What is the status of KEA PXE booting?

Started by drosophila, April 22, 2026, 03:16:28 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
April 25, 2026, 10:05:10 PM #15
FreeBSD can perfectly well netboot if you serve the root FS via NFS as intended and documented. No mfsBSD, no pxelinux, ... just an NFS based root filesystem like BSD and Sun have been doing for decades.

Blog post in German:

https://punkt.de/de/blog/2017/automatisierte-installation-von-servern-mit-freebsd-und-zfs.html
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
April 28, 2026, 06:10:47 PM #16 Last Edit: April 28, 2026, 06:18:18 PM by drosophila
Quote from: nero355 on April 25, 2026, 03:15:13 PMBut I can remember that at some point it was no longer compatible with UEFI Servers so double check if the software you eventually go for can also do that!
That would likely be a reason to keep trying to get KEA to work; possibly I'll attempt to install a symlink to the actual install file that with an appended "ff". Should be possible but it's certainly an evil hack. KEA can easily filter by boot agent type and therefore serve different stuff for BIOS vs. EFI.

Quote from: https://punkt.de/de/blog/2017/automatisierte-installation-von-servern-mit-freebsd-und-zfs.htmlDie bereits per TFTP bereitgestellte Umgebung muss nun noch zusätzlich per NFS exportiert werden.
That likely was the issue that kept my attempt from succeeding. It did load the netboot-capable boot but since I expected this to be fully handled by TFTP I didn't export the boot FS via NFS (which would have been easy since NFS already serves selected datasets). A pity that one can't do away with TFTP entirely, NFS is less hacky and much faster. and if you have TFTP running, then things must already be secured against nefarious clients so that NFS won't be an additional security issue. For installers, one can just set all respective underlying filesystem permissions to be readonly for everyone since they're not sensitive and thus only manipulation must be prevented. The automated install might need sensitive things like passwords or certificates to be served ("Anschließend setzen wir das Root–Passwort, damit wir uns über die Konsole anmelden können: (...) ROOT_PW_HASH ist dabei natürlich durch den echten Hash des Root–Passworts zu ersetzen."), but a basic interactive install doesn't have these problems.

Thanks for the heads-up!
April 30, 2026, 04:23:21 AM #17 Last Edit: April 30, 2026, 04:48:51 AM by drosophila
Just as (final?) info: the evil hack works: I created a symlink with a final character of 0xff, that points to another symlink with the same name except for the appended 0xff, which in turn points to the intended bootfile (so I can simply change this intermediate symlink, and PXE loaders without this bug will use that, so all end up loading the same file). Then I set KEA to serve the filename without the appended 0xff. The nVidia PXE boot agent boots just fine now, so that really is the entire problem.

Now the only thing I could do is to try to find out whether the 0xff that KEA sends after the end of the BF parameter is somehow necessary or not, and if not, try to convince the KEA developers to change that into an 0x0, hoping that the nVidia PXE boot agent would then view this as null-terminated string and handle it properly. Or just keep the evil hack, which of course stinks in terms of maintainability. :(
Print
Go Up Pages 1 2
User actions