[syslinux] Cannot chain to another PXE server on the same subnet
Jeffrey Hutzelman
jhutz at cmu.edu
Fri Mar 7 13:00:23 PST 2014
On Fri, 2014-03-07 at 05:49 -0500, Gene Cumm wrote:
> On Fri, Mar 7, 2014 at 2:33 AM, Vieri <rentorbuy at yahoo.com> wrote:
>
> > So I take it it's more of a DHCP hack in which:
> > 1- client boots and gets DHCP response from 10.215.144.7 with PXE syslinux info
> > 2- client loads pxelinux.0 menu and selects menu that chains to Altiris PXE menu except, instead of calling pxechain.com or pxechn.c32 with the Altiris server's IP address, the client should "re-netboot" but this time, the DHCP server at 10.215.144.7 should not include any PXE information at all for this particular client/MAC, so Altiris can kick in.
> >
> > I don't know how to do this but is this basically what you're suggesting?
>
> 1) Thinking about the responses again, I'm absolutely surprised that
> you can even boot PXELINUX. I would have expected the response from
> the Altiris server to override your attempts to block it.
Nope. The PXE spec explicitly requires that a PXE response from the
"real" DHCP server be given precedence.
> 2) There's at least one more thing we can try, a very long option 43.
> Either use the text-decimal tcpdump or a tool that can read the pcap
> (like Wireshark) and create a single large colon-separated string
> representation of the 3 option 43 values (should be over 1200
> characters long, 3 times total length minus 1).
Oh, hm. That might work, at least experimentally. If it does (and
maybe even if not), it might be interesting in the future to provide the
ability to add/remove/replace individual vendor-encapsulated suboptions.
Unfortunately, from what documentation I could find, the Altiris server
generates its menu dynamically and makes no promise about what the item
"types" will be. The boot item type appearing the menu will be sent by
bstrap.0 in its next request, and must match one actually known to the
Altiris server in order for it to provide correct boot responses. What
that means is that any time you change anything about the Altiris menu,
the option 43 embedded in your pxelinux config will become out of
date. :-(
Also, to get actually booting one of the Altiris menu items to work, you
_may_ need to change your main DHCP server configuration so that it does
not send a PXE response at all if the client sends PXE.pxe-boot-item
other than (0 0). I can't recall whether the client will send a
broadcast request in this case or a unicast to the selected server; in
the latter case, of course, the main DHCP config won't matter at that
point.
-- Jeff
More information about the Syslinux
mailing list