Updated April 03, 2003
Created March 14, 2003
Autogenerated Site Map
Search this Site!:
Red Hat 8.0 PXE server, etc. on PL2500
Red Hat 8.0 - default custom install
First let's set up date and time as I like accurate logs:
vi /etc/ntp.conf
server 172.16.0.5
vi /etc/ntp/step-tickers
172.16.0.5
chkconfig --level 2345 ntpd on
service ntpd start
ntpq -np
or
ntpq -p
Disable ipchains and iptables, pick one of the following two methods:
Slow Method:
chkconfig --del ipchains
chkconfig --del iptables
Fast Method:
for X in ipchains iptables; do chkconfig --del $X; done
Let's set our boot parameters (memory in our case)
vi /boot/grub/grub.conf
Add to the kernel line:
mem=exactmap mem=640@0 mem=255M@1M
Let's setup /etc/modules.conf to load preferred drivers (e100 vs. eepro100)
vi /etc/modules.conf
s/eepro100/e100/g
s/tg3/bcm5700/g
Let's set up our hostname and network configuration
We want 2 NICs, one for the pxe network and one to connect us upstream (in our case, directly upstream is deadnet, which connects to corpnet, which connects to the internet).
We will have static ip addresses on both network cards, but all this will work as well if our upstream NIC had a DHCP address as well.
see hostname.html to set up the hostname
netconfig, set up eth1, mv /etc/sysconfig/network-scripts/ifcfg-eth0 to ifcfg-eth1, change the "device=eth0" to "device=eth1" in ifcfg-eth1, then set up eth0 using netconfig.
When prompted for the gateway, if you are using static address on the outside NIC, then put the upstream gateway (in our case the deadnet gateway of 172.16.0.4) -- if using a dhcp address for the outside NIC, then just leave GW blank. When prompted for the DNS, we can put private (pxe network) NIC as the DNS server since we will be setting up DNS on this box too.
Make a copy of /etc/resolv.conf: cp -a /tmp/resolv.conf /tmp
service network stop
killall dhclient
rmmod eepro100
service network start
Let's temporarily fix up our /etc/resolv.conf:
cat /tmp/resolv.conf | grep nameserver >> /etc/resolv.conf
Let's install the necessary packages, we'll get our packages through NFS:
mkdir /mnt/nfs
mount 172.16.0.4:/var/ftp/pub /mnt/nfs
cd /mnt/nfs/rh80/i386/RedHat/RPMS
Install the following packages
dhcp-3.0pl1-9.i386.rpm
bind-9.2.1-9.i386.rpm
bind-utils-9.2.1-9.i386.rpm
caching-nameserver-7.2-4.noarch.rpm
tftp-server-0.29-3.i386.rpm
And install these development packages:
binutils-2.13.90.0.2-2.i386.rpm
gcc-3.2-7.i386.rpm
glibc-devel-2.2.93-5.i386.rpm
glibc-kernheaders-2.4-7.20.i386.rpm
nasm-0.98.34-1.i386.rpm
tftp-0.29-3.i386.rpm
netpbm-9.24-6.i386.rpm
netpbm-progs-9.24-6.i386.rpm
Install gShield:
mkdir /etc/firewalls
cp -a /mnt/nfs/gShield/gShield-2.8.tgz /etc/firewalls
cd /etc/firewalls
tar -xzvf - gShield-2.8.tgz
cd /etc
ln -s firewalls/gShield-2.8 firewall
cd /etc/init.d
ln -s ../../firewall/gShield.rc firewall
vi firewall
Add near the top:
# chkconfig: 2345 99 01
# description: gShield firewall service
Set up gShield:
/etc/firewall/gShield.conf
Set up interfaces
MULTI=yes
TIME=yes
time servers ==> 172.16.0.5
DMZ yes
Open up ftp, http, https, pop, imap, imap-ssl
yes to bind, zone transfer, local-bind
open up ssh, nfs, ntp
/etc/firewall/conf/NATS
172.32.0.0/16
Set up the DMZ
for X in `seq 128 254`; do echo 172.32.0.$X; done >> DMZ/dmz_hosts
/etc/firewall/gshield.first
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_ftp
/etc/firewall/conf/reserved_addresses
Uncomment any private networks that may hit your outside interface, such as 172.16.0.0
Install, setup, and start the firewall service:
chkconfig --add firewall
chkconfig --level 2345 firewall on
service firewall start
Download and install syslinux-2.02.tar.bz2 (
http://www.kernel.org/pub/linux/utils/boot/syslinux/)
(Red Hat 8.0 comes with syslinux-1.75 which is broken, you should use version 2.00 or later)
export http_proxy=myproxy.mydomain.com:8080
wget -m -nH --cut-dirs=5 http://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-2.02.tar.bz2
tar xvfj syslinux-2.02.tar.bz2
cd syslinux-2.02
export LANG=C
make clean install
mkdir -p /tftpboot/pxelinux.cfg
cp -a /usr/lib/syslinux/pxelinux.0 /tftpboot/
strings /tftpboot/pxelinux.0 | grep PXELINUX
strings should reveal the version number and date for pxelinux as follows:
PXELINUX 2.02 2003-02-13
Now mount up a bootnet.img floppy and copy in syslinux.cfg, vmlinuz, and initrd.img
mount /mnt/floppy
cp -a /mnt/floppy/syslinux.cfg /tftpboot/pxelinux.cfg/default
cp -a /mnt/floppy/vmlinuz /tftpboot
cp -a /mnt/floppy/initrd.img /tftpboot
Setting up DHCP
cp -a /usr/share/doc/dhcp-3.0pl1/dhcpd.conf.sample /etc/dhcpd.conf
Here's a diff between the sample dhcpd.conf file and my new one -- this shows the changes I had to make.
--- /usr/share/doc/dhcp-3.0pl1/dhcpd.conf.sample 2002-08-28 12:26:22.000000000 -0500
+++ /etc/dhcpd.conf 2003-03-04 08:54:53.000000000 -0600
@@ -1,24 +1,33 @@
ddns-update-style interim;
ignore client-updates;
-subnet 192.168.0.0 netmask 255.255.255.0 {
+allow booting;
+allow bootp;
+
+subnet 172.16.0.0 netmask 255.255.255.0 {
+}
+subnet 172.32.0.0 netmask 255.255.255.0 {
# --- default gateway
- option routers 192.168.0.1;
- option subnet-mask 255.255.255.0;
+ option routers 172.32.0.1;
+ option subnet-mask 255.255.0.0;
- option nis-domain "domain.org";
- option domain-name "domain.org";
- option domain-name-servers 192.168.1.1;
+ option nis-domain "pxe.net";
+ option domain-name "pxe.net";
+ option domain-name-servers 172.16.0.1;
+
+ # PXE-specific configuration directives
+ next-server 172.32.0.1;
+ filename "pxelinux.0";
- option time-offset -18000; # Eastern Standard Time
-# option ntp-servers 192.168.1.1;
+ option time-offset -21600; # Central Standard Time
+ option ntp-servers 172.16.0.5;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
- range dynamic-bootp 192.168.0.128 192.168.0.255;
+ range dynamic-bootp 172.32.0.128 172.32.0.255;
default-lease-time 21600;
max-lease-time 43200;
Here's my dhcpd.conf:
ddns-update-style interim;
ignore client-updates;
allow booting;
allow bootp;
subnet 172.16.0.0 netmask 255.255.255.0 {
}
subnet 172.32.0.0 netmask 255.255.255.0 {
# --- default gateway
option routers 172.32.0.1;
option subnet-mask 255.255.0.0;
option nis-domain "pxe.net";
option domain-name "pxe.net";
option domain-name-servers 172.16.0.1;
# PXE-specific configuration directives
next-server 172.32.0.1;
filename "pxelinux.0";
option time-offset -21600; # Central Standard Time
option ntp-servers 172.16.0.5;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 172.32.0.128 172.32.0.255;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
host ns {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}
}
Make sure /var/lib/dhcp/dhcpd.leases exists
touch /var/lib/dhcp/dhcpd.leases
Before starting dhcpd, make sure there are no other dhcpd servers operating on that network card you will be starting it on. In our example we got a HUB that had no other network connections on it and we called it our PXE HUB. Now if we want to pxe install, we just plug that machine into this PXE HUB and away we go.
Then start the dhcpd server
service dhcpd start
At this point you're ready to go. Just do a couple of steps as follows. Later you can tweak your pxe system as you like, complete with kickstarts, etc.
Turn on tftp:
vi /etc/xinetd.d/tftp
change disable=yes to become disable=no
save and exit tftp
service xinetd restart
then cd to /tftpboot/pxelinux.cfg
and copy or link your syslinux.cfg from your bootnet floppy to an appropriate entry. You could use "default" which would catch any machine that pxe booted -- but that has the possibility of wiping a box if you have the boot order wrong on that system, etc. etc. The better method is to calculate the ip address of that system into hex -- better yet, give it a fixed ip address in your dhcp configuration file. For example 172.48.0.255 translated to hex is AC3000FF -- so I have my rh80-syslinux.cfg and I do a "ln -s rh80-syslinux.cfg AC3000FF" and I can now boot that box that has that ip address and it will pick up this syslinux.cfg file.
Setting up DNS
Search this Site!:
Homepage: http://www.cpqlinux.com
Site Map: http://www.cpqlinux.com/sitemap.html