Skip to content

Instantly share code, notes, and snippets.

@NiKiZe
Forked from robinsmidsrod/dhcpd.conf
Created August 6, 2021 14:23
Show Gist options
  • Save NiKiZe/6667c6e69b000ee2781e1cda9778af74 to your computer and use it in GitHub Desktop.
Save NiKiZe/6667c6e69b000ee2781e1cda9778af74 to your computer and use it in GitHub Desktop.
Trying to chainload iPXE with full feature set from a lesser featured one, whilst still being able to boot non-supported cards with UNDI
ddns-update-style none;
deny bootp; #default
authoritative;
include "/etc/dhcp/ipxe-option-space.conf";
# GREEN (private network)
subnet 10.1.1.0 netmask 255.255.255.0 {
range 10.1.1.100 10.1.1.199;
option subnet-mask 255.255.255.0;
option routers 10.1.1.1; # firewall.smidsrod.lan
default-lease-time 3600;
max-lease-time 86400;
option domain-name "smidsrod.lan";
option domain-search "smidsrod.lan";
option domain-name-servers 10.1.1.1; # firewall.smidsrod.lan
option ntp-servers 132.163.97.3,132.163.97.2; # time.nist.gov
option log-servers 10.1.1.2; # core.smidsrod.lan
option lpr-servers 10.1.1.8; # laserjet.smidsrod.lan
include "/etc/dhcp/ipxe-green.conf";
}
use-host-decl-names on;
include "/etc/dhcp/static.conf";
# For information on valid values for option arch, see these links:
# https://git.ipxe.org/ipxe.git/commitdiff/af9afd0a86aeac1eed28b5028c3de669515fc7fc
# https://git.ipxe.org/ipxe.git/blob/HEAD:/src/include/ipxe/dhcp.h#l275
# https://www.rfc-editor.org/errata_search.php?rfc=4578
#
# I like to use native iPXE drivers (they're faster and more stable), so
# give ipxe.pxe/ipxe.efi to all non-iPXE clients, use undionly.kpxe/snponly.efi
# only if you have unsupported or misbehaving NICs.
allow bootp;
allow booting;
next-server 10.1.1.2; # core.smidsrod.lan
# Disable ProxyDHCP, we're in control of the primary DHCP server
option ipxe.no-pxedhcp 1;
# Make sure the iPXE we're loading supports the features we need, if not
# load a full-featured version. See ipxe-option-space.conf for definitions.
if exists ipxe.http
and exists ipxe.menu
and exists ipxe.nfs # NB: not enabled in iPXE by default
and (
( exists ipxe.pxe
and exists ipxe.bzimage
and exists ipxe.elf
and exists ipxe.comboot # NB: not enabled in iPXE by default
and exists ipxe.iscsi
) or (
exists ipxe.efi
)
) {
filename "nfs://nas.smidsrod.lan/raid/boot/boot.ipxe";
#filename "http://boot.smidsrod.lan/boot.ipxe";
} elsif option arch = 00:09 { # EFI BC
} elsif option arch = 00:08 { # EFI Xscale
} elsif option arch = 00:07 {
# EFI x86-64 (Intel x86 64-bit EFI mode)
# - most commonly used on newer hardware
filename "ipxe-x64.efi";
#filename "snponly-x64.efi";
} elsif option arch = 00:06 {
# EFI IA32 (Intel x86 32-bit EFI mode)
# - almost never seen in the wild
filename "ipxe-x86.efi";
#filename "snponly-x86.efi";
} elsif option arch = 00:05 { # Intel Lean Client
} elsif option arch = 00:04 { # Arc x86
} elsif option arch = 00:03 { # DEC Alpha
} elsif option arch = 00:02 { # EFI Itanium
} elsif option arch = 00:01 { # NEC/PC98
} else {
# Intel x86PC (Intel x86 32-bit legacy BIOS mode)
# - technically option arch = 00:00, but we use it as fallback
filename "ipxe.pxe";
#filename "undionly.kpxe";
}
# Declare the iPXE/gPXE/Etherboot option space
option space ipxe;
option ipxe-encap-opts code 175 = encapsulate ipxe;
# iPXE options, can be set in DHCP response packet
option ipxe.priority code 1 = signed integer 8;
option ipxe.keep-san code 8 = unsigned integer 8;
option ipxe.skip-san-boot code 9 = unsigned integer 8;
option ipxe.syslogs code 85 = string;
option ipxe.cert code 91 = string;
option ipxe.privkey code 92 = string;
option ipxe.crosscert code 93 = string;
option ipxe.no-pxedhcp code 176 = unsigned integer 8;
option ipxe.bus-id code 177 = string;
option ipxe.san-filename code 188 = string;
option ipxe.bios-drive code 189 = unsigned integer 8;
option ipxe.username code 190 = string;
option ipxe.password code 191 = string;
option ipxe.reverse-username code 192 = string;
option ipxe.reverse-password code 193 = string;
option ipxe.version code 235 = string;
option iscsi-initiator-iqn code 203 = string;
# iPXE feature flags, set in DHCP request packet
option ipxe.pxeext code 16 = unsigned integer 8;
option ipxe.iscsi code 17 = unsigned integer 8;
option ipxe.aoe code 18 = unsigned integer 8;
option ipxe.http code 19 = unsigned integer 8;
option ipxe.https code 20 = unsigned integer 8;
option ipxe.tftp code 21 = unsigned integer 8;
option ipxe.ftp code 22 = unsigned integer 8;
option ipxe.dns code 23 = unsigned integer 8;
option ipxe.bzimage code 24 = unsigned integer 8;
option ipxe.multiboot code 25 = unsigned integer 8;
option ipxe.slam code 26 = unsigned integer 8;
option ipxe.srp code 27 = unsigned integer 8;
option ipxe.nbi code 32 = unsigned integer 8;
option ipxe.pxe code 33 = unsigned integer 8;
option ipxe.elf code 34 = unsigned integer 8;
option ipxe.comboot code 35 = unsigned integer 8;
option ipxe.efi code 36 = unsigned integer 8;
option ipxe.fcoe code 37 = unsigned integer 8;
option ipxe.vlan code 38 = unsigned integer 8;
option ipxe.menu code 39 = unsigned integer 8;
option ipxe.sdi code 40 = unsigned integer 8;
option ipxe.nfs code 41 = unsigned integer 8;
# Other useful general options
# http://www.ietf.org/assignments/dhcpv6-parameters/dhcpv6-parameters.txt
option arch code 93 = unsigned integer 16;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment