Difference between revisions of "BIOS and UEFI Co-Existence"

From FOG Project
Jump to: navigation, search
m (Using Linux DHCP)
(Using Linux DHCP)
Line 102: Line 102:
 
     }
 
     }
 
</pre>
 
</pre>
 +
 +
 +
 +
Here is another complete example setup for a 10.0.0.0/24 network where 10.0.0.3 is the FOG Server, 10.0.0.3 is the TFTP server, 10.0.0.1 is the router, and 10.0.0.1 is the DNS Server. The range for this configuration is set to 10.0.0.20 through 10.0.0.254
 +
 +
 +
 +
<pre>
 +
option space PXE;
 +
option PXE.mtftp-ip    code 1 = ip-address;
 +
option PXE.mtftp-cport code 2 = unsigned integer 16;
 +
option PXE.mtftp-sport code 3 = unsigned integer 16;
 +
option PXE.mtftp-tmout code 4 = unsigned integer 8;
 +
option PXE.mtftp-delay code 5 = unsigned integer 8;
 +
option arch code 93 = unsigned integer 16; # RFC4578
 +
 +
use-host-decl-names on;
 +
ddns-update-style interim;
 +
ignore client-updates;
 +
next-server 10.0.0.3;
 +
 +
 +
subnet 10.0.0.0 netmask 255.255.255.0 {
 +
        option subnet-mask              255.255.255.0;
 +
        range dynamic-bootp 10.0.0.20 10.0.0.254;
 +
        default-lease-time 21600;
 +
        max-lease-time 43200;
 +
        option domain-name-servers      10.0.0.1;
 +
        option routers      10.0.0.1;
 +
 +
    class "UEFI-32-1" {
 +
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";
 +
    filename "i386-efi/ipxe.efi";
 +
    }
 +
 +
    class "UEFI-32-2" {
 +
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";
 +
    filename "i386-efi/ipxe.efi";
 +
    }
 +
 +
    class "UEFI-64-1" {
 +
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";
 +
    filename "ipxe.efi";
 +
    }
 +
 +
    class "UEFI-64-2" {
 +
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";
 +
    filename "ipxe.efi";
 +
    }
 +
 +
    class "UEFI-64-3" {
 +
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";
 +
    filename "ipxe.efi";
 +
    }
 +
 +
    class "Legacy" {
 +
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";
 +
    filename "undionly.kkpxe";
 +
    }
 +
 +
    }
 +
</pre>
 +
  
 
When you have Mac OS clients as well you might want to check out this: [[FOG_on_a_MAC#architecture]]
 
When you have Mac OS clients as well you might want to check out this: [[FOG_on_a_MAC#architecture]]

Revision as of 16:31, 11 October 2015

General

To make network booting for several different client platforms possible you'd have to offer adequate boot images for those clients. To be able to distinguish between varying platforms the DHCP server needs to utilize the information sent by the clients. According to RFC 4578 "the following pre-boot architecture types have been requested" (by the RFC):

           Type   Architecture Name
           ----   -----------------
             0    Intel x86PC
             1    NEC/PC98
             2    EFI Itanium
             3    DEC Alpha
             4    Arc x86
             5    Intel Lean Client
             6    EFI IA32
             7    EFI BC (EFI Byte Code)
             8    EFI Xscale
             9    EFI x86-64

Using Linux DHCP

According to this post there are (at least) three different ways to configure ISC DHCP server that way: http://www.syslinux.org/archives/2014-October/022683.html

Edit /etc/dhcp/dhcpd.conf and add the 'authoritative' option to your subnet definition and the following classes anywhere in the config:

subnet ... {
    authoritative;
    ...
}
...

class "pxeclient" {
    match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";

    if substring (option vendor-class-identifier, 15, 5) = "00000" {
        # BIOS client 
        filename "undionly.kpxe";
    }
    elsif substring (option vendor-class-identifier, 15, 5) = "00006" {
        # EFI client 32 bit
        filename   "ipxe32.efi";
    }
    else
        # default to EFI 64 bit
        filename   "ipxe.efi";
    }
}


Here's a complete configuration example where the FOG server is the tftp server and the DNS Server. No router is defined in this configuration but can easily be added by changing X.X.X.X and un-commenting the line.

option space PXE;
option PXE.mtftp-ip    code 1 = ip-address;
option PXE.mtftp-cport code 2 = unsigned integer 16;
option PXE.mtftp-sport code 3 = unsigned integer 16;
option PXE.mtftp-tmout code 4 = unsigned integer 8;
option PXE.mtftp-delay code 5 = unsigned integer 8;
option arch code 93 = unsigned integer 16; # RFC4578

use-host-decl-names on;
ddns-update-style interim;
ignore client-updates;
next-server 192.168.1.1;


subnet 192.168.1.0 netmask 255.255.255.0 {
        option subnet-mask              255.255.255.0;
        range dynamic-bootp 192.168.1.10 192.168.1.254;
        default-lease-time 21600;
        max-lease-time 43200;
        option domain-name-servers      192.168.1.1;
    #option routers      x.x.x.x;
 
    class "UEFI-32-1" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";
    filename "i386-efi/ipxe.efi";
    }

    class "UEFI-32-2" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";
     filename "i386-efi/ipxe.efi";
    }

    class "UEFI-64-1" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";
     filename "ipxe.efi";
    }

    class "UEFI-64-2" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";
    filename "ipxe.efi";
    }

    class "UEFI-64-3" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";
     filename "ipxe.efi";
    }

    class "Legacy" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";
    filename "undionly.kkpxe";
    }

    }


Here is another complete example setup for a 10.0.0.0/24 network where 10.0.0.3 is the FOG Server, 10.0.0.3 is the TFTP server, 10.0.0.1 is the router, and 10.0.0.1 is the DNS Server. The range for this configuration is set to 10.0.0.20 through 10.0.0.254


option space PXE;
option PXE.mtftp-ip    code 1 = ip-address;
option PXE.mtftp-cport code 2 = unsigned integer 16;
option PXE.mtftp-sport code 3 = unsigned integer 16;
option PXE.mtftp-tmout code 4 = unsigned integer 8;
option PXE.mtftp-delay code 5 = unsigned integer 8;
option arch code 93 = unsigned integer 16; # RFC4578

use-host-decl-names on;
ddns-update-style interim;
ignore client-updates;
next-server 10.0.0.3;


subnet 10.0.0.0 netmask 255.255.255.0 {
        option subnet-mask              255.255.255.0;
        range dynamic-bootp 10.0.0.20 10.0.0.254;
        default-lease-time 21600;
        max-lease-time 43200;
        option domain-name-servers      10.0.0.1;
        option routers      10.0.0.1;
 
    class "UEFI-32-1" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";
    filename "i386-efi/ipxe.efi";
    }

    class "UEFI-32-2" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";
     filename "i386-efi/ipxe.efi";
    }

    class "UEFI-64-1" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";
     filename "ipxe.efi";
    }

    class "UEFI-64-2" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";
    filename "ipxe.efi";
    }

    class "UEFI-64-3" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";
     filename "ipxe.efi";
    }

    class "Legacy" {
    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";
    filename "undionly.kkpxe";
    }

    }


When you have Mac OS clients as well you might want to check out this: FOG_on_a_MAC#architecture

Restart the DHCP service and you are good to go!

Using ProxyDHCP (dnsmasq)

There are powerful matching rules in dnsmasq's configuration syntax. Here is an example of how this could be used to distingush between BIOS and UEFI. Note: This will only work in non proxy mode!!

dhcp-match=set:bios,60,PXEClient:Arch:00000
dhcp-option-force=tag:bios,66,x.x.x.x           # TFTP/FOG server ip
dhcp-option-force=tag:bios,67,"undionly.kpxe"

dhcp-match=set:efi32,60,PXEClient:Arch:00006
dhcp-option-force=tag:efi32,66,x.x.x.x          # TFTP/FOG server ip
dhcp-option-force=tag:efi32,67,"i386-efi/ipxe.efi"

dhcp-match=set:efibc,60,PXEClient:Arch:00007
dhcp-option-force=tag:efibc,66,x.x.x.x          # TFTP/FOG server ip
dhcp-option-force=tag:efibc,67,"ipxe.efi"

dhcp-match=set:efi64,60,PXEClient:Arch:00009
dhcp-option-force=tag:efi64,66,x.x.x.x          # TFTP/FOG server ip
dhcp-option-force=tag:efi64,67,"ipxe.efi"

Using Windows Server 2012 (r1 and later) DHCP Policy

The below method assumes that your normal Scope options 066 and 067 are set for BIOS boot files. The below DHCP policy will only apply to UEFI based network booting. Regular BIOS based network booting will still use the default scope options set in the scope.


Step 1

Right click IPv4, and pick "Define vendor class".

Step 1.png

Step 2

Step 2.png

Step 3

Here, The display name and description aren't really important but should describe what this does.

What's important is the "ASCII" field. In this field, you would type this:

PXEClient:Arch:00007

As you type this in, the ID and Binary fields will auto-update. When done, click Ok, ok, ok to finish this part of the procedure.

Step 3.png

Step 4

Underneath IPv4 -> Scope -> Policies, right click on "Policies" and choose "New Policy..."

Step 4.png

Step 5

Step 5.png

Step 6

Step 6.png

Step 7

Step 7.png

Step 8

Step 8.png

Step 9

Step 9.png

Step 10

Step 10.png

Using Windows Server 2008 (and earlier) using DHCP Option 003

Option 003 steps here

List option 003 steps here.

Using OS X DHCP

Steps Here

Please list OS X steps here.

Relevant Resources

undionly-kpxe-and-ipxe-efi

fog-bios-and-efi-coexistence

http://www.syslinux.org/archives/2014-January/021404.html

http://www.syslinux.org/archives/2014-October/022683.html