userdoc:tt-netboot

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
userdoc:tt-netboot [2012/07/18 04:41]
droemel 		userdoc:tt-netboot [2012/11/19 09:27] (current)
abelbeck
Line 28: Line 28:
 ==== Security ==== ==== Security ====
  
-Please be careful what exactly you symlink to "/tftpboot"For local files "/tftpboot" is the root directory for PXE. For security reasons all menu entries and especially the menu line editing feature and escaping to a "boot:" prompt (with TAB/ESC) can be password protected (clear-text, MD5, SHA1). You could also comment out the above line in ''dnsmasq.static'' and only activate this feature, when you really need it.+Please be careful what exactly you symlink to "/tftpboot". "/tftpboot" is the root directory for PXE for local files. For security reasons all menu entries and especially the menu line editing feature and escaping to a "boot:" prompt (with TAB/ESC) can be password protected (clear-text, MD5, SHA1). You could also comment out the above line in ''dnsmasq.static'' and only activate this feature, when you really need it. 
 +  
 +Additionally you could set a filter in "dnsmasq.static" for allowing only specific Netboot MAC-addresses (or ranges) by replacing the line:
  
-\\ +  dhcp-boot=pxelinux.0
  
 +with this:
 +
 +  dhcp-mac=set:netboot,08:00:27:fb:*:*
 +  dhcp-boot=tag:netboot,pxelinux.0
 +
 +The first line adds the tag "netboot" only to MAC-addresses starting with 08:00:27:fb (in this example VirtualBox VMs). The 2nd line allows Netbooting only for devices which have the "netboot" tag.
 +
 +==== Enabling Netboot in BIOS ====
 +
 +Some x86 boards have netboot enabled by default in their BIOS, many do not.  For example with the Jetway line of boards using AMI BIOS, netboot may be enabled on a NIC by NIC basis.
 +
 +**Jetway Board Example**
 +
 +Enter the **Setup** page in the BIOS by typing ''DEL'' via VGA Console or ''F4 (<ESC>OS)'' via Serial Console.
 +
 +Navigate to Integrated Peripherals -> Onboard Device Function, then set "Onboard LAN1 BootROM [Enabled]" in the BIOS for one or more NICs (LAN1, LAN2, etc.).
 +
 +Finally, with netboot enabled in the BIOS, you can select the Boot Menu at startup by typing ''F11'' via VGA Console or ''F3 (<ESC>OR)'' via Serial Console.  Then you can select the NIC to netboot from.
 +\\
  • userdoc/tt-netboot.1342604502.txt.gz
  • Last modified: 2012/07/18 04:41
  • by droemel