SEO

Hi All,

I'm trying to set up a BOOTP/tftpd server so that I can boot diskless
machines on my LAN. I've read the dhcpd docs, and it seems that dhcpd
requires the MAC address of every machine to which it will serve the files
via tftp. The original bootpd (ie. via inetd, without dhcpd) also seems to
require MAC addresses.

Is there a way to set up a server without requiring the MAC addresses?
Either using dhcpd, or bootpd, or something else altogether?

If all else fails I can just spend a few hours painfully writing down all
the MAC addresses and putting them into my dhcpd.conf, but I can't believe
nobody's ever wanted to do it without before.

Anyone?

CC

Magnate wrote:
> Hi All,
>
> I'm trying to set up a BOOTP/tftpd server so that I can boot diskless
> machines on my LAN. I've read the dhcpd docs, and it seems that dhcpd
> requires the MAC address of every machine to which it will serve the files
> via tftp. The original bootpd (ie. via inetd, without dhcpd) also seems to
> require MAC addresses.
>
> Is there a way to set up a server without requiring the MAC addresses?
> Either using dhcpd, or bootpd, or something else altogether?
>
> If all else fails I can just spend a few hours painfully writing down all
> the MAC addresses and putting them into my dhcpd.conf, but I can't believe
> nobody's ever wanted to do it without before.

Well... if you didn't use something (relatively) unique like the MAC
address... you'd probably have to code something else by hand anyhow.
True?

Haven't looked at booting diskless to determine why a fixed address
is necessary. You'd think that a truly dynamic one would suffice.

"Chris Cox" <[email protected]> wrote in message
news:[email protected]...
> Magnate wrote:
>> Hi All,
>>
>> I'm trying to set up a BOOTP/tftpd server so that I can boot diskless
>> machines on my LAN. I've read the dhcpd docs, and it seems that dhcpd
>> requires the MAC address of every machine to which it will serve the
>> files
>> via tftp. The original bootpd (ie. via inetd, without dhcpd) also seems
>> to
>> require MAC addresses.
>>
>> Is there a way to set up a server without requiring the MAC addresses?
>> Either using dhcpd, or bootpd, or something else altogether?
>>
>> If all else fails I can just spend a few hours painfully writing down all
>> the MAC addresses and putting them into my dhcpd.conf, but I can't
>> believe
>> nobody's ever wanted to do it without before.
>
> Well... if you didn't use something (relatively) unique like the MAC
> address... you'd probably have to code something else by hand anyhow.
> True?

Why? Just as a dhcp server will hand out IP addresses and leases to anyone
who asks, why can't we have a bootp server which will hand out boot files to
anyone who asks? Why does there need to be any identification of who's
asking? If the files don't enable the client to boot successfully, that's
hardly the server's problem.

I had presumed it was a security issue - it hadn't occurred to me that it
could be a technical necessity.

> Haven't looked at booting diskless to determine why a fixed address
> is necessary. You'd think that a truly dynamic one would suffice.

My thoughts exactly. Most of a day's desk research has yielded nothing
though. Bizarre - I'd have thought it would be very painful to program the
MAC addresses into dhcpd for a many-thousand-seat deployment.

CC

On Wed, 09 Jan 2008, in the Usenet newsgroup comp.os.linux.setup, in article
<[email protected]>, Magnate wrote:

>Why? Just as a dhcp server will hand out IP addresses and leases to anyone
>who asks, why can't we have a bootp server which will hand out boot files to
>anyone who asks? Why does there need to be any identification of who's
>asking? If the files don't enable the client to boot successfully, that's
>hardly the server's problem.

Well, I don't think the bootfile for a Sun SparcStation5 is going to
work very well on your NCD X terminal, never mind that Intel box.

>My thoughts exactly. Most of a day's desk research has yielded nothing
>though. Bizarre - I'd have thought it would be very painful to program the
>MAC addresses into dhcpd for a many-thousand-seat deployment.

I don't use DHCP, never mind BOOTP, but I don't believe DHCP _needs_ the
MAC address by default - certainly there are enough people asking how to
make it match MAC to IP is such a hint. My understanding is that most
documents do suggest using it, but that's to reduce the horrendous
security hole of handing out IPs to anyone who asks.

Have you run through the DHCP mini-howto included in most Linux installs?

-rw-rw-r-- 1 gferg ldp 33678 Oct 20 2000 DHCP

Old guy

"Moe Trin" <[email protected]> wrote in message
news:[email protected]...
> On Wed, 09 Jan 2008, in the Usenet newsgroup comp.os.linux.setup, in
> article
> <[email protected]>, Magnate wrote:
>
>>Why? Just as a dhcp server will hand out IP addresses and leases to anyone
>>who asks, why can't we have a bootp server which will hand out boot files
>>to
>>anyone who asks? Why does there need to be any identification of who's
>>asking? If the files don't enable the client to boot successfully, that's
>>hardly the server's problem.
>
> Well, I don't think the bootfile for a Sun SparcStation5 is going to
> work very well on your NCD X terminal, never mind that Intel box.

As I said, that's hardly the server's problem. It so happens that I only
want to offer one bootfile from my bootp server (Debian installer for x86),
so there is no need for the server to distinguish between clients - it
simply has to offer them what it has.

>>My thoughts exactly. Most of a day's desk research has yielded nothing
>>though. Bizarre - I'd have thought it would be very painful to program the
>>MAC addresses into dhcpd for a many-thousand-seat deployment.
>
> I don't use DHCP, never mind BOOTP, but I don't believe DHCP _needs_ the
> MAC address by default - certainly there are enough people asking how to
> make it match MAC to IP is such a hint. My understanding is that most
> documents do suggest using it, but that's to reduce the horrendous
> security hole of handing out IPs to anyone who asks.

But dhcpd already hands out IPs to anyone who asks! I don't see why handing
out bootfiles to anyone who asks is any greater security risk. The point is
that on my LAN, behind my firewall, I know that I'm the only person who's
going to want to boot anything from this server, so I'm happy for it to be
promiscuous.

> Have you run through the DHCP mini-howto included in most Linux installs?

I don't seem to have anything called DHCP mini-howto, but I do have a dhcpd
man page, and the way I read it, dhcpd will not offer boot files without MAC
addresses. The relevant section is this:

BOOTP Support
Each BOOTP client must be explicitly declared in the dhcpd.conf
file.
A very basic client declaration will specify the client network
inter-
face's hardware address and the IP address to assign to that
client.
If the client needs to be able to load a boot file from the
server,
that file's name must be specified. A simple bootp client
declaration
might look like this:

host haagen {
hardware ethernet 08:00:2b:4c:59:23;
fixed-address 239.252.197.9;
filename "/tftpboot/haagen.boot";
}

I can't find any example of configuring dhcpd to offer boot files without
using the above method. If anyone can post such a configuration, or a link
to one, I'd be very grateful.

CC

Magnate wrote:
> Hi All,
>
> I'm trying to set up a BOOTP/tftpd server so that I can boot diskless
> machines on my LAN. I've read the dhcpd docs, and it seems that dhcpd
> requires the MAC address of every machine to which it will serve the files
> via tftp. The original bootpd (ie. via inetd, without dhcpd) also seems to
> require MAC addresses.
>
> Is there a way to set up a server without requiring the MAC addresses?
> Either using dhcpd, or bootpd, or something else altogether?
>
> If all else fails I can just spend a few hours painfully writing down all
> the MAC addresses and putting them into my dhcpd.conf, but I can't believe
> nobody's ever wanted to do it without before.
>
> Anyone?


I'm not offering a server, but ...

There's a good reason why neither BOOTP nor DHCP servers
do serve addresses from a pool to the BOOTP clients: There's
no built-in mechanism in BOOTP for releasing the address
back to the pool.

DHCP leases age or are released by the clients, so they will
be returned, but a BOOTP address is gone forever, as the
server sees it.

The only good way to handle eternity address assignments
is to statically assign them in the configuration.

--

Tauno Voipio
tauno voipio (at) iki fi

In message <[email protected]>
"Magnate" <[email protected]> wrote:

> "Moe Trin" <[email protected]> wrote in message
> news:[email protected]...
>> On Wed, 09 Jan 2008, in the Usenet newsgroup comp.os.linux.setup, in
>> article
>> <[email protected]>, Magnate wrote:
>>
>>>Why? Just as a dhcp server will hand out IP addresses and leases to anyone
>>>who asks, why can't we have a bootp server which will hand out boot files
>>>to
>>>anyone who asks? Why does there need to be any identification of who's
>>>asking? If the files don't enable the client to boot successfully, that's
>>>hardly the server's problem.
>>
>> Well, I don't think the bootfile for a Sun SparcStation5 is going to
>> work very well on your NCD X terminal, never mind that Intel box.

> As I said, that's hardly the server's problem. It so happens that I only
> want to offer one bootfile from my bootp server (Debian installer for x86),
> so there is no need for the server to distinguish between clients - it
> simply has to offer them what it has.

>>>My thoughts exactly. Most of a day's desk research has yielded nothing
>>>though. Bizarre - I'd have thought it would be very painful to program the
>>>MAC addresses into dhcpd for a many-thousand-seat deployment.
>>
>> I don't use DHCP, never mind BOOTP, but I don't believe DHCP _needs_ the
>> MAC address by default - certainly there are enough people asking how to
>> make it match MAC to IP is such a hint. My understanding is that most
>> documents do suggest using it, but that's to reduce the horrendous
>> security hole of handing out IPs to anyone who asks.

> But dhcpd already hands out IPs to anyone who asks! I don't see why handing
> out bootfiles to anyone who asks is any greater security risk. The point is
> that on my LAN, behind my firewall, I know that I'm the only person who's
> going to want to boot anything from this server, so I'm happy for it to be
> promiscuous.

>> Have you run through the DHCP mini-howto included in most Linux installs?

> I don't seem to have anything called DHCP mini-howto, but I do have a dhcpd
> man page, and the way I read it, dhcpd will not offer boot files without MAC
> addresses. The relevant section is this:

> BOOTP Support
> Each BOOTP client must be explicitly declared in the dhcpd.conf
> file.
> A very basic client declaration will specify the client network
> inter-
> face's hardware address and the IP address to assign to that
> client.
> If the client needs to be able to load a boot file from the
> server,
> that file's name must be specified. A simple bootp client
> declaration
> might look like this:

> host haagen {
> hardware ethernet 08:00:2b:4c:59:23;
> fixed-address 239.252.197.9;
> filename "/tftpboot/haagen.boot";
> }

> I can't find any example of configuring dhcpd to offer boot files without
> using the above method. If anyone can post such a configuration, or a link
> to one, I'd be very grateful.

> CC

It is a long time since I did anything with DHCP and BOOTP but...

They are different protocols. I think, from distant memory, bootp only
defines the file name on the server, while DHCP allows the client to
ask for a file by name. (They used to be different servers, but I
think most are now merged.)

BOOTP therefore needs the hardware address to work out what file to
send, while DHCP doesn't

Maybe some more research in the manuals with this in mind might show
an answer.

Or I could be completely wrong, it's been some years...


--
Alan Adams, from Northamptonshire
[email protected]
http://www.nckc.org.uk/

Alan Adams writes:
> They are different protocols. I think, from distant memory, bootp only
> defines the file name on the server, while DHCP allows the client to
> ask for a file by name. (They used to be different servers, but I
> think most are now merged.)

> BOOTP therefore needs the hardware address to work out what file to
> send, while DHCP doesn't

> Maybe some more research in the manuals with this in mind might show
> an answer.

Look at tftp?

--
John Hasler
[email protected]
Dancing Horse Hill
Elmwood, WI USA

On Fri, 11 Jan 2008, in the Usenet newsgroup comp.os.linux.setup, in article
<[email protected]>, Magnate wrote:

>"Moe Trin" <[email protected]> wrote

>> Well, I don't think the bootfile for a Sun SparcStation5 is going to
>> work very well on your NCD X terminal, never mind that Intel box.
>
>As I said, that's hardly the server's problem. It so happens that I
>only want to offer one bootfile from my bootp server (Debian installer
>for x86), so there is no need for the server to distinguish between
>clients - it simply has to offer them what it has.

On a diskless system, the boot mechanism is rather limited (it's
usually contained in the ROM on the NIC), and the system thus has
no idea what it's supposed to be when it boots. It's depending on
the boot server to set it "correctly". If you have but one system,
or even one class of system (example - all are dumb terminals for use
by students), then this may not be important (although when there are
multiple systems, knowing which is which is a help when one system
decides to trash the network - which one?). The client MAC address is
_usually_ readily accessible when the client is being built/assembled
so it shouldn't be a huge problem. [COMMENT: Where I work, "new"
systems are not allowed onto the network until registered, and part
of the registration process included that MAC address. Thus, someone
has to pop the covers, and read the address off the label on the NIC.]

>> Have you run through the DHCP mini-howto included in most Linux installs?
>
>I don't seem to have anything called DHCP mini-howto

OK, posting from the UK... try

* France
+ Paris ftp.ibp.fr/pub/linux/sunsite
* Germany
+ Dresden ftp.tu-dresden.de/Linux/sunsite/
+ G<F6>ttingen ftp.gwdg.de/pub/linux/mirrors/sunsite/
+ Karlsruhe ftp://ftp.rz.uni-karlsruhe.de/pub/sunsite/
* Netherlands
+ NLUUG ftp.nluug.nl/pub/metalab/
* Norway
+ Trondheim ftp.nvg.unit.no/pub/linux/sunsite/

Doesn't seem to be anything in the UK. Those are anonymous FTP servers
where you log in as "anonymous" with your email address as password.
Change to the directory listed, then cd further down to ./docs/HOWTO/
where you'd find the document. You may also want to look at

-rw-rw-r-- 1 gferg ldp 33678 Oct 20 2000 DHCP
-rw-rw-r-- 1 gferg ldp 33671 Feb 26 2002 Diskless-root-NFS-HOWTO
-rw-rw-r-- 1 gferg ldp 44462 Sep 14 2001 Diskless-root-NFS-other-HOWTO
-rw-rw-r-- 1 gferg ldp 7565 Dec 7 2001 NCD-HOWTO
-rw-rw-r-- 1 gferg ldp 20879 Apr 26 2001 NCD-X-Terminal

in the same directory. You should also be able to find those using any
search engine, or going to http://ibiblio.org/pub/linux/docs/HOWTO/ or
http://en.tldp.org/HOWTO/HOWTO-INDEX/howtos.html

>but I do have a dhcpd man page, and the way I read it, dhcpd will not
>offer boot files without MAC addresses.

I can sorta understand that - although I haven't had a diskless box on
our network in... I dunno, maybe 15 years.

Old guy

Magnate a écrit :
> Hi All,
>
> I'm trying to set up a BOOTP/tftpd server so that I can boot diskless
> machines on my LAN. I've read the dhcpd docs, and it seems that dhcpd
> requires the MAC address of every machine to which it will serve the files
> via tftp. The original bootpd (ie. via inetd, without dhcpd) also seems to
> require MAC addresses.
>
> Is there a way to set up a server without requiring the MAC addresses?
> Either using dhcpd, or bootpd, or something else altogether?
>
> If all else fails I can just spend a few hours painfully writing down all
> the MAC addresses and putting them into my dhcpd.conf, but I can't believe
> nobody's ever wanted to do it without before.

Try to boot your diskless machine via dhcp on your lan, then

grep -i dhpc /var/log/messages

on the server. You get the mac-addresses which have requested a lease.
copy and past...

something like this.

--
François Patte
Université Paris 5 - Paris