Professional Documents
Culture Documents
INTRODUCTION TO PXE
Installing Linux via PXE boot over a network can be a really nice way to do it and it
is especially useful, if client machine does not have a CD / DVD drive. However, it
can be a bit tricky to understand how it all works.
The client searches for a configuration file with the IP address converted to HEX (for
example, 172.48.1.253 becomes AC3001FD). In this example, the client looks for the
following configuration file names and uses the first one it finds.
CHAPTER 2
2
SETUP PXE SERVER
PXELINUX operates in many ways like SYSLINUX. If you are not familiar with
SYSLINUX, read the SYSLINUX FAQ first, since this documentation only explains
the differences.
On the TFTP server, create the directory "/tftpboot", and copy pxelinux.0 (from the
SYSLINUX distribution) and any kernel or initrd images that you want to boot.
• First, it will search for the config file using the hardware type (using its ARP
type code) and address, all in lower case hexadecimal with dash separators; for
example, for an Ethernet (ARP type 1) with address 88:99:AA:BB:CC:DD it
would search for the filename 01-88-99-aa-bb-cc-dd.
• Next, it will search for the config file using its own IP address in upper case
hexadecimal, e.g. 192.0.2.91 -> C000025B (you can use the included progam
gethostip to compute the hexadecimal IP address for any host). If that file is
not found, it will remove one hex digit and try again. Ultimately, it will try
looking for a file named default (in lower case). As an example, if the boot file
name is /tftpboot/pxelinux.0, the Ethernet MAC address is
`88:99:AA:BB:CC:DD` and the IP address 192.0.2.91, it will try following
files (in that order):
/tftpboot/pxelinux.cfg/01-88-99-aa-bb-cc-dd
/tftpboot/pxelinux.cfg/C000025B
/tftpboot/pxelinux.cfg/C000025
/tftpboot/pxelinux.cfg/C00002
/tftpboot/pxelinux.cfg/C0000
/tftpboot/pxelinux.cfg/C000
/tftpboot/pxelinux.cfg/C00
/tftpboot/pxelinux.cfg/C0
/tftpboot/pxelinux.cfg/C
/tftpboot/pxelinux.cfg/default
Here all filename references are relative to the directory pxelinux.0 lives in.
PXELINUX generally requires that filenames (including any relative path) are 127
characters or shorter in length.
3
PXELINUX does not support MTFTP. It is possible to use MTFTP for the initial
boot, if you have such a setup.
• After updating /etc/hosts, run the hostname command to change the hostname:
hostname JEET2050
4
• If more than one network card resides in the DHCP server, HP recommends
specifying which interfaces the DHCP server will use. Edit
/etc/sysconfig/dhcpd by adding the appropriate interface to the DHCPDARGS=
line. The entry in /etc/sysconfig/dhcpd should appear as follows:
DHCPDARGS=eth0
• Run the following command to ensure that the DHCP service will be started at
each boot:
chkconfig --level 345 dhcpd on
6. Configure xinetd and TFTP services. At this point, the TFTP server should be
installed.
• Enable the TFTP server by using the chkconfig command line utility as follows:
chkconfig tftp on
• Ensure that xinetd is enabled, as TFTP is started and stopped by xinetd, using the
following command:
chkconfig --level 345 xinetd on
• Notify xinetd that the TFTP service has been enabled. Use the following
command:
7. Add the next-server and filename options into the /etc/dhcpd.conf files. To
accomplish this task, add the following to the global section:
if substring (option vendor-class-identifier, 0, 9) = "PXEClient"
{
filename "pxelinux.0";
next-server 192.168.0.254;
}
8. Optional step: Assign fixed addresses to each of the clients. The benefit is having
the ability to access the clients with the same IP address. The alternative s to use
name resolution such as DNS:
host 00080246e75d {
hardware ethernet 00:08:02:46:e7:5d;
fixed-address 172.48.1.253;
}In this example, the server was named according to its MAC address. Its MAC
address is listed along with the fixed IP address we want associated with it.
9. After modifying /etc/dhcpd.conf, notify the dhcpd server of the changes by using
the following method or a similar one:
service dhcpd restart
10. Download and install Syslinux 2.00 or later as follows:
5
• Download and unpack the latest syslinux package from
www.kernel.org/pub/linux/utils/boot/syslinux/RPMS.
• Install the syslinux package using this command:
rpm -hUv syslinux-2.02-1.i386.rpm
• Install pxelinux.0 and memdisk into the /tftpboot directory:
mkdir -p /tftpboot/pxelinux.cfg
cp -a /usr/lib/syslinux/pxelinux.0 /tftpboot/
cp -a /usr/lib/syslinux/memdisk /tftpboot/
11. Enable NFS on the server as follows:
• Edit /etc/exports by adding the following line:
/var/ftp/pub *(ro,insecure,sync,all_squash)
• Enable the NFS server on boot by using the following commands:
chkconfig --level 345 portmap on
chkconfig --level 345 nfslock on
chkconfig --level 345 nfs on
• Start or restart the NFS service by using the following commands:
service portmap restart
service nfslock restart
The following explain how to get a Red Hat Enterprise Linux 5.4 client setup and
integrated into the PXE server. When using other Linux distributions, slight changes
to the commands and scripts are required.
1. Populate the NFS server with Linux installation files using either of the
following methods:
6
Method 1: storing the Linux installation media as ISO images
To use RHupdate with this method, place the updates.img file next to the ISO
images.
To perform an ISO image dump, use the following commands:
mkdir -p /var/ftp/pub/fedora12
cd /var/ftp/pub/ fedora12
insert DVD
dd if=/dev/cdrom of=fedora12.iso
Method 2: unpacking the Linux installation media to a directory
To use RHupdate with this method, place the updates.img file image in the
RedHat/base/ directory. Alternatively, you may place the contents of the updates.img
file image into the RedHat/RHupdates/ directory of the unpacked source media.
Unpacking the source media will also allow for updated RPMs.
To unpack the base media to a directory, choose one of the following options:
Option 1: dumping from ISO images
mkdir -p /var/ftp/pub/fedora12/i386
cd /var/ftp/pub/fedora12
for X in enigma-i386-disc1.iso enigma-i386-disc2.iso; do
mkdir $X.dir;
mount $X $X.dir -o loop;
(cd $X.dir && tar -cf - .)|(cd i386 && tar -xvf -);
umount $X.dir;
rmdir $X.dir;
done
Option 2:
1. dumping directly from CD-ROM
mkdir -p /var/ftp/pub/fedora12/i386
Use the following command for each binary CD:
(cd /mnt/cdrom && tar -cf - .)|(cd /var/ftp/pub/rhl72/i386 && tar -xvf -); eject
2. Place the kickstart file on the NFS server along with fedora12 ISO image to ensure
that the kickstart installation can operate correctly.
7
mkdir /var/ftp/pub/kickstart
cp ks.cfg /var/ftp/pub/kickstart/ks.cfg
In this client we use fedora12 installation. Most files will be placed into the /tftpboot
directory and syslinux.cfg will be placed in /tftpboot/pxelinux.cfg. With the fedora12
CD-ROM and bootnet.img floppy inserted, perform the following commands:
cp -a /mnt/cdrom/images/bootnet.img /tftpboot/fedora12.img
cd /mnt/floppy
cp -a syslinux.cfg /tftpboot/pxelinux.cfg/fedora12-syslinux.cfg
The initrd.img and vmlinuz can also be copied from the /images/pxeboot directory of
fedora12 DVD. The vmlinuz from /images/pxeboot is an exact copy of the one on the
bootnet floppy. The initrd.img file contains more drivers than the bootnet.img file.
Ensure that the permissions on /tftpboot allow anonymous access by using this
command:
chmod -R o=rx /tftpboot
:%s/\(initrd=\)\(.*initrd.img\)/\1rhl80-\2/
Once the previous steps are complete, the following directory structure will exist:
• /tftpboot/
• /tftpboot/pxelinux.0
• /tftpboot/fedora12-vmlinuz
• /tftpboot/fedora12-initrd.img
• /tftpboot/pxelinux.cfg/
• /tftpboot/pxelinux.cfg/fedora12-syslinux.cfg
5. A configuration file must be created to control what happens when the PXE client
boots to PXE.
8
As an example, we will create the fedora12-kickstart-install-syslinux.cfg file by
copying it from rhl80-syslinux.cfg using the following command:
cp -a fedora12-syslinux.cfg fedora12-kickstart-install-syslinux.cfg
6. Create a soft link from the syslinux.cfg file to the IP address of the client server,
which is converted to HEX. In this example, the client server, 172.48.1.253,
converted to HEX is AC3001FD. Use these commands to create the soft link:
cd /tftpboot/pxelinux.cfg
ln -s fedora12-kickstart-install-syslinux.cfg AC3001FD
Another acceptable soft link to create is one named "default." The use of the default
entry affects any clients that may PXE boot and do not have a specific HEX IP
address entry in /tftpboot/pxelinux.cfg. In the following example, we demonstrate
linking the sample "localboot-syslinux.cfg" to a soft link called "default":
cd /tftpboot/pxelinux.cfg
ln -s localboot-syslinux.cfg default
PXE is often the fourth choice in the boot order list. If no bootable media is found in
the floppy, CD-ROM drive, or hard drive, it will default to PXE. If the hard drive has
been partitioned, it may no longer default to PXE even though the hard drive is not
bootable. In some large cluster farms, boot to PXE is moved to the top of the boot
order. Then the PXE server, through the use of soft links in the /tftpboot/pxelinux.cfg
directory, controls whether the client loads a new operating system or if the client
boots to its hard drive.
This setting allows for changes in the boot process without updating the BIOS or the
need to press F12.
9
CHAPTER 3
BOOT PROCESS
10
GRUB stage 2: It presents the user with a graphical screen showing the
different operating systems or kernels. On this screen a user can use the arrow
keys to choose OS or kernel they wish to boot. If no key is pressed, the boot
loader loads the default selection after a period of time. It then locates the
corresponding kernel binary in the /boot/ directory.
The control then passes to /boot/grub/grub.conf. Controls the kernel version to
be used.
The boot loader then places one or more appropriate initramfs images into
memory. Kernel decompresses these images from memory to /sysroot/, a
RAM-based virtual file system, via cpio. The initramfs is used by the kernel to
load drivers and modules necessary to boot the system.
Kernel is loaded, initializes and configures the hardware attached to the
system, ex. CPU, I/O, Storage devices. Loads decompress initramfs directly
from /sysroot/, and loads all necessary drivers. Next, it initializes virtual
devices related to the file system, such as LVM or software RAID.
Kernel is loaded into memory and operational. To set up the user environment,
the kernel executes the /sbin/init program.
/sbin/init program (also called init) coordinates the rest of the boot process and
configures the environment for the user. First, it runs the /etc/rc.d/rc.sysinit
script, which sets the environment path, starts swap, checks the file systems,
and executes all other steps required for system initialization.
init then runs the /etc/inittab script, which describes the runleves. Runlevels
are a state defined by the services listed in the SysV /etc/rc.d/rc <x> .d/
directory, where <x> is the number of the runlevel.
Last things the init program executes is the /etc/rc.d/rc.local file.
Loads the X server [ If Run Level 5 is selected ]
prefdm script loads [ /etc/X11/prefdm ]
prefdm reads the file /etc/sysconfig/desktop file to load display mangers such
as kdm,gdm,xdm.
Then system reads file [ /etc/X11/xorg.conf ] this specifies the hardware
components resources
Monitor
Keyboard
Mouse
Display Adaptor
CHAPTER 4
DHCP SERVER
DHCP stands for Dynamic Host Control Protocol. It allows a client computer to get
network configuration information from a DHCP Server. Using DHCP, we can have
an IP address and the other information automatically assigned to the hosts connected
to our network. This method is quite efficient and convenient for large networks with
many hosts, because the process of manually configuring each host is quite time
consuming. By using DHCP, we can ensure that every host on our network has a valid
11
IP address, subnet mask, broadcast address, and gateway, with minimum effort on our
part.
The program which runs on the server is dhcpd and is included as an RPM on Red
Hat installation DVD. In Red Hat Linux the DHCP server is controlled by the text file
/etc/ dhcpd.conf.
There are few ways by which we can check our DHCP Server is working:
/var/lib/dhcp/dhcpd.leases
By default, a DHCP Server, which listens for request on the eth0 network card.
Alternatively, to have a DHCP Server listen on the eth1 network interface, run the
following command
service dhcpd restart eth1
We can watch the DHCP Server in action. Stop the DHCP Server using the command
“service dhcpd stop” and then restart in the foreground by the following command
/usr/sbin/dhcpd –d –f
The DHCP Relay Agent (dhcrelay) allows for the relay of DHCP and BOOTP
requests from a subnet with no DHCP server on it to one or more DHCP
Servers on the subnets.
When DHCP client requests information, the DHCP relay agent forwards the
requests to the list of DHCP Servers specified when the DHCP Relay agent is
started. When a DHCP Server returns a reply, the reply is broadcast or unicast
on the network that sent the original request.
The DHCP Relay Agent listens for DHCP requests on all interfaces unless the
interfaces are specified in /etc/sysconfig/dhcrelay with the interfaces
directives.
To start the DHCP Relay Agent, use the command service dhcrelay start.
13
4.2 DHCP Configuration
CHAPTER 5
NFS SERVER
NFS, the Network File System, is the most common method for providing file sharing
services on Linux and UNIX networks. It is a distributed file system that enables local
access to remote disks and file systems. NFS is a popular file sharing protocol,
developed by SUN MICROSYSTEMS in mid 1980’s, so NFS clients are available for
many non-Unix operating systems, including the various Windows versions, MacOS,
VAX/VMS, and MVS. NFS uses a standard client/server architecture. The server
portion consists of the physical disks containing shared file systems and several
daemons that make the shared file systems (or entire disks, for that matter) visible to
and available for use by client systems on the network. This process is normally
14
referred to as exporting a file system. Server daemons also provide for file locking
and, optionally, quota management on NFS exports. NFS clients simply mount the
exported file systems, colloquially but accurately called NFS mounts, on their local
system just as they would mount file systems on local disks.
Network congestion.
Heavy Disk activity on the NFS Server.
Its design assumes a trusted environment, not a hostile environment.
NFS is based on RPC (Remote Procedure Call) which is easy to exploit.
For security reasons, NFS cannot be used over internet.
The program which runs the NFS Server is nfs which included as RPM in the Red Hat
installation DVD. The NFS Server in the Red Hat Linux is controlled by exports file
in the /etc folder. To create NFS Server follow the instructions:
15
Create a directory in /. For example mkdir /nfsshared.
Install the nfs package.
Edit the exports file using vim or vim editor. eg: vim /etc/exports as
“/nfsshared (rw, sync) Network IP/Subnet-mask”
Use the command “service nfs restart” to restart the service.
To permanently start the service use command “chkconfig nfs on”.
CHAPTER 6
TFTP SERVER
6.1) INTRODUCTION
The Trivial File Transfer Protocol (TFTP) is normally used only for booting diskless
workstations. The tftp-server package provides the server for TFTP, which allows
users to transfer files to and from a remote machine. TFTP provides very little
security, and should not be enabled unless it is expressly needed. The TFTP server is
run from/etc/ xinetd.d/tftp, and is disabled by default on Red Hat Linux systems.
6.2) CONFIGURATION
TFTP provides a default /tftpboot directory. To change the file system you can
append and make changes in /etc/xinetd.d/tftp, in the server_args field. Don’t forget to
16
reload xinetd after you change it. To reload xinetd services use the command:
service xinetd restart
chkconfig xinetd on
/usr/bin/up2date tftp-server
/sbin/chkconfig tftp on
3. Because it runs via xinetd reload that to pick up the configuration file change:
IPTABLES_MODULES="ip_conntrack_tftp"
If you already have something in that line just add the new module with a space as a
delimiter, like:
IPTABLES_MODULES="ip_conntrack_ftp ip_conntrack_tftp"
5. Add firewall rules to /etc/sysconfig/iptables. You probably only need UDP, though
I always add the TCP rules, too (they’re both listed in /etc/services for port 69):
in.tftpd: 10.1.
$ tftp my.tftp.server.com
tftp> get filename.bin
9. If you get an error check /var/log/secure and /var/log/messages on the server, and
start eliminating potential problems one at a time (disable iptables, put ALL in
17
hosts.allow, etc.) until you find the problem.
CHAPTER 7
FTP SERVER
FTP is the user interface to the ARPANET standard File Transfer Protocol. The
program allows a user to transfer files to and from a remote network site.FTP is one
of the original network applications developed with the TCP/IP protocol suite. It
follows the standard model for network services, as FTP requires a client and a server,
the first implementations of FTP date back to 1971. FTP set out to solve the need to
publish documents and software so that people could get them easily from other
computer systems. On the FTP server, files were organized in a directory structure;
users could connect to the server over the network, and download files from (and
possibly upload files to) the server.
19
Figure 7.1 FTP Server
account [passwd]
Supply a supplemental password required by a remote system for access to resources
once a login has been successfully completed.
chmod mode file-name
Change the permission modes of the file file-name on the remote system to mode.
delete remote-file
Delete the file remote-file on the remote machine.
get remote-file [local-file]
Retrieve the file remote-file and store it on the local machine. If the local file name is
not specified, it is given the same name it has on the remote machine, subject to
alteration by the current case, ntrans, and nmap settings. The current settings
for type, form, mode, and structure are used while transferring the file.
mdelete [remote-files]
Delete remote-files on the remote machine.
20
Expand the remote-files on the remote machine and do a get for each file name thus
produced. Files are transferred into the local working directory, which can be
changed with ‘lcd directory’; new local directories can be created with ‘! mkdir
directory’.
bye
Terminate the FTP session with the remote server and exit ftp. An end of file will also
terminate the session and exit.
pwd
Print the name of the current working directory on the remote machine.
CHAPTER 8
DNS SERVER
21
DNS associates hostnames with their respective IP addresses, so that when users want
to connect to other machines on the network, they can refer to them by name, without
having to remember IP addresses.
Use of DNS and FQDNs also has advantages for system administrators, allowing the
flexibility to change the IP address for a host without affecting name-based queries to
the machine. Conversely, administrators can shuffle which machines handle a
name-based query.
DNS is normally implemented using centralized servers that are authoritative for
some domains and refer to other DNS servers for other domains.
When a client host requests information from a nameserver, it usually connects to port
53. The nameserver then attempts to resolve the FQDN based on its resolver library,
which may contain authoritative information about the host requested or cached data
from an earlier query. If the nameserver does not already have the answer in its
resolver library, it queries other nameservers, called root nameservers, to determine
which nameservers are authoritative for the FQDN in question. Then, with that
information, it queries the authoritative nameservers to determine the IP address of
the requested host. If a reverse lookup is performed, the same procedure
is used, except that the query is made with an unknown IP address rather than a name.
On the Internet, the FQDN of a host can be broken down into different sections.
These sections are organized into a hierarchy (much like a tree), with a main trunk,
primary branches, secondary branches, and so forth. Consider the following FQDN:
bob.example.com When looking at how an FQDN is resolved to find the IP address
that relates to a particular system, read the name from right to left, with each level of
the hierarchy divided by periods (.). In this example, com defines the top level domain
for this FQDN. The example is a sub-domain. The name furthest to the left, bob,
identifies a specific machine hostname.
Except for the hostname, each section is called a zone, which defines a specific
namespace. A namespace controls the naming of the sub-domains to its left. FQDN
must contain at least one sub-domain but may include many more, depending upon
how the namespace is organized.
Zones are defined on authoritative nameservers through the use of zone files (which
describe the namespace of that zone), the mail servers to be used for a particular
domain or sub-domain, and more. Zone files are stored on primary nameservers (also
called master nameservers), which are truly authoritative and where changes are made
to the files, and secondary nameservers (also called slave nameservers), which receive
their zone files from the primary nameservers. Any nameserver can be a primary and
secondary nameserver for different zones at the same time, and they may also be
considered authoritative for multiple zones. It all depends on how the nameserver is
configured.
22
master
Stores original and authoritative zone records for a namespace, and answers
queries about the namespace from other nameservers.
slave
Answers queries from other nameservers concerning namespaces for which it is
considered an authority. However, slave nameservers get their namespace
information from master nameservers.
caching-only
Offers name-to-IP resolution services, but is not authoritative for any zones.
Answers for all resolutions are cached in memory for a fixed period of time,
which is specified by the retrieved zone record.
forwarding
Forwards requests to a specific list of nameservers for name resolution. If none of the
specified nameservers can perform the resolution, the resolution fails. A nameserver
may be one or more of these types. For example, a nameserver can be a master for
some zones, a slave for others, and only offer forwarding resolutions for others.
8.4) ZONE
23
[ Main Configuration Folder contains Zone Files ]
To create a DNS Server install the bind rpm package available in the Red Hat
installation disc.
Edit the named.conf file using vim /etc/named.conf
options
{
directory “/var/named”;
};
zone “prasanjeet.com”
{
type master;
file “for”;
};
zone “0.168.192.in-addr.arpa”
{
type master;
file “rev”;
};
IN NS www.prasanjeet.com
IN cname www.prasanjeet.com
www IN A 192.168.0.254
$TTL 86400
IN SOA localhost.root.localhost
(
1997022 700 ; Serial
28800 ; Refresh
14400 ; Retry
36000000 ; Expiry
86400 ; Minimum
)
IN NS www.prasanjeet.com
254 IN PTR www.prasanjeet.com
Edit the resolv.conf file and enter the ip address of the computer using vim
/etc/resolv.conf
Restart the network service using service network restart.
Make the changes permanent using chkconfig network on.
nslookup 192.168.0.254
or
nslookup www.prasanjeet.com
CHAPTER 9
CONCLUSION
Linux is a free and open source operating system. The main advantage of using linux
is it’s free from viruses. This report creates awareness for the linux and encourages us
to use this operating system. Most people in India are afraid of using linux and feel
themselves much comfortable in using windows operating system, especially
Microsoft Windows XP. Although newer windows operating systems have been
25
launched by Microsoft but all of them lack the basic feature of security and threats.
We can modify linux operating system according to our own requirements. The
system files of the Microsoft family operating system are packed in dll(dynamic
linked libraries) while in linux we can modify the whole source code of the system
and install packages as per our own requirement. Most of the servers, all over the
world are based on Linux or UNIX operating system because these operating system
are reliable and cost less for their maintenance.
In my training, I got a chance to learn the basic features of linux and came to know
about open source technology and open source softwares. We are provided with 24*7
help online. Any query or problem in using linux is solved and we get the help from
experts. There are a number of user groups who promote the linux operating system
and distribute their distros free of cost to the people by arranging workshops and
seminars in different cities.
CHAPTER 10
BIBLIOGRAPHY
Red Hat Linux Bible Fedora and Enterprise Edition - John Wiley and Sons
26
Red Hat Linux Networking And System Administration – Collings & Wall
Red Hat Certified Engineer Linux Study Guide – Miachel Jang
www.redhat.com
www.wikipedia.com
www.lugj.in
www.google.com
27