation, the HTTP POST is done twice: the first time a few seconds after the machine starts (this is expected), and approximately thirty seconds later when Debian installer is configuring the network.

I wasn't expecting the second request. In fact, this is the corresponding preseed configuration:

d-i netcfg/get_hostname string vmhost2
d-i netcfg/get_domain string pelicandd.com

d-i netcfg/choose_interface select auto
d-i netcfg/disable_autoconfig boolean true
d-i netcfg/disable_dhcp boolean true
d-i netcfg/dhcp_failed note
d-i netcfg/dhcp_options select Configure network manually

d-i netcfg/get_ipaddress string 192.168.1.13
d-i netcfg/get_netmask string 255.255.252.0
d-i netcfg/get_gateway string 192.168.1.1
d-i netcfg/get_nameservers string 192.168.1.3 192.168.1.4 8.8.8.8 8.8.4.4
d-i netcfg/confirm_static boolean true

I thought that the netcfg/disable_dhcp option indicates that the installer should not need to contact the DHCP server, but still, it does.

Questions:

  • Why is the installer contacting the DHCP server the second time, despite the preseed options?

  • Is there a way to stop it doing it, either through a preseed option, or by modifying the configuration of ISC DHCP server to ignore the second lease?

Arseni Mourzenko
  • 2,165
  • 5
  • 23
  • 41
  • 1
    Do you really install it so often that it clogs up your DHCP logs? I may be wrong but I think you're wasting your time as any change you make to adapt it will make future updates (newer versions) more complicated to implement. – Julie Pelletier Jul 24 '16 at 01:04
  • 1
    It's not the logs which are the problem, but the double HTTP POST request. A bit of a context: the HTTP request in turn publishes a message to a MQS, and there are a few subscribers which do several things from there. Notifying those subscribers twice is a bit annoying. I can probably deduplicate the message at MQS level, but I would prefer not having the double event in the first place. – Arseni Mourzenko Jul 24 '16 at 01:13
  • @JuliePelletier "[...] I think you're wasting your time as any change you make to adapt it will make future updates (newer versions) more complicated to implement.": Why is that? Could you elaborate, please? – gxx Jul 24 '16 at 10:13

1 Answers1

4

The first DHCP DORA (Discover, Offer, Request, Accept) sequence is triggered by the client PXE firmware trying to find an IP/MASK and the PXE data (NBP + TFTP location).

The PXE firmware then TFTP retrieves and runs the corresponding kernel+initrd. When this kernel starts running it needs an IP/MASK then it triggers a second DHCP DORA sequence (this is a regular "non-PXE" DHCP request)

In order to avoid the second DHCP hit you must manually set the static network configuration on the "kernel" command line; you cannot set this info on a pressed file that has to be net retrieved because the kernel would be forced to use DHCP to get its net services correctly working in order to retrieve the preseed file... can you see the egg-chicken problem?

You can either pass the corresponding static network preseed variables "appended" to the kernel command line or use the Pxelinux ipappend command.

NOTE: Please consider the syntax of preseed variables is slightly different when used on a preseed file or in a kernel command line, i.e.:

d-i netcfg/get_ipaddress string 192.168.1.13     <<< preseed file
netcfg/get_ipaddress=192.168.1.13                <<< kernel command line

The final append should look like this. Remove the line breaks, which are added here only to enhance readability and prevent horizontal scroll.

append
    [...]
    netcfg/get_ipaddress=192.168.1.13
    netcfg/get_netmask=255.255.252.0
    netcfg/get_gateway=192.168.1.1
    netcfg/get_nameservers=192.168.1.3
    netcfg/disable_autoconfig=true
Arseni Mourzenko
  • 2,165
  • 5
  • 23
  • 41
Pat
  • 3,339
  • 2
  • 16
  • 17
  • By adding just the `netcfg/get_ipaddress`, nothing changed; there are still two requests to DHCP. However, you're absolutely right: watching closely the logs, it appears that Apache records the `GET preseed.cfg` event four seconds *after* the second request to DHCP, which means that the network options within the preseed are irrelevant. I'll try to move some more options to the kernel command line to see if it solves the problem. – Arseni Mourzenko Jul 24 '16 at 22:56
  • IP was not enough, nor IP, netmask, gateway and DNS servers. However, with all the previous entries and the `netcfg/disable_autoconfig`, the client actually stops bothering DHCP server. I edited your answer by including the example which actually worked. – Arseni Mourzenko Jul 24 '16 at 23:21
  • 1
    `netcfg/get_ipaddress` was just an example I've used to show the differences between the file and kernel command line syntax, of-course you must provide the whole set of variables associated with the client IP definition. – Pat Jul 25 '16 at 06:42