• April 21, 2019, 05:01:34 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Netboot with a Mac and Infoblox as DHCP server  (Read 19092 times)

0 Members and 1 Guest are viewing this topic.

Offline int21h

  • Rookie
  • **
  • Posts: 15
Netboot with a Mac and Infoblox as DHCP server
« on: November 13, 2011, 11:46:39 PM »
Hi Guys,

I'm not sure if this is the most relevant forum to post this, but I thought I'd share my experiences with getting a Mac to scuessfully netboot across subnets.

For the past two years (off and on) I have been trying to work out why we couldn't get netboot (holding N down at boot) to work. It turns out, it's something very simple and had we received support from Apple (apparently Apple don't support corporate environments) we could of solved this a long time ago.

So basically it comes down to defining a few options in DHCP. However, since most DHCP servers run ISC DHCP daemon, they are configured to send the options that the clients request. The problem is, the Mac's do not request all the options that is required to netboot.
Although, this isn't a problem if you are using a MAC OSX server as your DHCP + Netboot server, because the MAC server will ignore client request list and send all the information required.

However we are using the Infoblox appliances to handle DHCP and then offload netboot to the OSX server.

All we had to do was configure the DHCP relay agent for the subnet to our DHCP servers and then configure DHCP with the appropriate options

There are two options for sending out the DHCP options:
1. Configure 'Ignore optionlist requested by client and return all defined options', either for whole of DHCP or for Network/DHCP Scope/Fixed Address. This means the DHCP server will ignore what the client requests and send out all the options you have configured.

2. Leave the "ignore optoionlist requested......" as unticked (default) and specify all options you wish to hand out in "Option 55". For example, in the option 55 field you would define it as : 3, 17, 43, 54, 60    and then you will still have to configure each option seperately with the information below.

In a nutshell, the Mac requires the following options configured in order for netboot to work:

Root path (Option 17)  - This is the location of your image
nfs:192.168.1.1:/Library/NetBoot/NetBootSP0:CasperNetboot.nbi/Install.dmg.sparseimage


Vendor-encapsulated-options    (Option 43)
08:04:81:00:02:58:82:0A:4E:65:74:42:6F:6F:74:31:33:38    (....X.NetBoot138)

Option 60
41:41:50:4c:42:53:44:50:43    (AAPLBSDPC)

Option 54   - (Mac netboot server ip)
192.168.1.1

BootP Settings:
Boot file: /private/tftpboot/NetBoot/NetBootSP0/CasperNetboot.nbi/i386/booter
Next Server: 192.168.1.1 (Mac netboot server ip)
Boot Server: osx.domain.com  (Mac netboot server hostname)


I'm buy no means an expert on this but I'm happy to answer any questions (where i can).

 


Offline Michael McNamara

  • Administrator
  • Hero Member
  • *****
  • Posts: 3839
    • michaelfmcnamara
    • Michael McNamara
Re: Netboot with a Mac and Infoblox as DHCP server
« Reply #1 on: November 13, 2011, 11:56:01 PM »
Thanks for the information @int21h!
We've been helping network engineers, system administrators and technology professionals since June 2009.
If you've found this site useful or helpful, please help me spread the word. Link to us in your blog or homepage - Thanks!

Offline mark

  • Rookie
  • **
  • Posts: 1
Re: Netboot with a Mac and Infoblox as DHCP server
« Reply #2 on: February 07, 2012, 03:36:40 PM »
This isn't documented well, but you don't need dhcp options for this.  You just need a helper statement in your router to direct broadcasts to the netboot server.  You also need one for dhcp of course.

So lets say your dhcp server is 1.1.1.5, your netboot server is 2.2.2.5, and your netboot workstation subnet is 3.3.3.0/24.  So here would be your router interface statement for the mac workstation subnet.  The order of the helper statements doesn't matter.

interface VlanX
 description Mac Lab
 ip address 3.3.3.1 255.255.255.0
 ip helper-address 1.1.1.5
 ip helper-address 2.2.2.5

So a mac boots up and does a broadcast looking for dhcp.  Both servers see it because there are two helper statements that forward the broadcasts to the servers.  But only the dhcp server replies, because the netboot server has dhcp services turned off.  If the dhcp packet doesn't have the netboot specific options set, the netboot workstation will do another broadcast looking for netboot info.  Again, both servers will receive it because of the multiple helper statements, but this time only the netboot server will respond because your dhcp server isn't running netboot services.  After getting this info from the netboot server the workstation now has an ip to use and the ip, path, and filename info given after the second request from the netboot server.  That's all it takes to boot from a netboot server in another subnet, and to use a separate dhcp server (not the netboot server).

Note that this means you can't have the mac netboot workstations in a subnet that requires boot image info in dhcp options for use by other workstations (non-netboot workstations of some type) on the subnet.  Because if the mac gets a dhcp packet with boot file options set it will try to use it and it won't send a broadcast to the netboot server.  It can't detect boot failure and then do a broadcast for a netboot server.  So the boot file options should not be set, or at least has to be correct for the macs to netboot.  But much better and simpler just to let the netboot server do all that automagically, since it knows what options to set in the netboot packet without you specifying anything.

Offline js2010

  • Rookie
  • **
  • Posts: 1
Re: Netboot with a Mac and Infoblox as DHCP server
« Reply #3 on: February 23, 2017, 11:30:35 AM »
Hi.  I'm trying to do this too.  But what the first post says isn't working.  For example, how do you get that long hex string for option 43?  Is the ip address of the boot server part of it? 

EDIT:

Hmmm...

"Wikipedia:  Boot Service Discovery Protocol"

08:04: 81:00:02:58: id of boot image  2164261464

82:0A: 4E:65:74:42:6F:6F:74:31:33:38  10 character ascii string "NetBoot138",
  name of system to boot


EDIT2:

You can get all the options yourself running mac server bootpd in debugging and logging mode like on the blog about "Analysis of the Use of the Boot Server Discovery Protocol in NetBoot".
« Last Edit: February 24, 2017, 03:55:52 PM by js2010 »