iPXE discussion forum
Using iPXE on installed on local drive to boot Windows from local drive - Printable Version

+- iPXE discussion forum (https://forum.ipxe.org)
+-- Forum: iPXE user forums (/forumdisplay.php?fid=1)
+--- Forum: General (/forumdisplay.php?fid=2)
+--- Thread: Using iPXE on installed on local drive to boot Windows from local drive (/showthread.php?tid=7961)



Using iPXE on installed on local drive to boot Windows from local drive - FreeMinded - 2016-02-15 10:58

Hi iPXE community

I'm pretty new to iPXE, so please bear with me. Blush

We are trying to use iPXE to achieve the following:
In a distributed setup we want the clients (Desktops or Notebooks) to ask a defined server what to boot. In the normal case this would just be to boot Windows from the local hard drive. But when necessary the server can instruct the client to boot a specified image from the network (i.e. to reinstall Windows).
For security reason we do not want to use regular PXE booting from the network as we can not control the environment and PXE would open a potential attack vector.

Currently we chainload iPXE from Grub both of which are installed on the local drive. iPXE then contacts the server and gets a ipxe script file back. So far so good.

What does not work yet is to boot Windows from the second partition of the same local drive. Using
sanboot --no-describe --drive 0x80
Grub loads again and we loop.

Using
exit
ends up in a "No bootable device" error.

Questions:
How can I boot a specific partition from iPXE?
Is there a better way to accomplish what we are trying to do?
Is there a way to use timeouts in case the server does not answer (clients should then always boot Windows from the local drive)?

Any help and hints are highly appreciated!
Regards,
FreeMinded


RE: Using iPXE on installed on local drive to boot Windows from local drive - MultimediaMan - 2016-02-15 11:46

Which iPXE binary are trying to boot? You will need the lkrn or grub to boot.

(2016-02-15 10:58)FreeMinded Wrote:  Hi iPXE community

I'm pretty new to iPXE, so please bear with me. Blush

We are trying to use iPXE to achieve the following:
In a distributed setup we want the clients (Desktops or Notebooks) to ask a defined server what to boot. In the normal case this would just be to boot Windows from the local hard drive. But when necessary the server can instruct the client to boot a specified image from the network (i.e. to reinstall Windows).
For security reason we do not want to use regular PXE booting from the network as we can not control the environment and PXE would open a potential attack vector.

Currently we chainload iPXE from Grub both of which are installed on the local drive. iPXE then contacts the server and gets a ipxe script file back. So far so good.

What does not work yet is to boot Windows from the second partition of the same local drive. Using
[undefined=undefined]sanboot --no-describe --drive 0x80[/undefined]
Grub loads again and we loop.

Using
[undefined=undefined]exit[/undefined]
ends up in a "No bootable device" error.

Questions:
How can I boot a specific partition from iPXE?
Is there a better way to accomplish what we are trying to do?
Is there a way to use timeouts in case the server does not answer (clients should then always boot Windows from the local drive)?

Any help and hints are highly appreciated!
Regards,
FreeMinded



RE: Using iPXE on installed on local drive to boot Windows from local drive - FreeMinded - 2016-02-15 14:38

(2016-02-15 11:46)MultimediaMan Wrote:  Which iPXE binary are trying to boot? You will need the lkrn or grub to boot.

Hi MultimediaMan
Thanks for your post.
I'm using a lkrn version. And booting iPXE through Grub work without issues. The question is how can I boot Windows which resides on partition 2 of the same hard drive once I'm in iPXE.


RE: Using iPXE on installed on local drive to boot Windows from local drive - NiKiZe - 2016-02-15 19:18

(2016-02-15 10:58)FreeMinded Wrote:  What does not work yet is to boot Windows from the second partition of the same local drive. Using
sanboot --no-describe --drive 0x80
Grub loads again and we loop.

--drive 0x80 refers to the first BIOS disk, BIOS can never boot a specific partition, it's up to the disks bootsector code to do that,

(2016-02-15 10:58)FreeMinded Wrote:  Using
exit
ends up in a "No bootable device" error.

exit returns from ipxe and leaves the selection of "next boot device" to iPXEs loader (BIOS in most cases)

(2016-02-15 10:58)FreeMinded Wrote:  Questions:
How can I boot a specific partition from iPXE?

The sanboot hack only allows to boot disks, and not booting partitions.
Simple answer is then you can't boot a specific partition from iPXE.

(2016-02-15 10:58)FreeMinded Wrote:  Is there a better way to accomplish what we are trying to do?
if you want to run the windows setup i suggest you boot it from the network with wimboot, you can still keep the install.wim on local disk if you want to, but load wimboot and boot.wim over the network.

(2016-02-15 10:58)FreeMinded Wrote:  Is there a way to use timeouts in case the server does not answer (clients should then always boot Windows from the local drive)?

You can end ipxe script lines with || command on fail
command on fail in this case can be a goto and then exit gracefully or do the sanboot hack. You can specify a timeout for most types of fetch commands.

Hope it helps somewhat.


RE: Using iPXE on installed on local drive to boot Windows from local drive - FreeMinded - 2016-02-16 09:37

(2016-02-15 19:18)NiKiZe Wrote:  --drive 0x80 refers to the first BIOS disk, BIOS can never boot a specific partition, it's up to the disks bootsector code to do that,

(2016-02-15 19:18)NiKiZe Wrote:  exit returns from ipxe and leaves the selection of "next boot device" to iPXEs loader (BIOS in most cases)

OK, that clarifies it somewhat. As Grub and iPXE are started from the hard drive the next device in the boot order is nothing...

(2016-02-15 19:18)NiKiZe Wrote:  
(2016-02-15 10:58)FreeMinded Wrote:  Questions:
How can I boot a specific partition from iPXE?

The sanboot hack only allows to boot disks, and not booting partitions.
Simple answer is then you can't boot a specific partition from iPXE.

(2016-02-15 10:58)FreeMinded Wrote:  Is there a better way to accomplish what we are trying to do?

if you want to run the windows setup i suggest you boot it from the network with wimboot, you can still keep the install.wim on local disk if you want to, but load wimboot and boot.wim over the network.

I'll have a deeper look at winboot. But on first sight it does not seem to do what we need

(2016-02-15 19:18)NiKiZe Wrote:  
(2016-02-15 10:58)FreeMinded Wrote:  Is there a way to use timeouts in case the server does not answer (clients should then always boot Windows from the local drive)?

You can end ipxe script lines with || command on fail
command on fail in this case can be a goto and then exit gracefully or do the sanboot hack. You can specify a timeout for most types of fetch commands.

Hope it helps somewhat.

Thanks for the hint with the timeout. This certainly solves the problem if the server is not reachable.

My follow-up questions now are:
1. Is there another way or hack to chainload the Windows Bootloader from iPXE?
2. Is there a way in Grub to have a different default selection if Grub is invoked for the second time (through the sanboot hack)?
3. Is there a way to hand over some variable to Grub from iPXE?

I guess this is now more a Grub than iPXE thing...

Thanks a lot for your help!


RE: Using iPXE on installed on local drive to boot Windows from local drive - NiKiZe - 2016-02-16 22:28

(2016-02-16 09:37)FreeMinded Wrote:  I'll have a deeper look at winboot. But on first sight it does not seem to do what we need

My follow-up questions now are:
1. Is there another way or hack to chainload the Windows Bootloader from iPXE?
2. Is there a way in Grub to have a different default selection if Grub is invoked for the second time (through the sanboot hack)?
3. Is there a way to hand over some variable to Grub from iPXE?

I guess this is now more a Grub than iPXE thing...

Thanks a lot for your help!

iPXE can only load "next stage" over the network.
Why would not wimboot be an option?

You could load a 3rd party bootloader such as "embeded" grub (that is grub with configfiles in the same file) or a floppy image that then do what you want - but once again this still needs to be loaded over the network, and wimboot is by far the cleaner solution.

It might even be possible to create a special BCD file and just have windows bootmgr.exe and the BCD file downloaded and that would then boot the correct partition.

But I have to ask, why are you even entering iPXE if what you want to do is to boot from local disk anyway?


RE: Using iPXE on installed on local drive to boot Windows from local drive - FreeMinded - 2016-02-23 11:02

(2016-02-16 22:28)NiKiZe Wrote:  But I have to ask, why are you even entering iPXE if what you want to do is to boot from local disk anyway?

We want to be able to boot from a specified server when needed. Such as to reinstall Windows without the need for a user interaction. As we are in a distributed and uncontrolled network we can not rely on PXE on the network. Therefore we use a locally installed iPXE to contact our boot control server. If nothing needs to be done (or the request times out) it simply boots local.

I was now able to get it to work with Grub and iPXE. See selected solution on this question (http://unix.stackexchange.com/questions/263418/how-can-i-ask-a-defined-server-what-to-boot) for more details.

Except for the reboot problem we are still facing (http://forum.ipxe.org/showthread.php?tid=7965) it works as expected. Smile