ipxe iscsi boot fails, even in virtualbox
|
2014-01-16, 22:46
(This post was last modified: 2014-01-16 22:52 by masterr-10da.)
Post: #1
|
|||
|
|||
ipxe iscsi boot fails, even in virtualbox
Hi,
I set up an iscsi server running iscs-dhcp-server and tftpd-hpa. At boot I get the following screen: allow booting; allow bootp; ddns-update-style none; log-facility local7; default-lease-time -1; max-lease-time 7200; authoritative; option space ipxe; option ipxe-encap-opts code 175 = encapsulate ipxe; option ipxe.keep-san code 8 = unsigned integer 8; option ipxe.bus-id code 177 = string; subnet 10.0.0.0 netmask 255.255.0.0 { use-host-decl-names on; range 10.0.0.164 10.0.0.192; #option routers 10.0.0.111; that's my dhcpd.conf option domain-name-servers 10.0.0.1; option broadcast-address 10.0.255.255; option root-path "10.0.0.111:/var/lib/tftpboot/"; next-server 10.0.0.111; if not exists ipxe.bus-id { filename "undionly.kpxe"; option routers 10.0.0.1; } else { filename ""; option root-path "iscsi:10.0.0.111:::1:iqn.2013-09.at.lightserver.empower:windows"; option ipxe.keep-san 1; option routers 0.0.0.0; } server-name "empower"; server-identifier 10.0.0.111; } but however windows 7 doesn't come up, the boot process quits with a bluescreen. My router is running is OpenWRT. Do I have to set something special to enable iscsi boot? I found a guide here > etherboot.org/wiki/sanboot/win2k8_iscsi_install < but the rule iptables -A forwarding_lan -i br-lan -o br-lan -j ACCEPT brings an error: iptables: No chain/target/match by that name. So I checked with ifconfig: ifconfig br-lan Link encap:Ethernet HWaddr A0:F3:C1:78:07:C0 inet addr:10.0.0.1 Bcast:10.0.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:8677375 errors:0 dropped:5180 overruns:0 frame:0 TX packets:13955772 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1039227257 (991.0 MiB) TX bytes:17619986844 (16.4 GiB) Is it very likely OpenWRT is blocking required packet exchange? iptables v1.4.20 best regards |
|||
2014-01-17, 10:03
Post: #2
|
|||
|
|||
RE: ipxe iscsi boot fails, even in virtualbox
Where are you actually telling iPXE to boot from the root-path? Because with the information given, I don't think you are. You're close, however.
It looks like you're trying to run iPXE like syslinux. While that is a workable approach, you're going to have to embed some scripts to get it to do what you want. Without a script to run, iPXE is one sad bootloader. To get iPXE to boot from an iSCSI target, you need: 1) A valid IP address at the initiator side: e.g. Code: dhcp net0 2) Then you will need to "hook" the IQN which you have given as 'root-path': e.g. Code: sanboot --drive 0x80 ${root-path} What you probably want to do is embed a script into iPXE which does this for you. Better yet, embed a script which calls a script which does this for you: e.g. Code: touch myscript.ipxe And place into it something like: Code: #!ipxe To embed a script into iPXE, use the following arguments at compile time: Code: make bin/undionly.kpxe EMBED=myscript.ipxe And then create a file with your MAC in that directory on the server http://somewebserver.on.your.network: e.g. Code: touch 08-00-27-f0-87-56.ipxe And place into it something like: Code: #!ipxe If you're going to try to iSCSI boot Windows, you might want to try reading up on some issues you may run into here. Specifically, you may want to set in your chainloaded script (08-00-27-f0-87-56.ipxe), the following statement: Code: net0/gateway 0.0.0.0 For a script consisting of: Code: #!ipxe Make sure you read the WDS page to understand what is going on (and why Microsoft is/are off their bloody rocker). That should get you going. Best, M^3 "Thus far, you have been adrift within the sheltered harbor of my patience..." |
|||
2014-01-20, 08:53
Post: #3
|
|||
|
|||
RE: ipxe iscsi boot fails, even in virtualbox
MultiMediaMan: The "autoboot" command (default script) does try to boot the root-path if it is present and looks like an iSCSI URL. But obviously that will not allow you to do the net0/gateway 0.0.0.0 hack. But I also notice that the dhcpd config sets that explicitly anyways. So overall it does seem like most of your suggestions have already been followed.
Master: I see ipxe.bus-id being used to detect iPXE instead of using user-class. That could be a problem. The image also shows the network settings _before_ the dhcp was performed, not after. So we don't know if they get applied to the setup or not (I think they are, but would like to be sure). |
|||
2014-01-22, 21:26
(This post was last modified: 2014-01-22 22:03 by masterr-10da.)
Post: #4
|
|||
|
|||
RE: ipxe iscsi boot fails, even in virtualbox
(2014-01-20 08:53)robinsmidsrod Wrote: MultiMediaMan: The "autoboot" command (default script) does try to boot the root-path if it is present and looks like an iSCSI URL. But obviously that will not allow you to do the net0/gateway 0.0.0.0 hack. But I also notice that the dhcpd config sets that explicitly anyways. So overall it does seem like most of your suggestions have already been followed. I see an error now as I installed portsentry: Code: Wed Jan 22 21:05:02 2014 daemon.notice portsentry[1461]: attackalert: UDP scan from host: 10.192.192.1/10.192.192.1 to UDP port: 68 there must be a good reason why the rule Code: iptables -A forwarding_lan -i br-lan -o br-lan -j ACCEPT doesn't apply. What does the error iptables: No chain/target/match by that name. mean? To me it looks like the forwarding_lan ruleset doesn't exist anymore. "ipxe.bus-id being used to detect iPXE instead of using user-class" Thanks, I'll test if that makes the difference. |
|||
« Next Oldest | Next Newest »
|
User(s) browsing this thread: 3 Guest(s)