Installing and configuring TFTP and DHCP for WADS¶
Installing and configuring a TFTP server¶
Warning
If you have installed another tftp server on the WAPT Server, please uninstall it first.
This documentation is for WAPT 2.2.1 and higher
Choose your distribution
Enable and start tftp serverInstall the TFTP server.
systemctl enable wapttftpserver
systemctl start wapttftpserver
You may test that the tftp server works properly using a tftp client and test download the ipxe.efi file. If you are testing the following command on a Redhat based machine other than the waptserver, beware of the local outbound firewall that blocks outgoing tftp client requests.
cd ~
tftp srvwapt.mydomain.lan
binary
get ipxe.efi
quit
ls -l ipxe.efi
When installing the server, tick the WADS tftp check mark. You can re-run the installer if it was not done at that time. You can check that the service is configured and running with the command
sc query wapttftpserver
If the server is installed but not started, you can start it with:
net start wapttftpserver
Installing and configuring a DHCP server¶
The PXE booting is a two step process. First the UEFI/BIOS bootloader will download iPXE binary from the tftp server, then iPXE binary will download the iPXE script and boot binaries from http. This is why we need to have a two step PXE DCHP configuration.
For example:
<!-- global options -->
next-server 192.168.1.30;
option ipxe-url code 175 = text;
option client-architecture code 93 = unsigned integer 16;
<!-- subnet mydomain.lan netmask 255.255.255.0 -->
if option client-architecture = 00:00 {
if exists user-class and option user-class = "iPXE" {
filename "http://srvwapt.mydomain.lan/api/v3/baseipxe?uefi=false&keymap=fr";
}
else{
filename "undionly.kpxe";
}
} else {
if exists user-class and option user-class = "iPXE" {
option ipxe-url "http://srvwapt.mydomain.lan:80/";
filename "http://srvwapt.mydomain.lan/api/v3/baseipxe?keymap=fr";
}
else{
filename "ipxe.efi";
}
}
For more information you can refer to https://ipxe.org/howto/dhcpd
For example:
dhcp-match=set:ipxe,175 # iPXE sends a 175 option.
dhcp-boot=tag:!ipxe,undionly.kpxe,IP_WAPTSERVER
dhcp-boot=tag:ipxe,http://srvwapt.mydomain.lan/api/v3/baseipxe?uefi=false
For example for one machine:
dhcp-match=set:ipxe,175 # iPXE sends a 175 option.
dhcp-mac=set:waptserver,MAC_ADDRESS_TARGET_COMPUTER
dhcp-boot=tag:!ipxe,undionly.kpxe,waptserver,IP_WAPTSERVER
dhcp-boot=tag:ipxe,http://srvwapt.mydomain.lan/api/v3/baseipxe?uefi=false,waptserver
You can use the following PowerShell command line to configure iPXE booting on your network. Please adapt the $url_waptserver and $waptserver_ipaddress_tftp depending on your current installation. keymap is the keyboard language
$waptserver_ipaddress_tftp = "192.168.154.13"
$url_waptserver = "http://srvwapt.mydomain.lan"
$keymap = "fr"
Add-DhcpServerv4Class -Name "legacy_bios" -Type Vendor -Data "PXEClient:Arch:00000"
Add-DhcpServerv4Class -Name "iPXE" -Type User -Data "iPXE"
Set-DhcpServerv4OptionValue -OptionId 66 -Value "$waptserver_ipaddress_tftp"
Add-DhcpServerv4Policy -Name "wapt-ipxe-url-legacy" -Condition AND -UserClass EQ,iPXE -VendorClass EQ,legacy_bios*
Set-DhcpServerv4OptionValue -PolicyName "wapt-ipxe-url-legacy" -OptionID 67 -Value "$url_waptserver/api/v3/baseipxe?uefi=false&keymap=$keymap"
Add-DhcpServerv4Policy -Name "wapt-ipxe-url-uefi" -Condition AND -UserClass EQ,iPXE -VendorClass NE,legacy_bios*
Set-DhcpServerv4OptionValue -PolicyName "wapt-ipxe-url-uefi" -OptionID 67 -Value "$url_waptserver/api/v3/baseipxe?keymap=$keymap"
Add-DhcpServerv4Policy -Name "ipxe.efi" -Condition AND -UserClass NE,iPXE -VendorClass NE,legacy_bios*
Set-DhcpServerv4OptionValue -PolicyName "ipxe.efi" -OptionID 67 -Value "ipxe.efi"
Add-DhcpServerv4Policy -Name "undionly.kpxe" -Condition AND -UserClass NE,iPXE -VendorClass EQ,legacy_bios*
Set-DhcpServerv4OptionValue -PolicyName "undionly.kpxe" -OptionID 67 -Value "undionly.kpxe"
For more information, you can refer to https://ipxe.org/howto/msdhcp