Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

PXE/TFTP Booting Problems
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Kenji Miyamoto
Veteran
Veteran


Joined: 28 May 2005
Posts: 1452
Location: Looking over your shoulder.
PostPosted: Wed Mar 24, 2010 10:14 pm    Post subject: PXE/TFTP Booting Problems Reply with quote
I'm trying to boot a device into OpenBSD using PXE and a TFTP server running Gentoo, but I'm having problems with it. It is able to get a file called "pxeboot" via TFTP, but it can't get the "bsd" image. Here's the output from the serial terminal:
Code:
Intel UNDI, PXE-2.0 (build 082)
Copyright (C) 1997,1998,1999  Intel Corporation
VIA Rhine III Management Adapter v2.43 (2005/12/15)

CLIENT MAC ADDR: 00 00 24 CC 99 F4
CLIENT IP: 192.168.0.195  MASK: 255.255.255.0  DHCP IP: 192.168.0.1
GATEWAY IP: 192.168.0.1
probing: pc0 com0 com1 pci pxe![2.1] mem[639K 511M a20=on]
disk:
net: mac 00:00:24:cc:99:f4, ip 192.168.0.195, server 0.0.0.0
>> OpenBSD/i386 PXEBOOT 2.03
open(tftp:/etc/boot.conf): Unknown error: code 60
boot> bsd
booting tftp:bsd: open tftp:bsd: Unknown error: code 60
 failed(60). will try /bsd
boot>
boot> help
commands: # boot echo env help ls machine reboot set stty time
machine: boot diskinfo memory
boot> ls
stat(tftp:/.): Unknown error: code 60
boot>
/etc/xinet.d/tftp-stream:
Code:
service tftp
{
        disable         = no
        id              = tftp
        wait            = no
        socket_type     = stream

        user            = nobody
        group           = nobody
        server          = /usr/sbin/in.tftpd
        server_args     = /tftpboot

        log_on_success  = PID HOST USERID EXIT DURATION
        log_on_failure  = USERID ATTEMPT
}
/etc/xinet.d/tftp-dgram:
Code:
service tftp
{
        disable         = no
        id              = tftp
        wait            = yes
        socket_type     = dgram

        user            = nobody
        group           = nobody
        server          = /usr/sbin/in.tftpd
        server_args     = /tftpboot

        log_on_success  = PID HOST USERID EXIT DURATION
        log_on_failure  = USERID ATTEMPT
}
The contents of /tftpboot:
Code:
lrwxrwxrwx 1 nobody nobody       6 2010-01-19 08:03 bsd -> bsd.rd
-rw-r--r-- 1 nobody nobody 6059175 2009-07-10 14:03 bsd.rd
-rw-r--r-- 1 nobody nobody   53532 2009-07-10 14:03 pxeboot
/tftpboot itself:
Code:
drwxr-xr-x 2 nobody nobody 120 2010-01-19 08:03 /tftpboot
While I do have a firewall, no packets were dropped during the boot.

Also, I tried using the tftp command on another machine:
Code:
tftp> get pxeboot
Transfer timed out.
What have I done incorrectly here?
_________________
[ Kawa-kun, new and improved!! ]

Alex Libman seems to be more of an anarchist than a libertarian.
Back to top
View user's profile Send private message
Hu
Administrator
Administrator


Joined: 06 Mar 2007
Posts: 23193
PostPosted: Thu Mar 25, 2010 1:28 am    Post subject: Reply with quote
Given that the OpenBSD PXEBOOT client appears to have loaded successfully, the environment must be at least partially functional. The permissions look like they should work, though I suggest making the files and directory be owned by root:root so that processes running as nobody cannot modify the TFTP environment. Try using tcpdump to monitor the startup and check for any errors sent over the network when the first failure is printed on the netboot client. Also, you may want to strace the tftp server to check that it is not getting any unexpected system call errors.
Back to top
View user's profile Send private message
Kenji Miyamoto
Veteran
Veteran


Joined: 28 May 2005
Posts: 1452
Location: Looking over your shoulder.
PostPosted: Thu Mar 25, 2010 2:49 am    Post subject: Reply with quote
Here's what happens when I try to fetch 'bsd' from the OpenBSD PXE bootloader:
Code:
19:43:52.786054 IP 192.168.0.195.2966 > 0.0.0.0.tftp:  12 RRQ "bsd" octet
19:43:53.996328 IP 192.168.0.195.2966 > 0.0.0.0.tftp:  12 RRQ "bsd" octet
19:43:57.997768 IP 192.168.0.195.2966 > 0.0.0.0.tftp:  12 RRQ "bsd" octet
19:44:05.995587 IP 192.168.0.195.2966 > 0.0.0.0.tftp:  12 RRQ "bsd" octet
This is what happens when I fetch 'bsd' from a regular tftp program on another machine:
Code:
19:45:21.134704 IP 192.168.0.2.41500 > 192.168.0.1.tftp:  15 RRQ "bsd" netascii
It looks like the bootloader only tries to fetch it from 0.0.0.0, and since xinetd doesn't respond to it xinetd must be bound to 192.168.0.1.

How do I tell xinetd to listen on 0.0.0.0? Having the line "bind = 0.0.0.0" doesn't work.
_________________
[ Kawa-kun, new and improved!! ]

Alex Libman seems to be more of an anarchist than a libertarian.
Back to top
View user's profile Send private message
Kenji Miyamoto
Veteran
Veteran


Joined: 28 May 2005
Posts: 1452
Location: Looking over your shoulder.
PostPosted: Thu Mar 25, 2010 3:02 am    Post subject: Reply with quote
Nevermind. The solution was to add a "next-server" line to my dhcpd.conf.

What do the -l and -s options to for tftpd? I've seen them, but the always cause tftpd to stop serving files.
_________________
[ Kawa-kun, new and improved!! ]

Alex Libman seems to be more of an anarchist than a libertarian.
Back to top
View user's profile Send private message
Hu
Administrator
Administrator


Joined: 06 Mar 2007
Posts: 23193
PostPosted: Fri Mar 26, 2010 2:26 am    Post subject: Reply with quote
I meant for you to examine the traffic in detail using Wireshark or a more detailed tcpdump output, but it seems you found the solution another way.
Kenji Miyamoto wrote:
What do the -l and -s options to for tftpd? I've seen them, but the always cause tftpd to stop serving files.
From man in.tftpd:
man in.tftpd wrote:
-l, --listen
Run the server in standalone (listen) mode, rather than run from
inetd. In listen mode, the --timeout option is ignored, and the
--address option can be used to specify a specific local address
or port to listen to.

--secure, -s
Change root directory on startup. This means the remote host
does not need to pass along the directory as part of the trans-
fer, and may add security. When --secure is specified, exactly
one directory should be specified on the command line. The use
of this option is recommended for security as well as compati-
bility with some boot ROMs which cannot be easily made to
include a directory name in its request.
Using -l would cause the server to run in listen mode, rather than assuming that xinetd handled the listening part. You would need to have in.tftpd started independently and left running to make use of -l. Using -s causes a chroot call, which affects the effective paths of all files served. Thus, clients need to format their requests differently for a server with --secure versus one without it.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy